version: '3.8'
services:
voirs:
build:
context: .
dockerfile: Dockerfile
args:
- RUST_VERSION=1.70
image: voirs:prod
container_name: voirs-prod
restart: always
environment:
- RUST_LOG=warn
- VOIRS_ENV=production
deploy:
resources:
limits:
cpus: '2.0'
memory: 4G
reservations:
cpus: '1.0'
memory: 2G
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
security_opt:
- no-new-privileges:true
read_only: true
tmpfs:
- /tmp:rw,size=100m,mode=1777
volumes:
- ./models:/app/models:ro
- ./data:/app/data:rw
- ./config:/app/config:ro
- /tmp:/tmp:rw
redis:
image: redis:7-alpine
container_name: voirs-redis-prod
restart: always
command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD}
environment:
- REDIS_PASSWORD=${REDIS_PASSWORD}
volumes:
- redis-prod-data:/data
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.25'
memory: 256M
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
postgres:
image: postgres:15-alpine
container_name: voirs-postgres-prod
restart: always
environment:
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
volumes:
- postgres-prod-data:/var/lib/postgresql/data
deploy:
resources:
limits:
cpus: '1.0'
memory: 2G
reservations:
cpus: '0.5'
memory: 1G
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
nginx:
image: nginx:alpine
container_name: voirs-nginx-prod
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./docker/nginx/ssl:/etc/nginx/ssl:ro
- ./docker/nginx/logs:/var/log/nginx
depends_on:
- voirs
deploy:
resources:
limits:
cpus: '0.5'
memory: 256M
reservations:
cpus: '0.25'
memory: 128M
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
volumes:
redis-prod-data:
postgres-prod-data: