vicwalker.dev.br / tranquil-pds
forked from tranquil.farm/tranquil-pds
Our Personal Data Server from scratch!
fork atom
tranquil-pds / docker-compose.prod.yaml
at main 186 lines 5.1 kB view raw
lewis.moe feat: docs tweaks & standalone frontend
158628f1
1services: 2 tranquil-pds: 3 build: 4 context: . 5 dockerfile: Dockerfile 6 image: tranquil-pds:latest 7 restart: unless-stopped 8 environment: 9 SERVER_HOST: "0.0.0.0" 10 SERVER_PORT: "3000" 11 PDS_HOSTNAME: "${PDS_HOSTNAME:?PDS_HOSTNAME is required}" 12 DATABASE_URL: "postgres://tranquil_pds:${DB_PASSWORD:?DB_PASSWORD is required}@db:5432/pds" 13 S3_ENDPOINT: "http://minio:9000" 14 AWS_REGION: "us-east-1" 15 S3_BUCKET: "pds-blobs" 16 AWS_ACCESS_KEY_ID: "${MINIO_ROOT_USER:-minioadmin}" 17 AWS_SECRET_ACCESS_KEY: "${MINIO_ROOT_PASSWORD:?MINIO_ROOT_PASSWORD is required}" 18 VALKEY_URL: "redis://valkey:6379" 19 JWT_SECRET: "${JWT_SECRET:?JWT_SECRET is required (min 32 chars)}" 20 DPOP_SECRET: "${DPOP_SECRET:?DPOP_SECRET is required (min 32 chars)}" 21 MASTER_KEY: "${MASTER_KEY:?MASTER_KEY is required (min 32 chars)}" 22 CRAWLERS: "${CRAWLERS:-https://bsky.network}" 23 depends_on: 24 db: 25 condition: service_healthy 26 minio: 27 condition: service_healthy 28 valkey: 29 condition: service_healthy 30 healthcheck: 31 test: ["CMD", "wget", "-q", "--spider", "http://localhost:3000/xrpc/_health"] 32 interval: 30s 33 timeout: 10s 34 retries: 3 35 start_period: 10s 36 deploy: 37 resources: 38 limits: 39 memory: 1G 40 reservations: 41 memory: 256M 42 43 frontend: 44 build: 45 context: ./frontend 46 dockerfile: Dockerfile 47 image: tranquil-pds-frontend:latest 48 restart: unless-stopped 49 healthcheck: 50 test: ["CMD", "wget", "-q", "--spider", "http://localhost:80/"] 51 interval: 30s 52 timeout: 10s 53 retries: 3 54 start_period: 5s 55 deploy: 56 resources: 57 limits: 58 memory: 128M 59 reservations: 60 memory: 32M 61 62 db: 63 image: postgres:18-alpine 64 restart: unless-stopped 65 environment: 66 POSTGRES_USER: tranquil_pds 67 POSTGRES_PASSWORD: "${DB_PASSWORD:?DB_PASSWORD is required}" 68 POSTGRES_DB: pds 69 volumes: 70 - postgres_data:/var/lib/postgresql/data 71 healthcheck: 72 test: ["CMD-SHELL", "pg_isready -U tranquil_pds -d pds"] 73 interval: 10s 74 timeout: 5s 75 retries: 5 76 start_period: 10s 77 deploy: 78 resources: 79 limits: 80 memory: 512M 81 reservations: 82 memory: 128M 83 84 minio: 85 image: cgr.dev/chainguard/minio:latest 86 restart: unless-stopped 87 command: server /data --console-address ":9001" 88 environment: 89 MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}" 90 MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:?MINIO_ROOT_PASSWORD is required}" 91 volumes: 92 - minio_data:/data 93 deploy: 94 resources: 95 limits: 96 memory: 512M 97 reservations: 98 memory: 128M 99 100 minio-init: 101 image: cgr.dev/chainguard/minio-client:latest-dev 102 depends_on: 103 - minio 104 entrypoint: > 105 /bin/sh -c " 106 for i in 1 2 3 4 5 6 7 8 9 10; do 107 mc alias set local http://minio:9000 $${MINIO_ROOT_USER} $${MINIO_ROOT_PASSWORD} && break; 108 echo 'Waiting for minio...'; sleep 2; 109 done; 110 mc mb --ignore-existing local/pds-blobs; 111 mc mb --ignore-existing local/pds-backups; 112 mc anonymous set none local/pds-blobs; 113 exit 0; 114 " 115 environment: 116 MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}" 117 MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:?MINIO_ROOT_PASSWORD is required}" 118 119 valkey: 120 image: valkey/valkey:9-alpine 121 restart: unless-stopped 122 command: valkey-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru 123 volumes: 124 - valkey_data:/data 125 healthcheck: 126 test: ["CMD", "valkey-cli", "ping"] 127 interval: 10s 128 timeout: 5s 129 retries: 3 130 start_period: 5s 131 deploy: 132 resources: 133 limits: 134 memory: 300M 135 reservations: 136 memory: 64M 137 138 nginx: 139 image: nginx:1.29-alpine 140 restart: unless-stopped 141 ports: 142 - "80:80" 143 - "443:443" 144 volumes: 145 - ./nginx.frontend.conf:/etc/nginx/nginx.conf:ro 146 - ./certs:/etc/nginx/certs:ro 147 - acme_challenge:/var/www/acme:ro 148 depends_on: 149 - tranquil-pds 150 - frontend 151 healthcheck: 152 test: ["CMD", "nginx", "-t"] 153 interval: 30s 154 timeout: 10s 155 retries: 3 156 157 certbot: 158 image: certbot/certbot:v5.2.2 159 volumes: 160 - ./certs:/etc/letsencrypt 161 - acme_challenge:/var/www/acme 162 entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew --webroot -w /var/www/acme; sleep 12h & wait $${!}; done'" 163 164 prometheus: 165 image: prom/prometheus:v3.8.0 166 restart: unless-stopped 167 ports: 168 - "127.0.0.1:9090:9090" 169 volumes: 170 - ./observability/prometheus.yaml:/etc/prometheus/prometheus.yaml:ro 171 - prometheus_data:/prometheus 172 command: 173 - '--config.file=/etc/prometheus/prometheus.yaml' 174 - '--storage.tsdb.path=/prometheus' 175 - '--storage.tsdb.retention.time=30d' 176 deploy: 177 resources: 178 limits: 179 memory: 256M 180 181volumes: 182 postgres_data: 183 minio_data: 184 valkey_data: 185 prometheus_data: 186 acme_challenge: