Пример docker-compose.yml
services: djing2db: image: postgres:13.4-alpine user: postgres working_dir: /var/lib/postgresql secrets: - POSTGRES_PASSWORD volumes: - postgresql-data:/var/lib/postgresql/data - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro environment: - POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD - POSTGRES_DB - POSTGRES_USER - POSTGRES_HOST command: ["postgres", "-c", "shared_buffers=4GB", "-c", "wal_buffers=64MB"] networks: - backnet
pgbouncer: image: git.g-tell.uz/nerosketch/djing2-pgbouncer environment: - POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD - POSTGRES_DB - POSTGRES_USER - POSTGRES_HOST secrets: - POSTGRES_PASSWORD depends_on: - djing2db networks: - backnet
djing2redis: image: redis:alpine networks: - backnet
djing2rabbitmq: image: rabbitmq:3.11-alpine environment: - RABBITMQ_DEFAULT_USER=user - RABBITMQ_DEFAULT_PASS=passw networks: - backnet security_opt: - no-new-privileges:true
yvix_payment_gate: image: git.g-tell.uz/nerosketch/yvix_payment_gate depends_on: - djing2db networks: - backnet - frontnet secrets: - PAYMENT_SECRET - POSTGRES_PASSWORD - FIELD_ENCRYPTION_KEY environment: - DEBUG - ALLOWED_HOSTS - REDIS_HOST - REDIS_PORT - POSTGRES_DB - POSTGRES_USER - PG_DB_HOST - PG_DB_PORT env_file: - .env
yvix_radius_gw: image: git.g-tell.uz/nerosketch/yvix_radius_gw depends_on: - djing2db networks: - backnet secrets: - POSTGRES_PASSWORD - RADIUS_SECRET env_file: - .env_rad
yvix_radius_gw_task: image: git.g-tell.uz/nerosketch/yvix_radius_gw networks: - backnet secrets: - POSTGRES_PASSWORD - RADIUS_SECRET env_file: - .env_rad command: faststream run main_task:app --log-level info
djing2_app_wsgi: image: git.g-tell.uz/nerosketch/djing2_app:latest depends_on: - pgbouncer - djing2rabbitmq deploy: restart_policy: condition: on-failure delay: 15s max_attempts: 30 window: 120s secrets: - POSTGRES_PASSWORD - DJANGO_SECRET_KEY - VAPID_PUBLIC_KEY - VAPID_PRIVATE_KEY - FIELD_ENCRYPTION_KEY - API_AUTH_SECRET - RADIUS_SECRET - SORM_EXPORT_FTP_PASSWORD - FTP_SORM_JAN_PASSWORD environment: - POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD env_file: - .env volumes: - media-data:/var/www/djing2/media - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro networks: - backnet - frontnet
yvix-front: image: git.g-tell.uz/nerosketch/yvix-front:latest depends_on: - djing2_app_wsgi - ws ports: - 80:80 - 443:443 environment: - DOMAINS - EMAIL4LETSENCRYPT - RSA_KEY_SIZE - DEBUG - STAGING - ADMIN_DOMAIN - PA_DOMAIN - NGINX_ENVSUBST_TEMPLATE_DIR - LETSENCRYPT_ENABLE deploy: restart_policy: condition: on-failure delay: 5s max_attempts: 80 window: 30s restart: on-failure volumes: - media-data:/var/www/media:ro - nginx_logs:/var/log/nginx - nginx-cert:/etc/letsencrypt - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - ./nginx/adm-additional-locations:/etc/nginx/adm-additional-locations - ./nginx/additional_conf:/etc/nginx/additional_conf - ./nginx/custom_data:/var/www/custom_data networks: - backnet - frontnet - external_bridge
ws: image: git.g-tell.uz/nerosketch/yvix-ws:latest command: /yvix_ws --amqp 'amqp://user:passw@djing2rabbitmq' deploy: restart_policy: condition: on-failure delay: 15s max_attempts: 30 window: 120s networks: - backnet
djing2celery: image: git.g-tell.uz/nerosketch/djing2_app:latest command: celery -A yvix.celery_app worker --loglevel=WARNING -E --concurrency 1 depends_on: - pgbouncer - djing2rabbitmq secrets: - POSTGRES_PASSWORD - DJANGO_SECRET_KEY - VAPID_PUBLIC_KEY - VAPID_PRIVATE_KEY - FIELD_ENCRYPTION_KEY - API_AUTH_SECRET - RADIUS_SECRET - SORM_EXPORT_FTP_PASSWORD - FTP_SORM_JAN_PASSWORD environment: - POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD env_file: - .env volumes: - media-data:/var/www/djing2/media - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro networks: - backnet - frontnet
djing2celerybeat: image: git.g-tell.uz/nerosketch/djing2_app:latest command: celery -A yvix.celery_app beat --loglevel=WARNING -s /tmp/celerybeat-schedule depends_on: - djing2celery secrets: - POSTGRES_PASSWORD - DJANGO_SECRET_KEY - VAPID_PUBLIC_KEY - VAPID_PRIVATE_KEY - FIELD_ENCRYPTION_KEY - API_AUTH_SECRET - RADIUS_SECRET - SORM_EXPORT_FTP_PASSWORD - FTP_SORM_JAN_PASSWORD environment: - POSTGRES_PASSWORD_FILE=/run/secrets/POSTGRES_PASSWORD env_file: - .env tmpfs: - /tmp volumes: - media-data:/var/www/djing2/media - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro networks: - backnet
clickhouse: image: clickhouse/clickhouse-server:24.9.2.42 volumes: - ch-data:/var/lib/clickhouse networks: - backnet
ipfix-reader: image: git.g-tell.uz/nerosketch/ipfix-reader:latest depends_on: - clickhouse deploy: restart_policy: condition: on-failure delay: 4s max_attempts: 100 window: 5s ports: - "2055:2055/udp" volumes: - ./ipfix_reader.conf:/etc/ipfixproc.yml networks: - frontnet - backnet
volumes: postgresql-data: media-data: nginx_logs: nginx-cert: ch-data:
networks: frontnet: driver: bridge backnet: driver: bridge internal: true external_bridge: external: true
secrets: POSTGRES_PASSWORD: file: ./secrets/POSTGRES_PASSWORD DJANGO_SECRET_KEY: file: ./secrets/DJANGO_SECRET_KEY API_AUTH_SECRET: file: ./secrets/API_AUTH_SECRET FIELD_ENCRYPTION_KEY: file: ./secrets/FIELD_ENCRYPTION_KEY VAPID_PUBLIC_KEY: file: ./secrets/VAPID_PUBLIC_KEY VAPID_PRIVATE_KEY: file: ./secrets/VAPID_PRIVATE_KEY RADIUS_SECRET: file: ./secrets/RADIUS_SECRET SORM_EXPORT_FTP_PASSWORD: file: ./secrets/SORM_EXPORT_FTP_PASSWORD FTP_SORM_JAN_PASSWORD: file: ./secrets/FTP_SORM_JAN_PASSWORD PAYMENT_SECRET: file: ./secrets/PAYMENT_SECRET