networks: storycove-network: driver: bridge services: nginx: image: nginx:alpine ports: - "6925:80" volumes: - images_data:/app/images:ro configs: - source: nginx_config target: /etc/nginx/nginx.conf depends_on: - frontend - backend networks: - storycove-network frontend: build: ./frontend environment: - NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-/api} depends_on: - backend networks: - storycove-network backend: build: ./backend environment: - SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/storycove - SPRING_DATASOURCE_USERNAME=storycove - SPRING_DATASOURCE_PASSWORD=${DB_PASSWORD} - JWT_SECRET=${JWT_SECRET} - OPENSEARCH_HOST=opensearch - OPENSEARCH_PORT=9200 - OPENSEARCH_SCHEME=http - OPENSEARCH_USERNAME= - OPENSEARCH_PASSWORD= - OPENSEARCH_SSL_VERIFICATION=false - OPENSEARCH_TRUST_ALL_CERTS=true - OPENSEARCH_CONNECTION_TIMEOUT=60000 - OPENSEARCH_SOCKET_TIMEOUT=120000 - OPENSEARCH_MAX_RETRIES=5 - OPENSEARCH_RETRY_ON_FAILURE=true - SEARCH_ENGINE=${SEARCH_ENGINE:-opensearch} - IMAGE_STORAGE_PATH=/app/images - APP_PASSWORD=${APP_PASSWORD} - STORYCOVE_CORS_ALLOWED_ORIGINS=${STORYCOVE_CORS_ALLOWED_ORIGINS:-http://localhost:3000,http://localhost:6925} volumes: - images_data:/app/images - library_config:/app/config depends_on: postgres: condition: service_started opensearch: condition: service_started networks: - storycove-network postgres: image: postgres:15-alpine # No port mapping - only accessible within the Docker network #ports: # - "5432:5432" environment: - POSTGRES_DB=storycove - POSTGRES_USER=storycove - POSTGRES_PASSWORD=${DB_PASSWORD} volumes: - postgres_data:/var/lib/postgresql/data networks: - storycove-network opensearch: build: context: . dockerfile: opensearch.Dockerfile # No port mapping - only accessible within the Docker network environment: - cluster.name=storycove-opensearch - node.name=opensearch-node - discovery.type=single-node - bootstrap.memory_lock=false - "OPENSEARCH_JAVA_OPTS=-Xms256m -Xmx512m --add-opens=java.base/java.lang=ALL-UNNAMED -Dlucene.useVectorAPI=false -Dorg.apache.lucene.store.MMapDirectory.enableMemorySegments=false" - "DISABLE_INSTALL_DEMO_CONFIG=true" - "DISABLE_SECURITY_PLUGIN=true" - "DISABLE_PERFORMANCE_ANALYZER_AGENT_CLI=true" - "ES_TMPDIR=/tmp" - "_JAVA_OPTIONS=-Djdk.net.useExclusiveBind=false" deploy: resources: limits: memory: 1G reservations: memory: 512M ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 volumes: - opensearch_data:/usr/share/opensearch/data networks: - storycove-network restart: unless-stopped healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:9200 || exit 1"] interval: 30s timeout: 10s retries: 5 start_period: 60s opensearch-dashboards: image: opensearchproject/opensearch-dashboards:3.2.0 ports: - "5601:5601" # Expose OpenSearch Dashboard environment: - OPENSEARCH_HOSTS=http://opensearch:9200 - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=true" depends_on: - opensearch networks: - storycove-network volumes: postgres_data: opensearch_data: images_data: library_config: configs: nginx_config: content: | events { worker_connections 1024; } http { upstream frontend { server frontend:3000; } upstream backend { server backend:8080; } server { listen 80; client_max_body_size 256M; location / { proxy_pass http://frontend; proxy_http_version 1.1; proxy_set_header Upgrade $$http_upgrade; proxy_set_header Connection upgrade; proxy_set_header Host $$host; proxy_set_header X-Real-IP $$remote_addr; proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $$scheme; proxy_cache_bypass $$http_upgrade; } location /api/ { proxy_pass http://backend/api/; proxy_set_header Host $$host; proxy_set_header X-Real-IP $$remote_addr; proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $$scheme; proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } location /images/ { alias /app/images/; expires 1y; add_header Cache-Control public; } } }