Chill-project/ansible-role-chill
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cc82c7b2c5
ansible-role-chill/templates/compose.yaml
Julien Fastré cc82c7b2c5
Fix volume mount options in compose.yaml 
Updated volume mounts to correct permissions and paths. Ensured writable access for logs and storage directories to avoid runtime issues.
2025-01-10 14:03:27 +01:00

138 lines
4.5 KiB
YAML
Raw Blame History

services:
frontend:
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_nginx_name }}:{{ item.chill_image_tag }}
links:
- app:php
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.http.routers.frontend-{{ item.chill_environment }}.rule=Host(`{{ item.host }}`)"
- "traefik.http.routers.frontend-{{ item.chill_environment }}.entrypoints=websecure"
{%+ if item.tls_config == 'self_signed' +%}
- "traefik.http.routers.frontend-{{ item.chill_environment }}.tls=true"
{%+ endif +%}
{%+ if item.expose_port is not false +%}
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.rule=PathPrefix(`/`)"
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.entrypoints=chill{{ item.chill_environment }}"
{%+ if item.tls_config == 'self_signed' +%}
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.tls=true"
{%+ endif +%}
{%+ endif +%}
networks:
- traefik
- default
restart: always
app: &defaultApp
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_php_name }}:{{ item.chill_image_tag }}
env_file:
- env_file.env
volumes:
- './config/prod:/var/www/app/config/packages/prod:ro'
- '/var/log/chill:/var/www/app/var/logs:rw'
- '{{ doc_storage_dir }}/{{ item['chill_environment'] }}:/var/storage:rw'
links:
- redis
- relatorio
- rabbitmq
{% if item.add_postgres -%}
- database
{%- endif %}
networks:
- default
restart: always
consumer:
<<: *defaultApp
entrypoint: "/usr/bin/env"
command:
- "/bin/bash"
- "-c"
- >
sleep 3 && bin/console cache:clear &&
while ! [ -f /tmp/kill_me ];
do
php -d memory_limit=2G bin/console messenger:consume priority async --limit=20 --time-limit=600 -v;
done;
pre_stop:
- command:
- "/bin/bash"
- "-c"
- "touch /tmp/kill_me && bin/console messenger:stop-workers"
cron:
<<: *defaultApp
entrypoint: "/usr/bin/env"
command: ["bin/console", "chill:cron-job:execute", "-v"]
restart: "no"
{% if item.add_postgres %}
database:
image: "{{ database_image }}"
env_file:
- postgres.env
volumes:
- ./docker/db/data:/var/lib/postgresql/data:rw
networks:
- default
restart: always
{% endif %}
###> chill-project/chill-bundles ###
redis:
image: redis
networks:
- default
restart: always
relatorio:
image: registry.gitlab.com/champs-libres/public/relatorio-tornado/app:latest
networks:
- default
restart: always
###< chill-project/chill-bundles ###
# sign-worker:
# image: h3m6q87t.gra7.container-registry.ovh.net/sign-pdf-worker/worker:latest
# environment:
# AMQP_URL: amqp://guest:guest@rabbitmq:5672/%2f/to_python_sign
# LOG_LEVEL: INFO
# PKCS12_PATH: /etc/sign-pdf/dummy.p12
# TIMESTAMP_URL: http://freetsa.org/tsr
# QUEUE_IN: to_python_sign
# EXCHANGE_OUT: signed_docs
# OUT_ROUTING_KEY: signed_doc
# TSA_CERT_CHAIN: /etc/sign-pdf/tsa/tsa-chain.pem
# TSA_CONFIG_PATH: /etc/sign-pdf/rootca.conf
# TSA_KEY_PASSWORD: "5678"
# volumes:
# - "./resources/dev-certificate/dummy.p12:/etc/sign-pdf/dummy.p12:ro"
# - "./resources/dev-certificate/rootca.conf:/etc/sign-pdf/rootca.conf:ro"
# - "./resources/dev-certificate/tsa:/etc/sign-pdf/tsa:ro"
# - "./resources/dev-certificate/tsa_serial:/var/lib/tsa/tsa_serial:rw"
# links:
# - rabbitmq
# depends_on:
# rabbitmq:
# condition: service_healthy
rabbitmq:
image: rabbitmq:3-management-alpine
env_file:
- rabbitmq.env
healthcheck:
test: rabbitmq-diagnostics -q ping
interval: 30s
timeout: 30s
retries: 3
networks:
- default
restart: always
networks:
traefik:
external: true
default:
Reference in New Issue View Git Blame Copy Permalink