--- services: sexy: image: dev.pivoine.art/valknar/sexy:latest container_name: sexy user: node working_dir: /home/node/app/packages/frontend command: ["node", "build/index.js"] environment: TZ: ${TIMEZONE:-Europe/Amsterdam} NODE_ENV: production PUBLIC_API_URL: https://${TRAEFIK_HOST}/api PUBLIC_URL: https://${TRAEFIK_HOST} PUBLIC_UMAMI_ID: ${UMAMI_ID} PUBLIC_UMAMI_SCRIPT: ${UMAMI_SCRIPT} restart: always labels: - "traefik.enable=true" - "traefik.http.middlewares.sexy-redirect-web-secure.redirectscheme.scheme=https" - "traefik.http.routers.sexy-web.middlewares=sexy-redirect-web-secure" - "traefik.http.routers.sexy-web.rule=Host(`${TRAEFIK_HOST}`)" - "traefik.http.routers.sexy-web.entrypoints=web" - "traefik.http.routers.sexy-web-secure.rule=Host(`${TRAEFIK_HOST}`)" - "traefik.http.routers.sexy-web-secure.tls.certresolver=resolver" - "traefik.http.routers.sexy-web-secure.entrypoints=web-secure" - "traefik.http.middlewares.sexy-compress.compress=true" - "traefik.http.routers.sexy-web-secure.middlewares=sexy-compress" - "traefik.http.services.sexy-web-secure.loadbalancer.server.port=3000" - "traefik.docker.network=${NETWORK_NAME}" - "com.centurylinklabs.watchtower.enable=true" networks: - compose_network backend: image: dev.pivoine.art/valknar/sexy-backend:latest container_name: sexy_backend environment: TZ: ${TIMEZONE:-Europe/Amsterdam} NODE_ENV: production PORT: 4000 DATABASE_URL: postgresql://${DB_USER:-sexy}:${DB_PASSWORD:-sexy}@sexy_db:5432/${DB_NAME:-sexy} REDIS_URL: redis://sexy_redis:6379 UPLOAD_DIR: /data/uploads CORS_ORIGIN: https://${TRAEFIK_HOST} COOKIE_SECRET: ${COOKIE_SECRET} SESSION_COOKIE_SECURE: "true" SESSION_COOKIE_SAME_SITE: strict SESSION_COOKIE_DOMAIN: ${TRAEFIK_HOST} PUBLIC_URL: https://${TRAEFIK_HOST} SMTP_HOST: ${SMTP_HOST:-mailpit} SMTP_PORT: ${SMTP_PORT:-1025} SMTP_SECURE: ${SMTP_SECURE:-false} SMTP_USER: ${SMTP_USER:-} SMTP_PASS: ${SMTP_PASS:-} EMAIL_FROM: ${EMAIL_FROM:-noreply@sexy.pivoine.art} volumes: - ../.data/sexy/uploads:/data/uploads depends_on: db: condition: service_healthy redis: condition: service_healthy restart: always labels: - "traefik.enable=true" - "traefik.http.middlewares.sexy-backend-redirect-web-secure.redirectscheme.scheme=https" - "traefik.http.routers.sexy-backend-web.middlewares=sexy-backend-redirect-web-secure" - "traefik.http.routers.sexy-backend-web.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)" - "traefik.http.routers.sexy-backend-web.entrypoints=web" - "traefik.http.routers.sexy-backend-web-secure.rule=Host(`${TRAEFIK_HOST}`) && PathPrefix(`/api`)" - "traefik.http.routers.sexy-backend-web-secure.tls.certresolver=resolver" - "traefik.http.routers.sexy-backend-web-secure.entrypoints=web-secure" - "traefik.http.middlewares.sexy-backend-strip.stripprefix.prefixes=/api" - "traefik.http.middlewares.sexy-backend-compress.compress=true" - "traefik.http.routers.sexy-backend-web-secure.middlewares=sexy-backend-strip,sexy-backend-compress" - "traefik.http.services.sexy-backend-web-secure.loadbalancer.server.port=4000" - "traefik.docker.network=${NETWORK_NAME}" - "com.centurylinklabs.watchtower.enable=true" networks: - compose_network redis: image: redis:7-alpine container_name: sexy_redis restart: always healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] interval: 5s timeout: 5s retries: 5 networks: - compose_network db: image: postgres:16-alpine container_name: sexy_db environment: POSTGRES_DB: ${DB_NAME:-sexy} POSTGRES_USER: ${DB_USER:-sexy} POSTGRES_PASSWORD: ${DB_PASSWORD:-sexy} volumes: - ../.data/sexy/db:/var/lib/postgresql/data restart: always healthcheck: test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"] interval: 5s timeout: 5s retries: 5 networks: - compose_network networks: compose_network: name: ${NETWORK_NAME} external: true