-
Notifications
You must be signed in to change notification settings - Fork 1
/
compose.yml
136 lines (128 loc) · 3.42 KB
/
compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
services:
app:
image: ghcr.io/internetstandards/ctlssa:latest
build: &app_build
context: .
cache_from:
- ghcr.io/internetstandards/ctlssa:latest
- type=gha
cache_to:
- type=gha
args:
BUILDKIT_INLINE_CACHE: 1
develop: &app_develop
watch:
- path: src/
action: sync+restart
target: /src/src/
entrypoint: uwsgi
ports:
- 8001:8001
environment:
- DEBUG="False"
- CTLSSA_SECRET_KEY
- CTLSSA_DJANGO_DATABASE=production
- CTLSSA_DB_ENGINE=postgresql_psycopg2
- CTLSSA_DB_HOST=db
- CTLSSA_CERTSTREAM_SERVER_URL=ws://certstream:4000
- CTLSSA_HOSTNAMES
# uwsgi reloads on SIGTERM, so use SIGINT instead
# https://uwsgi-docs.readthedocs.io/en/latest/Management.html#signals-for-controlling-uwsgi
stop_signal: SIGINT
restart: always
depends_on:
db:
condition: service_healthy
db-migrate:
# wait for DB migration to be completed
condition: service_completed_successfully
app-ingest:
condition: service_started
healthcheck:
test: curl --silent --fail http://127.0.0.1:8001
interval: 5m
start_period: 30s
start_interval: 1s
app-ingest:
build: *app_build
develop: *app_develop
image: ghcr.io/internetstandards/ctlssa:latest
environment:
- DEBUG="False"
- CTLSSA_SECRET_KEY
- CTLSSA_DJANGO_DATABASE=production
- CTLSSA_DB_ENGINE=postgresql_psycopg2
- CTLSSA_DB_HOST=db
- CTLSSA_CERTSTREAM_SERVER_URL=ws://certstream:4000
entrypoint: ctlssa
command: ingest
restart: always
# certstream library only listens to SIGINT
# https://github.com/CaliDog/certstream-python/blob/master/certstream/core.py#L56
stop_signal: SIGINT
stop_grace_period: 3s
depends_on:
db:
condition: service_healthy
db-migrate:
# wait for DB migration to be completed
condition: service_completed_successfully
certstream:
condition: service_healthy
certstream:
build:
context: vendor/certstream
image: ghcr.io/internetstandards/certstream:latest
environment:
LOG_LEVEL: error
restart: always
healthcheck:
test: wget -q 127.0.0.1:4000 -O /dev/null
interval: 5m
start_period: 30s
start_interval: 1s
db:
image: postgres:15
restart: always
environment:
POSTGRES_DB: ctlssa
POSTGRES_USER: ctlssa
POSTGRES_PASSWORD: ctlssa
healthcheck:
test: pg_isready -U $$POSTGRES_USER -d $$POSTGRES_PASSWORD
interval: 5m
start_period: 30s
start_interval: 1s
cpu_percent: ${CERTSTREAM_CPU_PERCENT:-10}
volumes:
- postgres:/var/lib/postgresql/data
db-migrate:
build: *app_build
develop: *app_develop
image: ghcr.io/internetstandards/ctlssa:latest
restart: on-failure
environment:
CTLSSA_SECRET_KEY: '1'
CTLSSA_DJANGO_DATABASE: production
CTLSSA_DB_ENGINE: postgresql_psycopg2
CTLSSA_DB_HOST: db
entrypoint: ctlssa
command: migrate
depends_on:
db:
condition: service_healthy
dev:
build:
target: dev
environment:
- CTLSSA_SECRET_KEY=1
- CTLSSA_DJANGO_DATABASE=production
- CTLSSA_DB_ENGINE=postgresql_psycopg2
- CTLSSA_DB_HOST=db
volumes:
- .:/src
- ./.root:/root
profiles:
- dev
volumes:
postgres: