-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcompose.yml
94 lines (90 loc) · 3.81 KB
/
compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# a Compose file always starts with the version number.
# The version can be '3.9' but here we do not know
# what is the minimal required version: we just specify all versions '3'.
version: '3'
networks:
quid-db-network:
internal: true
outside-network:
internal: false
# Simple rule: a service is a container.
# A container usually runs a database, a backend server, a reverse-proxy...
# The following two "services" are the Quid container and its Postgres database.
services:
# The name of this service is "quid" (but it can be anything else).
quid:
container_name: quid # Good practice: container_name = service name.
image: quid
build:
context: . # Search the Dockerfile in the "." local directory.
args:
- uid=6606 # "uid" and "gid" to run Quid in non-root mode.
- gid=6606
depends_on:
db:
condition: service_healthy
user: "6606:6606" # "uid:gid" to run quid in non-root mode.
environment:
- QUID_KEY=9362e8246661bd2c05c3bf1c14b86ac8
- QUID_ADMIN_USR=admin
- QUID_ADMIN_PWD=myAdminPassword # Please change this password
- POSTGRES_USER=pguser # Must be the same POSTGRES_USER used by container "db".
- POSTGRES_PASSWORD=myDBpwd # Please change this password
- POSTGRES_DB=quid
- DB_HOST=db # "db" is the "container_name" of the Postgres container.
- ALLOWED_ORIGINS=http://localhost:8090/
command: -v -dev
# Quid listens on port 8090 by default.
# To connect from the machine (outside the compose),
# we bind 8090 to an available host port (here the same port number).
# The syntax is [host-port]:[port-in-the-container]
# This is different from the "expose" attribute of the Postgres container.
ports:
- 8090:8090
networks:
- quid-db-network # to access the database
- outside-network # to be accessed from outside the compose
# The Postgres service is named "db", its "container_name" is also "db".
db:
container_name: db
# Official Postgres image v14, based on Alpine (Alpine images are smaller).
# see: https://index.docker.io/_/postgres
# doc: https://github.com/docker-library/docs/blob/master/postgres/README.md
image: docker.io/postgres:14-alpine
# Quid waits for DB being ready using the following healthcheck
# see: https://github.com/peter-evans/docker-compose-healthcheck/issues/16#issuecomment-1073039761
healthcheck:
test:
[
"CMD-SHELL",
"pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"
]
interval: 2s
timeout: 1s
retries: 3
# Postgres listens on port 5432 by default.
# This port must be exposed to allow connection from another service (inside the same network).
# The exposed port is only exposed within the internal network (only accessible by Quid).
# The exposed port is not accessible from outside the host.
expose:
- 5432
environment:
# The following environment variables are used by:
# - the Postgres server,
# - the docker-entrypoint-initdb.d/init-user-db.sh
# - and the previous healthcheck.
# The docker-entrypoint-initdb.d/init-user-db.sh script
# is run on first launch only to create the user and the database.
# These variables should be duplicated for the Quid container.
- POSTGRES_USER=pguser
- POSTGRES_PASSWORD=myDBpwd
- POSTGRES_DB=quid
volumes:
# Script to create user, database, permission at first launch.
# doc: https://github.com/docker-library/docs/blob/master/postgres/README.md#initialization-scripts
- ./docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
networks:
# The database is not accessible from Internet
# and the database cannot access the web.
# (no analytics/telemetry, no exposed backdoor...)
- quid-db-network