self/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3a073fd7c9
infra/.deploy-infra/deploy-prod.yaml
Egor Matveev 3a073fd7c9
All checks were successful
Deploy Prod / Build (pull_request) Successful in 16s
Details
Deploy Prod / Push (pull_request) Successful in 19s
Details
Deploy Prod / prepare (pull_request) Successful in 7s
Details
Deploy Prod / Deploy prod (pull_request) Successful in 37s
Details
fix
2025-07-11 20:35:56 +03:00

263 lines
6.3 KiB
YAML
Executable File
Raw Blame History

version: "3.6"
services:
nginx:
image: mathwave/sprint-repo:sprint-infra-nginx-prod
networks:
- common-infra-nginx
- configurator
environment:
MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD
ports:
- published: 80
target: 80
mode: host
- published: 443
target: 443
mode: host
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
# order: start-first
authelia:
image: mathwave/sprint-repo:authelia
networks:
- common-infra-nginx
environment:
AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET
AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET
AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY
AUTHELIA_STORAGE_POSTGRES_HOST: "postgres"
AUTHELIA_STORAGE_POSTGRES_PORT: "5432"
AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia"
AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres"
AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD
AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor"
AUTHELIA_NOTIFIER_SMTP_ENABLED: "false"
volumes:
- /sprint-data/authelia/config:/config
- /sprint-data/authelia/data:/var/lib/authelia
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
grafana:
image: grafana/grafana
networks:
- common-infra-nginx
- clickhouse
volumes:
- /sprint-data/grafana:/var/lib/grafana
environment:
GF_SERVER_ROOT_URL: https://grafana.chocomarsh.com
GF_CORS_ENABLED: "false"
GF_AUTH_DISABLE_LOGIN_FORM: "false"
GF_CORS_ALLOW_ORIGINS: "*"
GF_SECURITY_CONTENT_SECURITY_POLICY: "false"
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
clickhouse:
image: clickhouse
networks:
- clickhouse
volumes:
- /sprint-data/clickhouse:/var/lib/clickhouse
environment:
CLICKHOUSE_PASSWORD: $CLICKHOUSE_PASSWORD_PROD
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
resources:
limits:
memory: 2048M
cpus: '2.0'
reservations:
memory: 1024M
cpus: '1.0'
postgres:
image: postgres:14-alpine3.19
volumes:
- /sprint-data/postgres-data:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: $DB_PASSWORD_PROD
healthcheck:
test: pg_isready || pg_resetwal /var/lib/postgresql/data
interval: 60s
retries: 5
start_period: 20s
timeout: 10s
ports:
- published: 5432
target: 5432
mode: host
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
order: start-first
resources:
limits:
cpus: '1.0'
reservations:
cpus: '0.50'
mongo:
image: mongo:6.0.2
volumes:
- /sprint-data/mongo:/data/db
environment:
MONGO_INITDB_ROOT_USERNAME: mongo
MONGO_INITDB_ROOT_PASSWORD: $MONGO_PASSWORD_PROD
ports:
- published: 27017
target: 27017
mode: host
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
order: start-first
redis:
image: redis:alpine3.16
volumes:
- /sprint-data/redis:/data
ports:
- published: 6379
target: 6379
mode: host
command: redis-server --requirepass $REDIS_PASSWORD_PROD
deploy:
mode: replicated
restart_policy:
condition: any
placement:
constraints: [node.labels.stage == production]
update_config:
parallelism: 1
order: start-first
minio:
image: bitnami/minio:2022.10.8
volumes:
- minio_data:/data
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: $MINIO_PASSWORD_PROD
ports:
- published: 9000
target: 9000
mode: host
- published: 9001
target: 9001
mode: host
deploy:
mode: replicated
placement:
constraints: [node.labels.stage == production]
restart_policy:
condition: any
update_config:
parallelism: 1
order: start-first
gitea:
image: gitea/gitea:1.22.3
volumes:
- /sprint-data/gitea:/data
- /etc/timezone:/etc/timezone
- /etc/localtime:/etc/localtime
ports:
- "3000:3000"
- "222:22"
environment:
USER_UID: 1000
USER_GID: 1000
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: pg.sprinthub.ru:5432
GITEA__database__NAME: gitea
GITEA__database__USER: postgres
GITEA__database__PASSWD: $DB_PASSWORD_PROD
deploy:
mode: replicated
placement:
constraints: [node.labels.stage == production]
restart_policy:
condition: any
update_config:
parallelism: 1
order: start-first
gitea-runner:
image: mathwave/sprint-repo:gitea-runner
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /sprint-data:/sprint-data
environment:
GITEA_INSTANCE_URL: https://gitea.sprinthub.ru/
GITEA_RUNNER_REGISTRATION_TOKEN: $REGISTRATION_TOKEN
GITEA_RUNNER_NAME: prod
GITEA_RUNNER_LABELS: prod
deploy:
mode: replicated
placement:
constraints: [node.labels.stage == production]
restart_policy:
condition: any
update_config:
parallelism: 1
order: start-first
volumes:
minio_data:
driver: local
gitea:
networks:
net:
driver: overlay
common-infra-nginx:
external: true
configurator:
external: true
clickhouse:
external: true
Reference in New Issue View Git Blame Copy Permalink