-
Notifications
You must be signed in to change notification settings - Fork 51
/
Copy pathdocker-compose-prod.yaml
128 lines (119 loc) · 3.61 KB
/
docker-compose-prod.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
version: '3.9'
volumes:
mysql:
redis:
qdrant:
networks:
reverse-proxy-public:
driver: bridge
ipam:
driver: default
services:
proxy:
image: traefik
command:
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.mysql.address=:3306"
- "--entrypoints.redis.address=:6379"
- "--entryPoints.web.http.redirections.entryPoint.to=websecure"
- "--entryPoints.web.http.redirections.entryPoint.scheme=https"
- "--providers.docker"
- "--providers.docker.exposedbydefault=false"
- "--api.insecure=false"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=${MY_EMAIL}"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
# - "--log.level=DEBUG"
# - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
ports:
- "80:80"
- "443:443"
- "3306:3306"
- "6379:6379"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./letsencrypt:/letsencrypt
networks:
- reverse-proxy-public
db:
image: mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}"
MYSQL_ROOT_HOST: "%"
MYSQL_DATABASE: "${MYSQL_DATABASE}"
MYSQL_USER: "${MYSQL_USER}"
MYSQL_PASSWORD: "${MYSQL_PASSWORD}"
TZ: "Asia/Seoul"
volumes:
- mysql:/var/lib/mysql
# - ./my.cnf:/etc/mysql/conf.d/my.cnf
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.db.rule=HostSNI(`*`)"
- "traefik.tcp.services.db.loadbalancer.server.port=3306"
- "traefik.tcp.routers.db.entrypoints=mysql"
networks:
- reverse-proxy-public
cache:
image: redis/redis-stack-server:latest
restart: always
environment:
- REDIS_ARGS=--requirepass ${REDIS_PASSWORD} --maxmemory 100mb --maxmemory-policy allkeys-lru --appendonly yes
volumes:
- redis:/data
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.cache.rule=HostSNI(`*`)"
- "traefik.tcp.services.cache.loadbalancer.server.port=6379"
- "traefik.tcp.routers.cache.entrypoints=redis"
networks:
- reverse-proxy-public
api:
image: cosogi/llmchat:230703
restart: always
env_file:
- .env
command:
- "--host"
- "0.0.0.0"
- "--port"
- "8000"
labels:
- "traefik.enable=true"
- "traefik.docker.network=reverse-proxy-public"
- "traefik.http.routers.api.rule=HostRegexp(`${HOST_MAIN}`, `{subdomain:[a-z]+}.${HOST_MAIN}`, `${HOST_IP}`)"
- "traefik.http.routers.api.entrypoints=websecure"
- "traefik.http.services.api.loadbalancer.server.scheme=http"
- "traefik.http.services.api.loadbalancer.server.port=8000"
- "traefik.http.routers.api.tls=true"
- "traefik.http.routers.api.tls.certresolver=myresolver"
- "traefik.http.routers.api.tls.domains[0].main=${HOST_MAIN}"
- "traefik.http.routers.api.tls.domains[0].sans=${HOST_SUB}"
depends_on:
- proxy
- db
- cache
- vectorstore
volumes:
- .:/app
networks:
- reverse-proxy-public
vectorstore:
image: qdrant/qdrant:latest
restart: always
volumes:
- qdrant:/qdrant/storage
networks:
- reverse-proxy-public
# search-api:
# image: searxng/searxng:latest
# restart: always
# environment:
# REDIS_PASSWORD: "${REDIS_PASSWORD}"
# JWT_SECRET: "${JWT_SECRET}"
# volumes:
# - ./searxng:/etc/searxng
# networks:
# - api-private