-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
111 lines (104 loc) · 3.12 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# Author: Hung Vu
version: "3.8"
services:
# MongoDB Atlas does not support IPv6, so self hosting is a stopgap solution
mongo:
container_name: mongo
restart: always
image: mongo
environment:
# Fill in secrets here in production
MONGO_INITDB_ROOT_USERNAME: REDACTED
MONGO_INITDB_ROOT_PASSWORD: REDACTED
networks:
blogfolio:
# The REDACTED is VPC subnet /64, but the address is in /112
# Container IPv6 requires at lest /80 to work
# And definitely not /64, because it's the VPC subnet (conflict)
ipv6_address: "REDACTED::2"
volumes:
- ./mongo_data:/data/db
ports:
- "[::1]:27017:27017/tcp"
# Remove IPv6-related lines above
# And uncomment this line to expose the port to the host machine
# - "127.0.0.1:27017:27017/tcp"
# This is useful for db operation like mongodump, mongorestore, rsync, scp, etc.
caddy:
container_name: caddy
restart: always
image: "docker.io/hunghvu/blogfolio-caddy:main"
# build:
# context: .
# dockerfile: ./infras/containers/caddy/Dockerfile
networks:
blogfolio:
ipv6_address: "REDACTED::3"
environment:
- CADDY_INGRESS_NETWORKS=blogfolio
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./caddy_data:/data
ports:
- "[::]:80:80/tcp"
- "[::]:443:443/tcp"
- "[::]:443:443/udp" # HTTP/3 support https://caddyserver.com/docs/running#docker-compose
- "[::]:2019:2019/tcp"
labels:
debug: ""
cms:
container_name: cms
restart: always
env_file: ./.env.production.local
image: "docker.io/hunghvu/blogfolio-cms:main"
# env_file: ./.env.production.local
# build:
# context: .
# dockerfile: ./apps/cms/Dockerfile
networks:
blogfolio:
ipv6_address: "REDACTED::4"
ports:
- "[::1]:3100:3100/tcp"
deploy:
resources:
limits:
memory: 300M
labels:
caddy: "payload.hungvu.tech"
caddy.tls.dns: "cloudflare REDACTED"
caddy.tls.resolvers: "2606:4700:4700::1111 2606:4700:4700::1001"
caddy.reverse_proxy: "[REDACTED::4]:3100"
caddy.encode: "zstd gzip"
web:
container_name: web
restart: always
image: "docker.io/hunghvu/blogfolio-web:main"
# build:
# context: .
# dockerfile: ./apps/web/Dockerfile
networks:
blogfolio:
ipv6_address: "REDACTED::5"
ports:
- "[::1]:3000:3000/tcp"
deploy:
resources:
limits:
memory: 300M
labels:
caddy: "hungvu.tech"
caddy.tls.dns: "cloudflare REDACTED"
caddy.tls.resolvers: "2606:4700:4700::1111 2606:4700:4700::1001"
caddy.reverse_proxy: "[REDACTED::5]:3000"
caddy.encode: "zstd gzip"
networks:
# Network name cannot be "default"
# And the network must be external, or else caddy cannot connect to other containers
# Error: "container not in the same network as caddy" via "docker logs --follow caddy"
# Helpful resource: https://docs.docker.com/config/daemon/ipv6/
# To create IPv6 network, run
# docker network create --ipv6 --subnet="REDACTED::/112" --gateway="REDACTED::1" blogfolio
blogfolio:
driver: bridge
external: true