-
Notifications
You must be signed in to change notification settings - Fork 26
/
staging.yml
93 lines (83 loc) · 2.83 KB
/
staging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
version: '3'
volumes:
pithus_production_postgres_data: {}
pithus_production_postgres_data_backups: {}
pithus_production_elasticsearch_data: {}
pithus_production_minio_data: {}
services:
pithus_django: &pithus_django
image: docker.pkg.github.com/pithus/bazaar/pithus-core:latest
container_name: pithus_django
depends_on:
- pithus_postgres
- pithus_redis
- pithus_elasticsearch
- pithus_minio
- pithus_mobsf
- traefik
env_file:
- ./pithus/.envs/.production/.django
- ./pithus/.envs/.production/.postgres
command: /start
labels:
- "traefik.enable=true"
- "traefik.http.services.pithus.loadbalancer.server.port=5000"
- "traefik.http.middlewares.pithus-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.pithus-header.headers.hostsProxyHeaders=X-CSRFToken"
- "traefik.http.routers.pithus-http.entrypoints=web"
- "traefik.http.routers.pithus-http.rule=Host(`pithus.org`)"
- "traefik.http.routers.pithus-http.middlewares=pithus-https@docker"
- "traefik.http.routers.pithus.entrypoints=web-secure"
- "traefik.http.routers.pithus.rule=Host(`pithus.org`)"
- "traefik.http.routers.pithus.tls=true"
- "traefik.http.routers.pithus.tls.certresolver=default"
pithus_worker:
<<: *pithus_django
image: docker.pkg.github.com/pithus/bazaar/pithus-core:latest
container_name: pithus_worker
depends_on:
- pithus_redis
- pithus_postgres
- pithus_elasticsearch
- pithus_minio
ports: []
command: /start-worker
pithus_postgres:
image: docker.pkg.github.com/pithus/bazaar/pithus-db:latest
container_name: pithus_db
volumes:
- pithus_production_postgres_data:/var/lib/postgresql/data:Z
- pithus_production_postgres_data_backups:/backups:z
env_file:
- ./pithus/.envs/.production/.postgres
pithus_redis:
image: redis:5.0
container_name: pithus_redis
pithus_elasticsearch:
image: elasticsearch:7.7.0
hostname: elasticsearch
container_name: pithus_els
environment:
- "discovery.type=single-node"
volumes:
- pithus_production_elasticsearch_data:/usr/share/elasticsearch/data
pithus_mobsf:
image: opensecurity/mobile-security-framework-mobsf:latest
hostname: mobsf
container_name: pithus_mobsf
environment:
- "MOBSF_API_ONLY=1"
- "MOBSF_API_KEY=515d3578262a2539cd13b5b9946fe17e350c321b91faeb1ee56095430242a4a9"
pithus_minio:
image: minio/minio:RELEASE.2020-11-13T20-10-18Z
volumes:
- pithus_production_minio_data:/data
env_file:
- ./pithus/.envs/.production/.django
command: server /data
container_name: pithus_minio
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3