-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.prod.yml
More file actions
149 lines (140 loc) · 3.91 KB
/
docker-compose.prod.yml
File metadata and controls
149 lines (140 loc) · 3.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
services:
postgres:
image: pgvector/pgvector:pg16
restart: unless-stopped
environment:
POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
POSTGRES_DB: ${POSTGRES_DB:-lfcie}
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres -d lfcie"]
interval: 5s
timeout: 5s
retries: 5
redis:
image: redis:7
restart: unless-stopped
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 3s
retries: 5
nginx:
image: nginx:1.27-alpine
restart: unless-stopped
depends_on:
- api
- web
ports:
- "80:80"
- "443:443"
volumes:
- ./ops/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./ops/nginx/app.conf:/etc/nginx/conf.d/app.conf:ro
- ./ops/nginx/certs:/etc/nginx/certs:ro
api:
image: lfcie-prod
restart: unless-stopped
build:
context: .
dockerfile: Dockerfile.prod
args:
APP_UID: ${APP_UID:-1000}
APP_GID: ${APP_GID:-1000}
env_file: .env
environment:
AI_PROVIDER: ${AI_PROVIDER:-openai}
DEBUG: ${DEBUG:-false}
REQUIRE_API_KEY: ${REQUIRE_API_KEY:-true}
RATE_LIMIT_BACKEND: ${RATE_LIMIT_BACKEND:-external}
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
volumes:
- storage_data:/app/storage
command: >
uvicorn apps.api.app.main:app --host 0.0.0.0 --port 8000 --workers ${UVICORN_WORKERS:-${WEB_CONCURRENCY:-2}}
web:
image: lfcie-web
restart: unless-stopped
build:
context: ./apps/web
target: prod
environment:
NEXT_PUBLIC_API_BASE_URL: ${NEXT_PUBLIC_API_BASE_URL:-https://localhost/api}
NEXT_PUBLIC_API_KEY: ${NEXT_PUBLIC_API_KEY:-}
depends_on:
- api
worker:
image: lfcie-prod
restart: unless-stopped
env_file: .env
environment:
AI_PROVIDER: ${AI_PROVIDER:-openai}
DEBUG: ${DEBUG:-false}
REQUIRE_API_KEY: ${REQUIRE_API_KEY:-true}
RATE_LIMIT_BACKEND: ${RATE_LIMIT_BACKEND:-external}
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
disable: true
volumes:
- storage_data:/app/storage
command: celery -A services.ingest.worker.celery_app worker --loglevel=info
migrate:
image: lfcie-prod
profiles:
- migrate
env_file: .env
depends_on:
postgres:
condition: service_healthy
command: alembic upgrade head
maintenance:
image: lfcie-prod
restart: unless-stopped
env_file: .env
environment:
RETENTION_ENABLED: ${RETENTION_ENABLED:-false}
RETENTION_INTERVAL_SECONDS: ${RETENTION_INTERVAL_SECONDS:-86400}
depends_on:
postgres:
condition: service_healthy
volumes:
- storage_data:/app/storage
command: >
/bin/sh -c "python -m packages.shared_db.maintenance --interval ${RETENTION_INTERVAL_SECONDS:-86400}"
backup:
image: postgres:16
restart: unless-stopped
profiles:
- backup
environment:
PGPASSWORD: ${POSTGRES_PASSWORD:-postgres}
POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_DB: ${POSTGRES_DB:-lfcie}
BACKUP_INTERVAL_SECONDS: ${BACKUP_INTERVAL_SECONDS:-86400}
BACKUP_RETENTION_DAYS: ${BACKUP_RETENTION_DAYS:-7}
depends_on:
postgres:
condition: service_healthy
volumes:
- backups_data:/backups
command: >
/bin/sh -c "while true; do
ts=$$(date +%Y%m%d_%H%M%S);
pg_dump -h postgres -U $${POSTGRES_USER} -Fc $${POSTGRES_DB} > /backups/lfcie_$${ts}.dump;
find /backups -type f -name 'lfcie_*.dump' -mtime +$${BACKUP_RETENTION_DAYS} -delete;
sleep $${BACKUP_INTERVAL_SECONDS};
done"
volumes:
postgres_data:
storage_data:
backups_data: