82 lines
2.7 KiB
YAML
82 lines
2.7 KiB
YAML
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 10
|
|
networks:
|
|
- internal
|
|
|
|
backend:
|
|
image: ${REGISTRY}/saas-imobiliaria-backend:${IMAGE_TAG:-latest}
|
|
restart: unless-stopped
|
|
environment:
|
|
DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
|
|
SECRET_KEY: ${SECRET_KEY}
|
|
JWT_SECRET_KEY: ${JWT_SECRET_KEY}
|
|
FLASK_ENV: production
|
|
FLASK_APP: app
|
|
CORS_ORIGINS: https://${DOMAIN}
|
|
IMAGE_TAG: ${IMAGE_TAG:-latest}
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
networks:
|
|
- internal
|
|
- traefik-public
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik-public"
|
|
# Router
|
|
- "traefik.http.routers.imob-api.rule=Host(`${DOMAIN}`) && PathPrefix(`/api`)"
|
|
- "traefik.http.routers.imob-api.entrypoints=websecure"
|
|
- "traefik.http.routers.imob-api.tls=true"
|
|
- "traefik.http.routers.imob-api.tls.certresolver=letsencrypt"
|
|
# Service
|
|
- "traefik.http.services.imob-api.loadbalancer.server.port=5000"
|
|
# Strip /api prefix before forwarding to Flask
|
|
- "traefik.http.middlewares.imob-api-strip.stripprefix.prefixes=/api"
|
|
- "traefik.http.routers.imob-api.middlewares=imob-api-strip"
|
|
|
|
frontend:
|
|
image: ${REGISTRY}/saas-imobiliaria-frontend:${IMAGE_TAG:-latest}
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- backend
|
|
networks:
|
|
- internal
|
|
- traefik-public
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik-public"
|
|
# Router
|
|
- "traefik.http.routers.imob-frontend.rule=Host(`${DOMAIN}`)"
|
|
- "traefik.http.routers.imob-frontend.entrypoints=websecure"
|
|
- "traefik.http.routers.imob-frontend.tls=true"
|
|
- "traefik.http.routers.imob-frontend.tls.certresolver=letsencrypt"
|
|
# Redirect HTTP → HTTPS
|
|
- "traefik.http.routers.imob-frontend-http.rule=Host(`${DOMAIN}`)"
|
|
- "traefik.http.routers.imob-frontend-http.entrypoints=web"
|
|
- "traefik.http.routers.imob-frontend-http.middlewares=redirect-to-https"
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true"
|
|
# Service
|
|
- "traefik.http.services.imob-frontend.loadbalancer.server.port=80"
|
|
|
|
networks:
|
|
internal:
|
|
driver: bridge
|
|
traefik-public:
|
|
external: true
|
|
|
|
volumes:
|
|
postgres_data:
|