docker-compose.prod.yml

version: "3.9"
services:
  api:
    container_name: "storiesque-api"
    build: 
      context: ./
      dockerfile: ./backend/Dockerfile
    depends_on:
      db:
        condition: service_healthy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.api.rule=Host(`${API_DOMAIN}`)"
      - "traefik.http.routers.api.tls.certresolver=le"
      - "traefik.http.routers.api.entrypoints=websecure"
  db:
    image: postgres
    container_name: "storiesque-db"
    environment:
      POSTGRES_USER: ${DB_USER}
      POSTGRES_PASSWORD: ${DB_PASSWORD}
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5
    volumes:
      - ./backend/sql/schema.sql:/docker-entrypoint-initdb.d/create_schema.sql
      - ./backend/sql/trigger.sql:/docker-entrypoint-initdb.d/create_trigger.sql
      - ./data/postgres:/var/lib/postgresql/data
    labels:
      - "traefik.enable=false"
  web:
    container_name: "storiesque-web"
    build: 
      context: ./
      dockerfile: ./frontend/Dockerfile
    environment:
      PUBLIC_API_URL: ${PUBLIC_API_URL}
      PUBLIC_IMG_URL: ${PUBLIC_IMG_URL}
      ORIGIN: ${PUBLIC_WEB_URL}
      PROTOCOL_HEADER: x-forwarded-proto
      HOST_HEADER: x-forwarded-host
    depends_on:
      - api
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.web.rule=Host(`${WEB_DOMAIN}`)"
      - "traefik.http.routers.web.tls.certresolver=le"
      - "traefik.http.routers.web.entrypoints=websecure"
      - "traefik.http.services.web.loadbalancer.server.port=3000"
  s3:
    image: "quay.io/minio/minio:latest"
    container_name: "storiesque-s3"
    command: server /data --console-address ":9090"
    environment:
      MINIO_ROOT_USER: ${S3_USER}
      MINIO_ROOT_PASSWORD: ${S3_PASSWORD}
      MINIO_BROWSER_REDIRECT_URL: ${PUBLIC_S3_URL}
    ports:
      - "9000:9000"
      - "9090:9090"
    volumes:
      - ./data/minio:/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.s3.rule=Host(`${IMG_DOMAIN}`)"
      - "traefik.http.routers.s3.tls.certresolver=le"
      - "traefik.http.routers.s3.entrypoints=websecure"
  traefik:
    image: "traefik:v2.9"
    container_name: "traefik"
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entryPoints.websecure.address=:443"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--certificatesresolvers.le.acme.httpchallenge=true"
      - "--certificatesresolvers.le.acme.email=${EMAIL}"
      - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"
      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./letsencrypt:/letsencrypt