version: "3.6" services: nginx: image: mathwave/sprint-repo:sprint-infra-nginx-prod networks: - common-infra-nginx - configurator environment: MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD ports: - published: 80 target: 80 mode: host - published: 443 target: 443 mode: host deploy: mode: replicated replicas: 1 restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 # order: start-first authelia: image: mathwave/sprint-repo:authelia networks: - common-infra-nginx environment: AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY AUTHELIA_STORAGE_POSTGRES_HOST: "postgres" AUTHELIA_STORAGE_POSTGRES_PORT: "5432" AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" volumes: - /sprint-data/authelia/config:/config - /sprint-data/authelia/data:/var/lib/authelia deploy: mode: replicated replicas: 1 restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 grafana: image: grafana/grafana networks: - common-infra-nginx - clickhouse volumes: - /sprint-data/grafana:/var/lib/grafana environment: GF_SERVER_ROOT_URL: https://grafana.chocomarsh.com GF_CORS_ENABLED: "false" GF_AUTH_DISABLE_LOGIN_FORM: "false" GF_CORS_ALLOW_ORIGINS: "*" GF_SECURITY_CONTENT_SECURITY_POLICY: "false" deploy: mode: replicated replicas: 1 restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 clickhouse: image: clickhouse networks: - clickhouse volumes: - /sprint-data/clickhouse:/var/lib/clickhouse environment: CLICKHOUSE_PASSWORD: $CLICKHOUSE_PASSWORD_PROD deploy: mode: replicated replicas: 1 restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 resources: limits: memory: 2048M cpus: '2.0' reservations: memory: 1024M cpus: '1.0' postgres: image: postgres:14-alpine3.19 volumes: - /sprint-data/postgres-data:/var/lib/postgresql/data environment: POSTGRES_PASSWORD: $DB_PASSWORD_PROD healthcheck: test: pg_isready || pg_resetwal /var/lib/postgresql/data interval: 60s retries: 5 start_period: 20s timeout: 10s ports: - published: 5432 target: 5432 mode: host deploy: mode: replicated restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 order: start-first resources: limits: cpus: '1.0' reservations: cpus: '0.50' mongo: image: mongo:6.0.2 volumes: - /sprint-data/mongo:/data/db environment: MONGO_INITDB_ROOT_USERNAME: mongo MONGO_INITDB_ROOT_PASSWORD: $MONGO_PASSWORD_PROD ports: - published: 27017 target: 27017 mode: host deploy: mode: replicated restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 order: start-first redis: image: redis:alpine3.16 volumes: - /sprint-data/redis:/data ports: - published: 6379 target: 6379 mode: host command: redis-server --requirepass $REDIS_PASSWORD_PROD deploy: mode: replicated restart_policy: condition: any placement: constraints: [node.labels.stage == production] update_config: parallelism: 1 order: start-first minio: image: bitnami/minio:2022.10.8 volumes: - minio_data:/data environment: MINIO_ROOT_USER: minioadmin MINIO_ROOT_PASSWORD: $MINIO_PASSWORD_PROD ports: - published: 9000 target: 9000 mode: host - published: 9001 target: 9001 mode: host deploy: mode: replicated placement: constraints: [node.labels.stage == production] restart_policy: condition: any update_config: parallelism: 1 order: start-first gitea: image: gitea/gitea:1.22.3 volumes: - /sprint-data/gitea:/data - /etc/timezone:/etc/timezone - /etc/localtime:/etc/localtime ports: - "3000:3000" - "222:22" environment: USER_UID: 1000 USER_GID: 1000 GITEA__database__DB_TYPE: postgres GITEA__database__HOST: pg.sprinthub.ru:5432 GITEA__database__NAME: gitea GITEA__database__USER: postgres GITEA__database__PASSWD: $DB_PASSWORD_PROD deploy: mode: replicated placement: constraints: [node.labels.stage == production] restart_policy: condition: any update_config: parallelism: 1 order: start-first gitea-runner: image: mathwave/sprint-repo:gitea-runner volumes: - /var/run/docker.sock:/var/run/docker.sock - /sprint-data:/sprint-data environment: GITEA_INSTANCE_URL: https://gitea.sprinthub.ru/ GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN GITEA_RUNNER_NAME: prod GITEA_RUNNER_LABELS: prod deploy: mode: replicated placement: constraints: [node.labels.stage == production] restart_policy: condition: any update_config: parallelism: 1 order: start-first volumes: minio_data: driver: local gitea: networks: net: driver: overlay common-infra-nginx: external: true configurator: external: true clickhouse: external: true