120 lines
3.2 KiB
YAML
120 lines
3.2 KiB
YAML
version: "3.8"
|
|
|
|
networks:
|
|
mapleopentech-private-prod:
|
|
external: true
|
|
mapleopentech-public-prod:
|
|
external: true
|
|
|
|
secrets:
|
|
maplepress_jwt_secret:
|
|
external: true
|
|
redis_password:
|
|
external: true
|
|
meilisearch_master_key:
|
|
external: true
|
|
# Uncomment if using S3/SeaweedFS:
|
|
# s3_access_key:
|
|
# external: true
|
|
# s3_secret_key:
|
|
# external: true
|
|
|
|
services:
|
|
backend:
|
|
image: registry.digitalocean.com/ssp/maplepress_backend:latest
|
|
hostname: backend
|
|
networks:
|
|
- mapleopentech-public-prod # Receive requests from NGINX
|
|
- mapleopentech-private-prod # Access databases
|
|
secrets:
|
|
- maplepress_jwt_secret
|
|
- redis_password
|
|
- meilisearch_master_key
|
|
# Uncomment if using S3:
|
|
# - s3_access_key
|
|
# - s3_secret_key
|
|
environment:
|
|
# Application Configuration
|
|
- APP_ENVIRONMENT=production
|
|
- APP_VERSION=${APP_VERSION:-1.0.0}
|
|
|
|
# HTTP Server Configuration
|
|
- SERVER_HOST=0.0.0.0
|
|
- SERVER_PORT=8000
|
|
|
|
# Cassandra Database Configuration
|
|
# Use all 3 Cassandra nodes for high availability
|
|
- DATABASE_HOSTS=cassandra-1:9042,cassandra-2:9042,cassandra-3:9042
|
|
- DATABASE_KEYSPACE=maplepress
|
|
- DATABASE_CONSISTENCY=QUORUM
|
|
- DATABASE_REPLICATION=3
|
|
- DATABASE_MIGRATIONS_PATH=file://migrations
|
|
|
|
# Meilisearch Configuration
|
|
- MEILISEARCH_HOST=http://meilisearch:7700
|
|
|
|
# Logger Configuration
|
|
- LOGGER_LEVEL=info
|
|
- LOGGER_FORMAT=json
|
|
|
|
# S3/Object Storage Configuration (if using)
|
|
# - AWS_ENDPOINT=https://your-region.digitaloceanspaces.com
|
|
# - AWS_REGION=us-east-1
|
|
# - AWS_BUCKET_NAME=maplepress-prod
|
|
|
|
# Read secrets and set as environment variables using entrypoint
|
|
entrypoint: ["/bin/sh", "-c"]
|
|
command:
|
|
- |
|
|
export APP_JWT_SECRET=$$(cat /run/secrets/maplepress_jwt_secret)
|
|
export CACHE_PASSWORD=$$(cat /run/secrets/redis_password)
|
|
export MEILISEARCH_API_KEY=$$(cat /run/secrets/meilisearch_master_key)
|
|
# Uncomment if using S3:
|
|
# export AWS_ACCESS_KEY=$$(cat /run/secrets/s3_access_key)
|
|
# export AWS_SECRET_KEY=$$(cat /run/secrets/s3_secret_key)
|
|
|
|
# Set Redis configuration
|
|
export CACHE_HOST=redis
|
|
export CACHE_PORT=6379
|
|
export CACHE_DB=0
|
|
|
|
# Start the backend
|
|
exec /app/maplepress-backend
|
|
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.labels.backend == true
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 10s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 1G
|
|
cpus: "1.0"
|
|
reservations:
|
|
memory: 512M
|
|
cpus: "0.5"
|
|
update_config:
|
|
parallelism: 1
|
|
delay: 10s
|
|
failure_action: rollback
|
|
order: start-first # Zero-downtime: start new before stopping old
|
|
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD",
|
|
"wget",
|
|
"--no-verbose",
|
|
"--tries=1",
|
|
"--spider",
|
|
"--header=X-Tenant-ID: healthcheck",
|
|
"http://localhost:8000/health",
|
|
]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 60s
|