Danil Suhomlinov
33800292aa
- apps/api/Dockerfile: build NestJS, run prisma migrate deploy on start - apps/web/Dockerfile + nginx.conf: build Vite, serve static, proxy /api -> api - docker-compose.coolify.yml: full prod stack (postgres, redis, minio, keycloak, api, web) - .dockerignore / .gitignore / .gitattributes Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
98 lines
2.9 KiB
YAML
98 lines
2.9 KiB
YAML
# Production stack for Coolify (Docker Compose deployment).
|
|
# Set the secrets (POSTGRES_PASSWORD, MINIO_ROOT_PASSWORD, KEYCLOAK_ADMIN_PASSWORD, …)
|
|
# as Environment Variables in the Coolify resource, NOT in this file.
|
|
# Attach the public domain to the `web` service (port 80) in the Coolify UI.
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:-hrm}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
POSTGRES_DB: ${POSTGRES_DB:-hrm_medpark}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-hrm} -d ${POSTGRES_DB:-hrm_medpark}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
volumes:
|
|
- redis_data:/data
|
|
|
|
minio:
|
|
image: minio/minio:latest
|
|
command: server /data --console-address ":9001"
|
|
environment:
|
|
MINIO_ROOT_USER: ${MINIO_ROOT_USER:-minioadmin}
|
|
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
|
|
volumes:
|
|
- minio_data:/data
|
|
|
|
keycloak:
|
|
image: quay.io/keycloak/keycloak:24.0
|
|
# production mode behind Coolify's Traefik proxy; builds optimized image on first start
|
|
command: start
|
|
environment:
|
|
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin}
|
|
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
|
|
KC_DB: postgres
|
|
KC_DB_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB:-hrm_medpark}
|
|
KC_DB_USERNAME: ${POSTGRES_USER:-hrm}
|
|
KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
|
|
KC_HOSTNAME: ${KEYCLOAK_HOSTNAME}
|
|
KC_PROXY: edge
|
|
KC_HTTP_ENABLED: "true"
|
|
KC_HEALTH_ENABLED: "true"
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
|
|
api:
|
|
build:
|
|
context: .
|
|
dockerfile: apps/api/Dockerfile
|
|
environment:
|
|
NODE_ENV: production
|
|
PORT: 3001
|
|
DATABASE_URL: postgresql://${POSTGRES_USER:-hrm}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-hrm_medpark}
|
|
FRONTEND_URL: ${FRONTEND_URL}
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
MINIO_ENDPOINT: minio
|
|
MINIO_PORT: 9000
|
|
MINIO_ACCESS_KEY: ${MINIO_ROOT_USER:-minioadmin}
|
|
MINIO_SECRET_KEY: ${MINIO_ROOT_PASSWORD}
|
|
MINIO_BUCKET: ${MINIO_BUCKET:-hrm-docs}
|
|
KEYCLOAK_URL: ${KEYCLOAK_URL}
|
|
KEYCLOAK_REALM: ${KEYCLOAK_REALM:-medpark}
|
|
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID:-hrm-web}
|
|
N8N_WEBHOOK_BASE: ${N8N_WEBHOOK_BASE:-}
|
|
ALLOW_DEV_LOGIN: ${ALLOW_DEV_LOGIN:-false}
|
|
DEV_JWT_SECRET: ${DEV_JWT_SECRET:-}
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
minio:
|
|
condition: service_started
|
|
|
|
web:
|
|
build:
|
|
context: .
|
|
dockerfile: apps/web/Dockerfile
|
|
# In the Coolify UI, set this service's domain and target port 80.
|
|
expose:
|
|
- "80"
|
|
depends_on:
|
|
- api
|
|
|
|
volumes:
|
|
postgres_data:
|
|
redis_data:
|
|
minio_data:
|