2e5dcec05c
All checks were successful
CI/CD Pipeline / Backend - Build, Test & Push (push) Successful in 6m17s
CI/CD Pipeline / Frontend - Build, Test & Push (push) Successful in 14m45s
CI/CD Pipeline / Integration Tests (push) Has been skipped
CI/CD Pipeline / Deployment Summary (push) Successful in 2s
CI/CD Pipeline / Discord Notification (Failure) (push) Has been skipped
CI/CD Pipeline / Discord Notification (Success) (push) Successful in 2s
191 lines
6.1 KiB
YAML
191 lines
6.1 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
# PostgreSQL Database
|
|
xpeditis-db:
|
|
image: postgres:15-alpine
|
|
restart: unless-stopped
|
|
volumes:
|
|
- xpeditis_db_data:/var/lib/postgresql/data
|
|
environment:
|
|
POSTGRES_DB: xpeditis_preprod
|
|
POSTGRES_USER: xpeditis
|
|
POSTGRES_PASSWORD: 9Lc3M9qoPBeHLKHDXGUf1
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
networks:
|
|
- xpeditis_internal
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U xpeditis"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
|
|
# Redis Cache
|
|
xpeditis-redis:
|
|
image: redis:7-alpine
|
|
restart: unless-stopped
|
|
command: redis-server --requirepass hXiy5GMPswMtxMZujjS2O --appendonly yes
|
|
volumes:
|
|
- xpeditis_redis_data:/data
|
|
networks:
|
|
- xpeditis_internal
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "--raw", "incr", "ping"]
|
|
|
|
# MinIO S3 Storage
|
|
xpeditis-minio:
|
|
image: minio/minio:latest
|
|
restart: unless-stopped
|
|
command: server /data --console-address ":9001"
|
|
volumes:
|
|
- xpeditis_minio_data:/data
|
|
environment:
|
|
MINIO_ROOT_USER: minioadmin_preprod_CHANGE_ME
|
|
MINIO_ROOT_PASSWORD: RBJfD0QVXC5JDfAHCwdUW
|
|
networks:
|
|
- xpeditis_internal
|
|
- traefik_network
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# MinIO API
|
|
- "traefik.http.routers.xpeditis-minio-api.rule=Host(`s3.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-minio-api.entrypoints=websecure"
|
|
- "traefik.http.routers.xpeditis-minio-api.tls=true"
|
|
- "traefik.http.routers.xpeditis-minio-api.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.xpeditis-minio-api.loadbalancer.server.port=9000"
|
|
|
|
# MinIO Console
|
|
- "traefik.http.routers.xpeditis-minio-console.rule=Host(`minio.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-minio-console.entrypoints=websecure"
|
|
- "traefik.http.routers.xpeditis-minio-console.tls=true"
|
|
- "traefik.http.routers.xpeditis-minio-console.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.xpeditis-minio-console.loadbalancer.server.port=9001"
|
|
|
|
# HTTP → HTTPS
|
|
- "traefik.http.routers.xpeditis-minio-http.rule=Host(`s3.preprod.xpeditis.com`) || Host(`minio.preprod.xpeditis.com`)"
|
|
- "traefik.http.middlewares.xpeditis-redirect.redirectscheme.scheme=https"
|
|
|
|
- "traefik.docker.network=traefik_network"
|
|
|
|
# Backend API (NestJS)
|
|
xpeditis-backend:
|
|
image: rg.fr-par.scw.cloud/weworkstudio/xpeditis-backend:preprod
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- xpeditis-db
|
|
- xpeditis-redis
|
|
environment:
|
|
NODE_ENV: preprod
|
|
PORT: "4000"
|
|
API_PREFIX: api/v1
|
|
|
|
# Database
|
|
DATABASE_HOST: xpeditis-db
|
|
DATABASE_PORT: "5432"
|
|
DATABASE_USER: xpeditis
|
|
DATABASE_PASSWORD: 9Lc3M9qoPBeHLKHDXGUf1
|
|
DATABASE_NAME: xpeditis_preprod
|
|
DATABASE_SYNC: "false"
|
|
DATABASE_LOGGING: "false"
|
|
|
|
# Redis
|
|
REDIS_HOST: xpeditis-redis
|
|
REDIS_PORT: "6379"
|
|
REDIS_PASSWORD: hXiy5GMPswMtxMZujjS2O
|
|
REDIS_DB: "0"
|
|
|
|
# JWT
|
|
JWT_SECRET: 4C4tQC8qym/evv4zI5DaUE1yy3kilEnm6lApOGD0GgNBLA0BLm2tVyUr1Lr0mTnV
|
|
JWT_ACCESS_EXPIRATION: 15m
|
|
JWT_REFRESH_EXPIRATION: 7d
|
|
|
|
# S3/MinIO
|
|
AWS_S3_ENDPOINT: http://xpeditis-minio:9000
|
|
AWS_REGION: us-east-1
|
|
AWS_ACCESS_KEY_ID: minioadmin_preprod_CHANGE_ME
|
|
AWS_SECRET_ACCESS_KEY: RBJfD0QVXC5JDfAHCwdUW
|
|
AWS_S3_BUCKET: xpeditis-csv-rates
|
|
|
|
# CORS
|
|
CORS_ORIGIN: https://app.preprod.xpeditis.com,https://www.preprod.xpeditis.com,https://api.preprod.xpeditis.com
|
|
|
|
# App URLs
|
|
APP_URL: https://app.preprod.xpeditis.com
|
|
FRONTEND_URL: https://app.preprod.xpeditis.com
|
|
API_URL: https://api.preprod.xpeditis.com
|
|
|
|
# Security
|
|
BCRYPT_ROUNDS: "10"
|
|
SESSION_TIMEOUT_MS: "7200000"
|
|
|
|
# Rate Limiting
|
|
RATE_LIMIT_TTL: "60"
|
|
RATE_LIMIT_MAX: "100"
|
|
|
|
networks:
|
|
- xpeditis_internal
|
|
- traefik_network
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.http.routers.xpeditis-api.rule=Host(`api.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-api.entrypoints=websecure"
|
|
- "traefik.http.routers.xpeditis-api.tls=true"
|
|
- "traefik.http.routers.xpeditis-api.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.xpeditis-api.loadbalancer.server.port=4000"
|
|
- "traefik.http.routers.xpeditis-api.middlewares=xpeditis-api-headers"
|
|
|
|
# HTTP → HTTPS
|
|
- "traefik.http.routers.xpeditis-api-http.rule=Host(`api.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-api-http.entrypoints=web"
|
|
- "traefik.http.routers.xpeditis-api-http.middlewares=xpeditis-redirect"
|
|
- "traefik.http.routers.xpeditis-api-http.service=xpeditis-api"
|
|
|
|
- "traefik.docker.network=traefik_network"
|
|
|
|
# Frontend (Next.js)
|
|
xpeditis-frontend:
|
|
image: rg.fr-par.scw.cloud/weworkstudio/xpeditis-frontend:preprod
|
|
restart: unless-stopped
|
|
environment:
|
|
NODE_ENV: preprod
|
|
NEXT_PUBLIC_API_URL: https://api.preprod.xpeditis.com
|
|
NEXT_PUBLIC_WS_URL: wss://api.preprod.xpeditis.com
|
|
networks:
|
|
- traefik_network
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.http.routers.xpeditis-app.rule=Host(`app.preprod.xpeditis.com`) || Host(`www.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-app.entrypoints=websecure"
|
|
- "traefik.http.routers.xpeditis-app.tls=true"
|
|
- "traefik.http.routers.xpeditis-app.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.xpeditis-app.loadbalancer.server.port=3000"
|
|
|
|
# HTTP → HTTPS
|
|
- "traefik.http.routers.xpeditis-app-http.rule=Host(`app.preprod.xpeditis.com`) || Host(`www.preprod.xpeditis.com`)"
|
|
- "traefik.http.routers.xpeditis-app-http.entrypoints=web"
|
|
- "traefik.http.routers.xpeditis-app-http.middlewares=xpeditis-redirect"
|
|
- "traefik.http.routers.xpeditis-app-http.service=xpeditis-app"
|
|
|
|
- "traefik.docker.network=traefik_network"
|
|
|
|
volumes:
|
|
xpeditis_db_data:
|
|
xpeditis_redis_data:
|
|
xpeditis_minio_data:
|
|
|
|
networks:
|
|
traefik_network:
|
|
external: true
|
|
xpeditis_internal:
|
|
driver: overlay
|
|
internal: true
|