188 lines
5.3 KiB
YAML
188 lines
5.3 KiB
YAML
networks:
|
|
storycove-network:
|
|
driver: bridge
|
|
|
|
services:
|
|
nginx:
|
|
image: nginx:alpine
|
|
ports:
|
|
- "6925:80"
|
|
volumes:
|
|
- images_data:/app/images:ro
|
|
configs:
|
|
- source: nginx_config
|
|
target: /etc/nginx/nginx.conf
|
|
depends_on:
|
|
- frontend
|
|
- backend
|
|
networks:
|
|
- storycove-network
|
|
|
|
frontend:
|
|
build: ./frontend
|
|
environment:
|
|
- NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-/api}
|
|
depends_on:
|
|
- backend
|
|
networks:
|
|
- storycove-network
|
|
|
|
backend:
|
|
build: ./backend
|
|
environment:
|
|
- SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/storycove
|
|
- SPRING_DATASOURCE_USERNAME=storycove
|
|
- SPRING_DATASOURCE_PASSWORD=${DB_PASSWORD}
|
|
- JWT_SECRET=${JWT_SECRET}
|
|
- OPENSEARCH_HOST=opensearch
|
|
- OPENSEARCH_PORT=9200
|
|
- OPENSEARCH_SCHEME=http
|
|
- OPENSEARCH_USERNAME=
|
|
- OPENSEARCH_PASSWORD=
|
|
- OPENSEARCH_SSL_VERIFICATION=false
|
|
- OPENSEARCH_TRUST_ALL_CERTS=true
|
|
- OPENSEARCH_CONNECTION_TIMEOUT=60000
|
|
- OPENSEARCH_SOCKET_TIMEOUT=120000
|
|
- OPENSEARCH_MAX_RETRIES=5
|
|
- OPENSEARCH_RETRY_ON_FAILURE=true
|
|
- SEARCH_ENGINE=${SEARCH_ENGINE:-opensearch}
|
|
- IMAGE_STORAGE_PATH=/app/images
|
|
- APP_PASSWORD=${APP_PASSWORD}
|
|
- STORYCOVE_CORS_ALLOWED_ORIGINS=${STORYCOVE_CORS_ALLOWED_ORIGINS:-http://localhost:3000,http://localhost:6925}
|
|
volumes:
|
|
- images_data:/app/images
|
|
- library_config:/app/config
|
|
depends_on:
|
|
postgres:
|
|
condition: service_started
|
|
opensearch:
|
|
condition: service_started
|
|
networks:
|
|
- storycove-network
|
|
|
|
postgres:
|
|
image: postgres:15-alpine
|
|
# No port mapping - only accessible within the Docker network
|
|
#ports:
|
|
# - "5432:5432"
|
|
environment:
|
|
- POSTGRES_DB=storycove
|
|
- POSTGRES_USER=storycove
|
|
- POSTGRES_PASSWORD=${DB_PASSWORD}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
networks:
|
|
- storycove-network
|
|
|
|
|
|
opensearch:
|
|
image: opensearchproject/opensearch:3.2.0
|
|
# No port mapping - only accessible within the Docker network
|
|
environment:
|
|
- cluster.name=storycove-opensearch
|
|
- node.name=opensearch-node
|
|
- discovery.type=single-node
|
|
- bootstrap.memory_lock=false
|
|
- "OPENSEARCH_JAVA_OPTS=-Xms128m -Xmx256m -XX:+UseSerialGC -Djava.security.policy=all.policy"
|
|
- "DISABLE_INSTALL_DEMO_CONFIG=true"
|
|
- "DISABLE_SECURITY_PLUGIN=true"
|
|
- "DISABLE_PERFORMANCE_ANALYZER_AGENT_CLI=true"
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
volumes:
|
|
- opensearch_data:/usr/share/opensearch/data
|
|
command: >
|
|
bash -c "
|
|
echo 'Starting OpenSearch with debug output...'
|
|
echo 'Java version:'
|
|
java -version
|
|
echo 'Memory info:'
|
|
free -h
|
|
echo 'Disk space:'
|
|
df -h
|
|
echo 'Starting OpenSearch...'
|
|
exec /usr/share/opensearch/opensearch-docker-entrypoint.sh opensearch
|
|
"
|
|
networks:
|
|
- storycove-network
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "curl -f http://localhost:9200 || exit 1"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 5
|
|
start_period: 60s
|
|
|
|
opensearch-dashboards:
|
|
image: opensearchproject/opensearch-dashboards:3.2.0
|
|
ports:
|
|
- "5601:5601" # Expose OpenSearch Dashboard
|
|
environment:
|
|
- OPENSEARCH_HOSTS=http://opensearch:9200
|
|
- "DISABLE_SECURITY_DASHBOARDS_PLUGIN=true"
|
|
depends_on:
|
|
- opensearch
|
|
networks:
|
|
- storycove-network
|
|
|
|
volumes:
|
|
postgres_data:
|
|
opensearch_data:
|
|
images_data:
|
|
library_config:
|
|
|
|
configs:
|
|
nginx_config:
|
|
content: |
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
http {
|
|
upstream frontend {
|
|
server frontend:3000;
|
|
}
|
|
upstream backend {
|
|
server backend:8080;
|
|
}
|
|
server {
|
|
listen 80;
|
|
client_max_body_size 256M;
|
|
location / {
|
|
proxy_pass http://frontend;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $$http_upgrade;
|
|
proxy_set_header Connection upgrade;
|
|
proxy_set_header Host $$host;
|
|
proxy_set_header X-Real-IP $$remote_addr;
|
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $$scheme;
|
|
proxy_cache_bypass $$http_upgrade;
|
|
}
|
|
location /api/ {
|
|
proxy_pass http://backend/api/;
|
|
proxy_set_header Host $$host;
|
|
proxy_set_header X-Real-IP $$remote_addr;
|
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $$scheme;
|
|
proxy_connect_timeout 60s;
|
|
proxy_send_timeout 60s;
|
|
proxy_read_timeout 60s;
|
|
}
|
|
location /images/ {
|
|
alias /app/images/;
|
|
expires 1y;
|
|
add_header Cache-Control public;
|
|
}
|
|
}
|
|
} |