Chill-project/ansible-role-chill
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41531016aa
ansible-role-chill/templates/compose.yaml
Julien Fastré c572d68eb4
Fix logging paths and permissions for chill role configuration 
Corrected log file paths in Monolog configuration and Compose file for consistency. Updated directory permissions in tasks to allow group write access. These changes improve log file organization and facilitate better collaboration.
2025-01-13 10:52:15 +01:00

138 lines
4.5 KiB
YAML
Raw Blame History

services:
frontend:
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_nginx_name }}:{{ item.chill_image_tag }}
links:
- app:php
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.http.routers.frontend-{{ item.chill_environment }}.rule=Host(`{{ item.host }}`)"
- "traefik.http.routers.frontend-{{ item.chill_environment }}.entrypoints=websecure"
{%+ if item.tls_config == 'self_signed' +%}
- "traefik.http.routers.frontend-{{ item.chill_environment }}.tls=true"
{%+ endif +%}
{%+ if item.expose_port is not false +%}
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.rule=PathPrefix(`/`)"
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.entrypoints=chill{{ item.chill_environment }}"
{%+ if item.tls_config == 'self_signed' +%}
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.tls=true"
{%+ endif +%}
{%+ endif +%}
networks:
- traefik
- default
restart: always
app: &defaultApp
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_php_name }}:{{ item.chill_image_tag }}
env_file:
- env_file.env
volumes:
- './config/prod:/var/www/app/config/packages/prod:ro'
- '/var/log/chill:/var/www/app/var/log:rw'
- '{{ doc_storage_dir }}/{{ item['chill_environment'] }}:/var/storage:rw'
links:
- redis
- relatorio
- rabbitmq
{% if item.add_postgres -%}
- database
{%- endif %}
networks:
- default
restart: always
consumer:
<<: *defaultApp
entrypoint: "/usr/bin/env"
command:
- "/bin/bash"
- "-c"
- >
sleep 3 && bin/console cache:clear &&
while ! [ -f /tmp/kill_me ];
do
php -d memory_limit=2G bin/console messenger:consume priority async --limit=20 --time-limit=600 -v;
done;
pre_stop:
- command:
- "/bin/bash"
- "-c"
- "touch /tmp/kill_me && bin/console messenger:stop-workers"
cron:
<<: *defaultApp
entrypoint: "/usr/bin/env"
command: ["bin/console", "chill:cron-job:execute", "-v"]
restart: "no"
{% if item.add_postgres %}
database:
image: "{{ database_image }}"
env_file:
- postgres.env
volumes:
- ./docker/db/data:/var/lib/postgresql/data:rw
networks:
- default
restart: always
{% endif %}
###> chill-project/chill-bundles ###
redis:
image: redis
networks:
- default
restart: always
relatorio:
image: registry.gitlab.com/champs-libres/public/relatorio-tornado/app:latest
networks:
- default
restart: always
###< chill-project/chill-bundles ###
# sign-worker:
# image: h3m6q87t.gra7.container-registry.ovh.net/sign-pdf-worker/worker:latest
# environment:
# AMQP_URL: amqp://guest:guest@rabbitmq:5672/%2f/to_python_sign
# LOG_LEVEL: INFO
# PKCS12_PATH: /etc/sign-pdf/dummy.p12
# TIMESTAMP_URL: http://freetsa.org/tsr
# QUEUE_IN: to_python_sign
# EXCHANGE_OUT: signed_docs
# OUT_ROUTING_KEY: signed_doc
# TSA_CERT_CHAIN: /etc/sign-pdf/tsa/tsa-chain.pem
# TSA_CONFIG_PATH: /etc/sign-pdf/rootca.conf
# TSA_KEY_PASSWORD: "5678"
# volumes:
# - "./resources/dev-certificate/dummy.p12:/etc/sign-pdf/dummy.p12:ro"
# - "./resources/dev-certificate/rootca.conf:/etc/sign-pdf/rootca.conf:ro"
# - "./resources/dev-certificate/tsa:/etc/sign-pdf/tsa:ro"
# - "./resources/dev-certificate/tsa_serial:/var/lib/tsa/tsa_serial:rw"
# links:
# - rabbitmq
# depends_on:
# rabbitmq:
# condition: service_healthy
rabbitmq:
image: rabbitmq:3-management-alpine
env_file:
- rabbitmq.env
healthcheck:
test: rabbitmq-diagnostics -q ping
interval: 30s
timeout: 30s
retries: 3
networks:
- default
restart: always
networks:
traefik:
external: true
default:
Reference in New Issue View Git Blame Copy Permalink