Add traefik labels
This commit is contained in:
39
compose.yaml
39
compose.yaml
@@ -1,33 +1,5 @@
|
|||||||
# Production compose stack for hamprint.
|
# Production compose stack for hamprint.
|
||||||
#
|
#
|
||||||
# What changed from the previous bind-mount / pip-at-runtime version:
|
|
||||||
# - `web` is now BUILT from the Containerfile in this repo. Everything
|
|
||||||
# (Python deps, the Tailwind CLI binary, the built CSS, collectstatic
|
|
||||||
# output) bakes into the image; nothing is installed at container start.
|
|
||||||
# - No host source bind-mount: the container ships its own /app. Code
|
|
||||||
# changes require a `podman-compose up -d --build web`.
|
|
||||||
# - `DJANGO_SETTINGS_MODULE=hamprint.settings.prod` (DEBUG off, secure
|
|
||||||
# cookies, HSTS). DEBUG=True traffic should run from the host venv,
|
|
||||||
# not from this stack.
|
|
||||||
# - Uploaded STLs persist in a named `media` volume so they survive
|
|
||||||
# `podman-compose down` / image rebuilds. Drop with `down -v`.
|
|
||||||
#
|
|
||||||
# Bring it up: podman-compose up -d --build
|
|
||||||
# Rebuild only web: podman-compose up -d --build web
|
|
||||||
# Logs: podman-compose logs -f web
|
|
||||||
# Tear down: podman-compose down # keeps pgdata + media
|
|
||||||
# podman-compose down -v # nukes both volumes too
|
|
||||||
#
|
|
||||||
# `.env` keys you'll want set (see `.env.example` for the full list):
|
|
||||||
# SECRET_KEY - long random string
|
|
||||||
# ALLOWED_HOSTS - e.g. "print.hamlab.lt,localhost"
|
|
||||||
# SITE_URL - e.g. "https://print.hamlab.lt" (for emails)
|
|
||||||
# POSTGRES_DB / _USER / _PASSWORD
|
|
||||||
# MAILTRAP_API_TOKEN (+ MAILTRAP_TEST_INBOX_ID for sandbox)
|
|
||||||
# GOOGLE_CLIENT_ID / _SECRET (optional; only if Google sign-in is wanted)
|
|
||||||
#
|
|
||||||
# TLS termination is the upstream proxy's job -- the `web` container speaks
|
|
||||||
# plain HTTP on its mapped host port (default 8000).
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
db:
|
db:
|
||||||
@@ -59,6 +31,17 @@ services:
|
|||||||
- "8000:8000"
|
- "8000:8000"
|
||||||
volumes:
|
volumes:
|
||||||
- media:/app/media
|
- media:/app/media
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.hamprint.rule: "Host(`print.hamlab.lt`)"
|
||||||
|
traefik.http.middlewares.hamprint-https-redirect.redirectscheme.scheme: "https"
|
||||||
|
traefik.http.routers.hamprint.middlewares: "hamprint-https-redirect"
|
||||||
|
traefik.http.routers.hamprint-secure.entrypoints: "https"
|
||||||
|
traefik.http.routers.hamprint-secure.rule: "Host(`print.hamlab.lt`)"
|
||||||
|
traefik.http.routers.hamprint-secure.tls: "true"
|
||||||
|
traefik.http.routers.hamprint-secure.tls.certresolver: "lets-encrypt"
|
||||||
|
traefik.http.services.hamprint.loadbalancer.server.port: "8000"
|
||||||
|
|
||||||
depends_on:
|
depends_on:
|
||||||
db:
|
db:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
|
|||||||
Reference in New Issue
Block a user