118 lines
3.4 KiB
YAML
118 lines
3.4 KiB
YAML
version: '3.8'
|
|
|
|
# Jira Clone - Portainer Production Stack
|
|
# Complete configuration for deployment via Portainer
|
|
|
|
networks:
|
|
jira-network:
|
|
driver: bridge
|
|
name: jira-clone-network
|
|
|
|
nginx-proxy:
|
|
external: true
|
|
name: nginx-proxy-manager_default
|
|
|
|
services:
|
|
# PostgreSQL Database
|
|
postgres:
|
|
image: postgres:15-alpine
|
|
container_name: jira-clone-db
|
|
restart: unless-stopped
|
|
networks:
|
|
- jira-network
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB:-jira_clone}
|
|
POSTGRES_USER: ${POSTGRES_USER:-jira_user}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-BlackMoonSky89}
|
|
POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
# Remove direct port exposure - database should only be accessible internally
|
|
# ports:
|
|
# - "${POSTGRES_PORT:-1415}:5432"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-jira_user} -d ${POSTGRES_DB:-jira_clone}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
start_period: 30s
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
cpus: '0.5'
|
|
reservations:
|
|
memory: 256M
|
|
cpus: '0.25'
|
|
|
|
# Next.js Application
|
|
app:
|
|
image: ${DOCKER_IMAGE:-rightshiftlord/jira-clone-app:latest}
|
|
container_name: jira-clone-app
|
|
restart: unless-stopped
|
|
networks:
|
|
- jira-network
|
|
- nginx-proxy
|
|
environment:
|
|
# Database Configuration
|
|
DATABASE_URL: "postgresql://${POSTGRES_USER:-jira_user}:${POSTGRES_PASSWORD:-BlackMoonSky89}@postgres:5432/${POSTGRES_DB:-jira_clone}"
|
|
|
|
# NextAuth Configuration
|
|
NEXTAUTH_URL: "https://taskboard.lci.ge"
|
|
AUTH_SECRET: "${AUTH_SECRET:-w2SttmJGLqP4Is+zHB2RMt/2A52sxlm5t9cwZQjZhRw=}"
|
|
AUTH_TRUST_HOST: "true"
|
|
|
|
# Application URLs
|
|
NEXT_PUBLIC_APP_URL: "https://taskboard.lci.ge"
|
|
|
|
# Node Environment
|
|
NODE_ENV: "production"
|
|
|
|
# Disable Telemetry
|
|
NEXT_TELEMETRY_DISABLED: "1"
|
|
|
|
# Authentik OIDC Configuration
|
|
AUTHENTIK_ID: "${AUTHENTIK_ID:-07ncZfyhcfxURFxYQBfgtqJCmziTLcWPohLaSr5n}"
|
|
AUTHENTIK_SECRET: "${AUTHENTIK_SECRET:-l1mTTYR26Zh5tnnOv2rmiM8Lj3LwnLqGUOaFE5ihMuaP6RfTaIGY288UTaDDpawmenU25i1JQk4lhoLBMUzNJ9FxM7R0idN3qyXvHWFMzhbRGfcpKsxlW7xu28xa8mqf}"
|
|
AUTHENTIK_ISSUER: "${AUTHENTIK_ISSUER:-https://authentik.lci.ge/application/o/jira/}"
|
|
AUTHENTIK_CALLBACK_URL: "${AUTHENTIK_CALLBACK_URL:-https://taskboard.lci.ge/api/auth/callback/authentik}"
|
|
|
|
# Remove direct port exposure - let nginx-proxy-manager handle external access
|
|
# ports:
|
|
# - "${APP_PORT:-3001}:3000"
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
volumes:
|
|
- uploads:/app/public/uploads
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 1G
|
|
cpus: '1.0'
|
|
reservations:
|
|
memory: 512M
|
|
cpus: '0.5'
|
|
# healthcheck:
|
|
# test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000", "||", "exit", "1"]
|
|
# interval: 30s
|
|
# timeout: 10s
|
|
# retries: 3
|
|
# start_period: 60s
|
|
command: >
|
|
sh -c "
|
|
echo 'Running database migrations...' &&
|
|
npx prisma migrate deploy &&
|
|
echo 'Starting the application...' &&
|
|
npm run start
|
|
"
|
|
|
|
volumes:
|
|
postgres_data:
|
|
name: jira-clone-postgres-data
|
|
driver: local
|
|
|
|
uploads:
|
|
name: jira-clone-uploads
|
|
driver: local
|