53 lines
2.0 KiB
YAML
53 lines
2.0 KiB
YAML
# Coolify-optimized Docker Compose
|
|
# Includes both app and database - database is only exposed internally
|
|
|
|
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:-wishlistuser}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-wishlistpassword}
|
|
POSTGRES_DB: ${POSTGRES_DB:-wishlist}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-wishlistuser} -d ${POSTGRES_DB:-wishlist}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
restart: unless-stopped
|
|
# NOTE: No ports exposed - only accessible internally by app service
|
|
|
|
app:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
environment:
|
|
# Coolify will inject these from Environment Variables
|
|
DATABASE_URL: postgresql://${POSTGRES_USER:-wishlistuser}:${POSTGRES_PASSWORD:-wishlistpassword}@db:5432/${POSTGRES_DB:-wishlist}
|
|
NODE_ENV: production
|
|
PORT: 3000
|
|
AUTH_SECRET: ${AUTH_SECRET}
|
|
AUTH_URL: ${AUTH_URL:-https://wish.rasmusq.com}
|
|
AUTH_TRUST_HOST: ${AUTH_TRUST_HOST:-true}
|
|
GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID:-}
|
|
GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET:-}
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
restart: unless-stopped
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.wishlist.rule=Host(`wish.rasmusq.com`)
|
|
- traefik.http.routers.wishlist.entryPoints=https
|
|
- traefik.http.routers.wishlist.tls=true
|
|
- traefik.http.routers.wishlist.tls.certresolver=letsencrypt
|
|
- traefik.http.services.wishlist.loadbalancer.server.port=3000
|
|
# Forward headers for Auth.js behind reverse proxy
|
|
- traefik.http.middlewares.wishlist-headers.headers.customrequestheaders.X-Forwarded-Proto=https
|
|
- traefik.http.middlewares.wishlist-headers.headers.customrequestheaders.X-Forwarded-Host=wish.rasmusq.com
|
|
- traefik.http.routers.wishlist.middlewares=wishlist-headers
|
|
|
|
volumes:
|
|
postgres_data:
|