362 lines
16 KiB
YAML
362 lines
16 KiB
YAML
---
|
|
services:
|
|
postgres-auto-upgrade:
|
|
profiles:
|
|
- postgres-upgrade # 🟢 This isolates the service
|
|
image: alpine:3.19
|
|
container_name: postgres_auto_upgrade
|
|
working_dir: /opt/phx
|
|
volumes:
|
|
- .:/opt/phx:rw
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
entrypoint: >
|
|
sh -c "
|
|
apk add --no-cache bash coreutils grep sed findutils curl docker-cli dos2unix &&
|
|
mkdir -p ~/.docker/cli-plugins &&
|
|
curl -SL https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose &&
|
|
chmod +x ~/.docker/cli-plugins/docker-compose &&
|
|
chmod +x ./postgres_upgrade.sh &&
|
|
./postgres_upgrade.sh"
|
|
restart: 'no'
|
|
depends_on: []
|
|
network_mode: bridge
|
|
postgres-auto-rollback:
|
|
profiles:
|
|
- postgres-rollback # 🟢 This isolates the service
|
|
image: alpine:3.19
|
|
container_name: postgres_rollback
|
|
working_dir: /opt/phx
|
|
volumes:
|
|
- .:/opt/phx:rw
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
entrypoint: >
|
|
sh -c "
|
|
apk add --no-cache bash coreutils grep sed findutils curl docker-cli dos2unix &&
|
|
mkdir -p ~/.docker/cli-plugins &&
|
|
curl -SL https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose &&
|
|
chmod +x ~/.docker/cli-plugins/docker-compose &&
|
|
chmod +x ./rollback_postgres_upgrade.sh &&
|
|
./rollback_postgres_upgrade.sh"
|
|
restart: 'no'
|
|
depends_on: []
|
|
network_mode: bridge
|
|
postgres:
|
|
restart: always
|
|
image: "postgres:17.5-alpine"
|
|
container_name: phoenixDB # Hostname
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phx-postgres,env=prod"
|
|
networks:
|
|
- backend
|
|
environment:
|
|
DEBUG: true
|
|
POSTGRES_DB: ${DB_NAME}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- "./database:/var/lib/postgresql/data"
|
|
# deploy:
|
|
# restart_policy: # Define how the service should restart when it fails
|
|
# condition: on-failure # Only restart if the container exits with a non-zero code
|
|
# delay: 5s # Wait 5 seconds before attempting to restart
|
|
# max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
# window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
# resources: # Resource allocation and limits for the container
|
|
# limits: # Maximum resources the container can use
|
|
# cpus: "0.75" # Maximum CPU cores (75% of one core)
|
|
# memory: 768M # Maximum memory usage (768 megabytes)
|
|
# reservations: # Guaranteed minimum resources for the container
|
|
# cpus: "0.25" # Reserved CPU cores (25% of one core)
|
|
# memory: 256M # Reserved memory (256 megabytes)
|
|
healthcheck:
|
|
test: [ "CMD-SHELL", "pg_isready -U postgres" ]
|
|
interval: 5s # Time between each health check
|
|
timeout: 2s # Number of failures before marking as unhealthy
|
|
retries: 5 # Grace period before health checks start
|
|
pgadmin:
|
|
restart: always
|
|
image: dpage/pgadmin4:9.6.0
|
|
container_name: pgadmin4-ui
|
|
user: "5050:5050"
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phx-pgadmin,env=prod"
|
|
networks:
|
|
- backend
|
|
- frontend
|
|
environment:
|
|
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL}
|
|
PGADMIN_DEFAULT_PASSWORD: ${SUPER_ADMIN_USER_PASSWORD}
|
|
PGADMIN_CONFIG_SERVER_MODE: 'True'
|
|
PGADMIN_CONFIG_WSGI_SCRIPT_NAME: "'/pgadmin4'"
|
|
PGADMIN_CONFIG_PROXY_X_PROTO_COUNT: 1
|
|
PGADMIN_SERVER_JSON_FILE: '/var/lib/pgadmin/servers.json'
|
|
PGADMIN_REPLACE_SERVERS_ON_STARTUP: 'True'
|
|
PGADMIN_CONFIG_DATA_DIR: "'/var/lib/pgadmin'"
|
|
PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False'
|
|
|
|
# pgpass dynamic vars
|
|
PGPASSFILE: /var/lib/pgadmin/pgpass
|
|
PGPASS_HOST: ${DB_HOST}
|
|
PGPASS_PORT: ${DB_PORT}
|
|
PGPASS_DB: ${DB_NAME}
|
|
PGPASS_USER: ${DB_USERNAME}
|
|
PGPASS_PASSWORD: ${POSTGRES_PASSWORD}
|
|
|
|
# Other config
|
|
ALLOW_SAVE_PASSWORD: 'False'
|
|
MFA_ENABLED: 'True'
|
|
MFA_FORCE_REGISTRATION: 'False'
|
|
MFA_SUPPORTED_METHODS: 'email'
|
|
MFA_EMAIL_SUBJECT: 'Your MFA code by PHX-ERP'
|
|
MAX_LOGIN_ATTEMPTS: 5
|
|
ENHANCED_COOKIE_PROTECTION: 'True'
|
|
SHOW_GRAVATAR_IMAGE: 'True'
|
|
SECURITY_EMAIL_SENDER: ${SECURITY_EMAIL_SENDER}
|
|
MAIL_SERVER: ${MAIL_SERVER}
|
|
MAIL_PORT: ${MAIL_PORT}
|
|
MAIL_USE_SSL: 'False'
|
|
MAIL_USE_TLS: 'False'
|
|
MAIL_USERNAME: ${MAIL_USERNAME}
|
|
MAIL_PASSWORD: ${MAIL_PASSWORD}
|
|
MAIL_DEBUG: 'False'
|
|
volumes:
|
|
- ./pgadmin/data:/var/lib/pgadmin
|
|
- ./pgadmin/pgadmin-entrypoint.sh:/docker-entrypoint.sh:ro
|
|
mem_limit: 512M
|
|
memswap_limit: 512M
|
|
deploy:
|
|
restart_policy: # Define how the service should restart when it fails
|
|
condition: on-failure # Only restart if the container exits with a non-zero code
|
|
delay: 5s # Wait 5 seconds before attempting to restart
|
|
max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
resources: # Resource allocation and limits for the container
|
|
limits: # Maximum resources the container can use
|
|
cpus: "1.0" # Maximum CPU cores (100% of one core)
|
|
memory: 512M # Maximum memory usage (512 megabytes)
|
|
reservations: # Guaranteed minimum resources for the container
|
|
cpus: "0.15" # Reserved CPU cores (15% of one core)
|
|
memory: 250M # Reserved memory (250 megabytes)
|
|
entrypoint: ["/bin/sh", "/docker-entrypoint.sh"]
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-O", "-", "http://localhost:80/misc/ping"]
|
|
interval: 15s
|
|
timeout: 10s
|
|
retries: 5
|
|
start_period: 120s
|
|
phoenix-app:
|
|
restart: always
|
|
image: "phxerp/phoenix-app:alpha"
|
|
container_name: phoenix-app
|
|
ports:
|
|
- '80:80'
|
|
- '443:443'
|
|
- '3000:3000'
|
|
- '4200:4200'
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phx-app,env=prod,project=phoenix"
|
|
volumes:
|
|
- ./app_custom:/usr/share/nginx/html/assets/custom
|
|
# - ./nginx/nginx.conf:/etc/nginx/nginx.conf # Uncomment this if you want to use override the default nginx.conf
|
|
# - ./nginx/includes:/etc/nginx/includes:ro # Uncomment this if you want to use override the default includes
|
|
networks:
|
|
- backend
|
|
- frontend
|
|
# deploy:
|
|
# restart_policy: # Define how the service should restart when it fails
|
|
# condition: on-failure # Only restart if the container exits with a non-zero code
|
|
# delay: 5s # Wait 5 seconds before attempting to restart
|
|
# max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
# window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
# resources: # Resource allocation and limits for the container
|
|
# limits: # Maximum resources the container can use
|
|
# cpus: "0.35" # Maximum CPU cores (35% of one core)
|
|
# memory: 384M # Maximum memory usage (384 megabytes)
|
|
# reservations: # Guaranteed minimum resources for the container
|
|
# cpus: "0.10" # Reserved CPU cores (10% of one core)
|
|
# memory: 128M # Reserved memory (128 megabytes)
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--spider", "-q", "http://phoenix-app/login"] # localhost checks that the NGINX server inside the container is serving something at the root
|
|
interval: 10s # check every 10 seconds
|
|
timeout: 5s # allow 5 seconds per check
|
|
retries: 5 # mark as unhealthy after 5 failures
|
|
start_period: 15s # wait 15 seconds after container start before checking
|
|
phoenix-system:
|
|
restart: always
|
|
image: "phxerp/phoenix-system:alpha"
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phoenix-system,env=prod"
|
|
environment:
|
|
- "DB_HOST=${DB_HOST}"
|
|
- "DB_NAME=${DB_NAME}"
|
|
- "DB_PASSWORD=${POSTGRES_PASSWORD}"
|
|
- "DB_USERNAME=${DB_USERNAME}"
|
|
- "SUPER_ADMIN_USER_PASSWORD=${SUPER_ADMIN_USER_PASSWORD}"
|
|
- "REDIS_PASSWORD=${REDIS_PASSWORD}"
|
|
- NODE_ENV=${NODE_ENV}
|
|
- PHX_HOST_NAME=${PHX_HOST_NAME}
|
|
- PERFORMANCE_STRUCTURED_LOGGING=${PERFORMANCE_STRUCTURED_LOGGING}
|
|
- PERFORMANCE_WARNING_THRESHOLD=${PERFORMANCE_WARNING_THRESHOLD}
|
|
- PERFORMANCE_DETAILED_MEMORY=${PERFORMANCE_DETAILED_MEMORY}
|
|
command: ["npm", "run", "start:server"]
|
|
deploy:
|
|
replicas: ${PHOENIX_SYSTEM_REPLICAS} #change here if u want to have more replicas. Cant find a way to set via variable right now
|
|
# restart_policy: # Define how the service should restart when it fails
|
|
# condition: on-failure # Only restart if the container exits with a non-zero code
|
|
# delay: 5s # Wait 5 seconds before attempting to restart
|
|
# max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
# window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
# resources: # Resource allocation and limits for the container
|
|
# limits: # Maximum resources the container can use
|
|
# cpus: "1.50" # Maximum CPU cores (150% of one core)
|
|
# memory: 1600M # Maximum memory usage (1600 megabytes)
|
|
# reservations: # Guaranteed minimum resources for the container
|
|
# cpus: "0.50" # Reserved CPU cores (50% of one core)
|
|
# memory: 768M # Reserved memory (768 megabytes)
|
|
networks:
|
|
backend:
|
|
aliases:
|
|
- phoenix-system
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "curl -s http://phoenix-system:3000/health | grep -q '\"admin-api\":{\"status\":\"up\"}' && curl -s http://phoenix-system:3000/health | grep -q '\"database\":{\"status\":\"up\"}'"] # Checks both admin-api and database status
|
|
interval: 10s # Time between each health check
|
|
timeout: 10s # Max time to wait for each check
|
|
retries: 20 # Number of failures before marking as unhealthy
|
|
start_period: 60s # Grace period before health checks start
|
|
volumes:
|
|
- "./assets:/usr/src/app/packages/dev-server/assets"
|
|
|
|
# - "./logs:/usr/src/app/packages/dev-server/logs"
|
|
phoenix-worker:
|
|
restart: always
|
|
image: "phxerp/phoenix-system:alpha"
|
|
container_name: "phoenix-worker"
|
|
ports:
|
|
- "3001:3001" # Restrict to only allow access from Grafana Server IP
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phx-worker,env=prod"
|
|
networks:
|
|
- backend
|
|
environment:
|
|
- "DB_HOST=${DB_HOST}"
|
|
- "DB_NAME=${DB_NAME}"
|
|
- "DB_PASSWORD=${POSTGRES_PASSWORD}"
|
|
- "DB_USERNAME=${DB_USERNAME}"
|
|
- "SUPER_ADMIN_USER_PASSWORD=${SUPER_ADMIN_USER_PASSWORD}"
|
|
- REDIS_PASSWORD=${REDIS_PASSWORD}
|
|
- NODE_ENV=${NODE_ENV}
|
|
- PHX_HOST_NAME=${PHX_HOST_NAME}
|
|
- PERFORMANCE_STRUCTURED_LOGGING=${PERFORMANCE_STRUCTURED_LOGGING}
|
|
- PERFORMANCE_WARNING_THRESHOLD=${PERFORMANCE_WARNING_THRESHOLD}
|
|
- PERFORMANCE_DETAILED_MEMORY=${PERFORMANCE_DETAILED_MEMORY}
|
|
command: ['npm', 'run', 'start:worker']
|
|
# deploy:
|
|
# restart_policy: # Define how the service should restart when it fails
|
|
# condition: on-failure # Only restart if the container exits with a non-zero code
|
|
# delay: 5s # Wait 5 seconds before attempting to restart
|
|
# max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
# window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
# resources: # Resource allocation and limits for the container
|
|
# limits: # Maximum resources the container can use
|
|
# cpus: '2.0' # Maximum CPU cores (200% of one core)
|
|
# memory: 2G # Maximum memory usage (2 gigabytes)
|
|
# reservations: # Guaranteed minimum resources for the container
|
|
# cpus: '0.5' # Reserved CPU cores (50% of one core)
|
|
# memory: 512M # Reserved memory (512 megabytes)
|
|
depends_on:
|
|
phoenix-system:
|
|
condition: service_healthy
|
|
postgres:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: [ "CMD-SHELL", "curl -s http://phoenix-worker:3001/health | grep -q '\"status\":\"ok\"'" ] # Check if worker responds with status ok
|
|
interval: 10s # Time between each health check
|
|
timeout: 6s # Max time to wait for each check
|
|
retries: 20 # Grace period before health checks start
|
|
start_period: 30s # Grace period before health checks start
|
|
volumes:
|
|
- "./assets:/usr/src/app/packages/dev-server/assets"
|
|
|
|
# - "./logs:/usr/src/app/packages/dev-server/logs"
|
|
phoenix-redis:
|
|
image: 'bitnami/redis:latest'
|
|
container_name: redis
|
|
command: /opt/bitnami/scripts/redis/run.sh # Not good, but as agreed. At some point i can start using this: --maxmemory + add eviction policy
|
|
user: root
|
|
# logging:
|
|
# driver: loki
|
|
# options:
|
|
# loki-url: "${LOKI_URL}"
|
|
# loki-retries: "${LOKI_RETRIES}"
|
|
# loki-batch-size: "${LOKI_BATCH_SIZE}"
|
|
# loki-external-labels: "service=phx-redis,env=prod"
|
|
networks:
|
|
- backend
|
|
restart: always
|
|
environment:
|
|
ALLOW_EMPTY_PASSWORD: "no"
|
|
REDIS_PASSWORD: ${REDIS_PASSWORD}
|
|
# deploy:
|
|
# restart_policy: # Define how the service should restart when it fails
|
|
# condition: on-failure # Only restart if the container exits with a non-zero code
|
|
# delay: 5s # Wait 5 seconds before attempting to restart
|
|
# max_attempts: 5 # Maximum number of restart attempts before giving up
|
|
# window: 120s # Time window to evaluate restart attempts (resets counter after this period)
|
|
# resources: # Resource allocation and limits for the container
|
|
# limits: # Maximum resources the container can use
|
|
# cpus: "0.25" # Maximum CPU cores (25% of one core)
|
|
# memory: 100M # Maximum memory usage (100 megabytes)
|
|
# reservations: # Guaranteed minimum resources for the container
|
|
# cpus: "0.05" # Reserved CPU cores (5% of one core)
|
|
# memory: 32M # Reserved memory (32 megabytes)
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
volumes:
|
|
- "./redis/data:/bitnami/redis/data"
|
|
|
|
networks:
|
|
backend:
|
|
driver: bridge
|
|
external: false
|
|
ipam:
|
|
config:
|
|
- subnet: 172.19.0.0/16
|
|
|
|
frontend:
|
|
driver: bridge
|
|
external: false
|
|
ipam:
|
|
config:
|
|
- subnet: 172.20.0.0/16
|