prop-data-guard/docker-compose.prod.yml

version: "3.8"

services:
  db:
    image: postgres:16-alpine
    container_name: pdg-postgres
    environment:
      POSTGRES_USER: pdg
      POSTGRES_PASSWORD: pdg_secret_2024
      POSTGRES_DB: prop_data_guard
    volumes:
      - pg_data:/var/lib/postgresql/data
    expose:
      - "5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U pdg -d prop_data_guard"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  redis:
    image: redis:7-alpine
    container_name: pdg-redis
    expose:
      - "6379"
    volumes:
      - redis_data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  minio:
    image: minio/minio:RELEASE.2024-05-10T01-41-38Z
    container_name: pdg-minio
    environment:
      MINIO_ROOT_USER: pdgminio
      MINIO_ROOT_PASSWORD: pdgminio_secret_2024
    command: server /data --console-address ":9001"
    volumes:
      - minio_data:/data
    expose:
      - "9000"
      - "9001"
    restart: unless-stopped

  backend:
    build: ./backend
    container_name: pdg-backend
    environment:
      - DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
      - REDIS_URL=redis://redis:6379/0
      - MINIO_ENDPOINT=minio:9000
      - MINIO_ACCESS_KEY=pdgminio
      - MINIO_SECRET_KEY=pdgminio_secret_2024
      - SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
      - DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
      - ACCESS_TOKEN_EXPIRE_MINUTES=30
      - REFRESH_TOKEN_EXPIRE_DAYS=7
    expose:
      - "8000"
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_healthy
    command: >
      sh -c "alembic upgrade head && uvicorn app.main:app --host 0.0.0.0 --port 8000"
    restart: unless-stopped

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile.prod
    container_name: pdg-frontend
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./ssl:/etc/nginx/ssl:ro
    depends_on:
      - backend
    restart: unless-stopped

  celery_worker:
    build: ./backend
    container_name: pdg-celery-worker
    environment:
      - DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
      - REDIS_URL=redis://redis:6379/0
      - SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
      - DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
    depends_on:
      - db
      - redis
    command: >
      sh -c "celery -A app.tasks.worker worker --loglevel=info --concurrency=2"
    restart: unless-stopped

  celery_beat:
    build: ./backend
    container_name: pdg-celery-beat
    environment:
      - DATABASE_URL=postgresql+psycopg2://pdg:pdg_secret_2024@db:5432/prop_data_guard
      - REDIS_URL=redis://redis:6379/0
      - SECRET_KEY=${SECRET_KEY:-prop-data-guard-production-secret-key}
      - DB_ENCRYPTION_KEY=${DB_ENCRYPTION_KEY:-}
    depends_on:
      - db
      - redis
    command: >
      sh -c "celery -A app.tasks.worker beat --loglevel=info"
    restart: unless-stopped

  flower:
    build: ./backend
    container_name: pdg-flower
    environment:
      - REDIS_URL=redis://redis:6379/0
    ports:
      - "5555:5555"
    depends_on:
      - redis
      - celery_worker
    command: >
      sh -c "celery -A app.tasks.worker flower --port=5555"
    restart: unless-stopped

volumes:
  pg_data:
  redis_data:
  minio_data: