Files
prop-data-guard/docker-compose.prod.yml
T
hiderfong 3ae151404b fix: optimize compliance scan performance and improve error handling
- Refactor scan_compliance to eliminate N+1 queries using joinedload and batch loading
- Add try-except wrapper in compliance scan API endpoint
- Improve frontend axios error interceptor to display detail/message/timeout errors
- Update CORS config and nginx for domain deployment
2026-04-25 20:49:38 +08:00

136 lines
3.4 KiB
YAML

version: "3.8"
services:
db:
image: postgres:16-alpine
container_name: pdg-postgres
environment:
POSTGRES_USER: pdg
POSTGRES_PASSWORD: pdg_secret_2024
POSTGRES_DB: prop_data_guard
volumes:
- pg_data:/var/lib/postgresql/data
expose:
- "5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U pdg -d prop_data_guard"]
interval: 5s
timeout: 5s
retries: 5
restart: unless-stopped
redis:
image: redis:7-alpine
container_name: pdg-redis
expose:
- "6379"
volumes:
- redis_data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 5s
retries: 5
restart: unless-stopped
minio:
image: minio/minio:RELEASE.2024-05-10T01-41-38Z
container_name: pdg-minio
environment:
MINIO_ROOT_USER: pdgminio
MINIO_ROOT_PASSWORD: pdgminio_secret_2024
command: server /data --console-address ":9001"
volumes:
- minio_data:/data
expose:
- "9000"
- "9001"
restart: unless-stopped
backend:
build: ./backend
container_name: pdg-backend
environment:
- DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
- REDIS_URL=redis://redis:6379/0
- MINIO_ENDPOINT=minio:9000
- MINIO_ACCESS_KEY=pdgminio
- MINIO_SECRET_KEY=pdgminio_secret_2024
- SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
- DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
- ACCESS_TOKEN_EXPIRE_MINUTES=30
- REFRESH_TOKEN_EXPIRE_DAYS=7
expose:
- "8000"
depends_on:
db:
condition: service_healthy
redis:
condition: service_healthy
command: >
sh -c "alembic upgrade head && uvicorn app.main:app --host 0.0.0.0 --port 8000"
restart: unless-stopped
frontend:
build:
context: ./frontend
dockerfile: Dockerfile.prod
container_name: pdg-frontend
ports:
- "80:80"
- "443:443"
volumes:
- ./ssl:/etc/nginx/ssl:ro
depends_on:
- backend
restart: unless-stopped
celery_worker:
build: ./backend
container_name: pdg-celery-worker
environment:
- DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
- REDIS_URL=redis://redis:6379/0
- SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
- DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
depends_on:
- db
- redis
command: >
sh -c "celery -A app.tasks.worker worker --loglevel=info --concurrency=2"
restart: unless-stopped
celery_beat:
build: ./backend
container_name: pdg-celery-beat
environment:
- DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
- REDIS_URL=redis://redis:6379/0
- SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
- DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
depends_on:
- db
- redis
command: >
sh -c "celery -A app.tasks.worker beat --loglevel=info"
restart: unless-stopped
flower:
build: ./backend
container_name: pdg-flower
environment:
- REDIS_URL=redis://redis:6379/0
ports:
- "5555:5555"
depends_on:
- redis
- celery_worker
command: >
sh -c "celery -A app.tasks.worker flower --port=5555"
restart: unless-stopped
volumes:
pg_data:
redis_data:
minio_data: