docker compose review

2026-03-21 22:43:10 +01:00
parent 32c6bd56a5
commit 230f018f47
1 changed files with 23 additions and 19 deletions
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -3,14 +3,14 @@ version: "3.8"
 services:
  postgres:
    image: postgres:16-alpine
-    container_name: auditshield-db
-    restart: unless-stopped
+    container_name: auditshield-db-prod
+    restart: always
    environment:
      POSTGRES_DB: ${POSTGRES_DB:-auditshield}
      POSTGRES_USER: ${POSTGRES_USER:-auditshield}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD required}
    volumes:
-      - postgres_data:/var/lib/postgresql/data
+      - postgres_data_prod:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-auditshield}"]
      interval: 10s
@@ -21,36 +21,35 @@ services:

  redis:
    image: redis:7-alpine
-    container_name: auditshield-redis
-    restart: unless-stopped
+    container_name: auditshield-redis-prod
+    restart: always
    networks:
      - internal

  backend:
-    build:
-      context: ../backend
-      dockerfile: Dockerfile
-    container_name: auditshield-backend
-    restart: unless-stopped
-    env_file: ../.env
+    image: ${REGISTRY}/auditshield-backend:${TAG:-latest}
+    container_name: auditshield-backend-prod
+    restart: always
+    env_file: .env
    environment:
      DATABASE_URL: postgresql://${POSTGRES_USER:-auditshield}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-auditshield}
      REDIS_URL: redis://redis:6379/0
    depends_on:
      postgres:
        condition: service_healthy
-      redis:
-        condition: service_started
    networks:
      - internal
      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.auditshield-api.rule=Host(`${DOMAIN}`) && PathPrefix(`/api`)"
+      - "traefik.http.routers.auditshield-api.entrypoints=websecure"
+      - "traefik.http.routers.auditshield-api.tls.certresolver=letsencrypt"

  frontend:
-    build:
-      context: ../frontend
-      dockerfile: Dockerfile
-    container_name: auditshield-frontend
-    restart: unless-stopped
+    image: ${REGISTRY}/auditshield-frontend:${TAG:-latest}
+    container_name: auditshield-frontend-prod
+    restart: always
    environment:
      NEXT_PUBLIC_API_URL: ""
    depends_on:
@@ -58,9 +57,14 @@ services:
    networks:
      - internal
      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.auditshield.rule=Host(`${DOMAIN}`)"
+      - "traefik.http.routers.auditshield.entrypoints=websecure"
+      - "traefik.http.routers.auditshield.tls.certresolver=letsencrypt"

 volumes:
-  postgres_data:
+  postgres_data_prod:

 networks:
  internal: