services: # WHOOSH Backend API whoosh_backend: image: registry.home.deepblack.cloud/tony/whoosh-backend:latest build: context: ./backend dockerfile: Dockerfile.prod environment: - DATABASE_URL=postgresql://whoosh:whooshpass@postgres:5432/whoosh - REDIS_URL=redis://:whooshpass@redis:6379 - ENVIRONMENT=production - LOG_LEVEL=info - CORS_ORIGINS=${CORS_ORIGINS:-https://whoosh.home.deepblack.cloud} depends_on: - postgres - redis # No external ports - backend accessed only via frontend nginx proxy networks: - whoosh-network - tengig secrets: - github_token deploy: replicas: 1 restart_policy: condition: on-failure delay: 5s max_attempts: 3 resources: limits: memory: 512M reservations: memory: 256M placement: constraints: - node.hostname == walnut # WHOOSH Frontend whoosh_frontend: image: registry.home.deepblack.cloud/tony/whoosh-frontend:latest build: context: ./frontend dockerfile: Dockerfile.prod depends_on: - whoosh_backend ports: - "3001:8080" networks: - whoosh-network - tengig deploy: replicas: 1 restart_policy: condition: on-failure delay: 5s max_attempts: 3 resources: limits: memory: 256M reservations: memory: 128M placement: constraints: - node.hostname == walnut labels: - "traefik.enable=true" - "traefik.docker.network=tengig" # Frontend routes (catch-all with lower priority) - "traefik.http.routers.whoosh-frontend.rule=Host(`whoosh.home.deepblack.cloud`)" - "traefik.http.routers.whoosh-frontend.entrypoints=web,web-secured" - "traefik.http.routers.whoosh-frontend.tls.certresolver=letsencryptresolver" - "traefik.http.routers.whoosh-frontend.service=whoosh-frontend" - "traefik.http.routers.whoosh-frontend.priority=100" - "traefik.http.services.whoosh-frontend.loadbalancer.server.port=8080" - "traefik.http.services.whoosh-frontend.loadbalancer.passhostheader=true" # N8N Workflow Automation # n8n: # image: n8nio/n8n # volumes: # - /rust/containers/n8n/data:/home/node/.n8n # - /rust/containers/n8n/import:/home/node/import # environment: # - N8N_REDIS_HOST=redis # - N8N_REDIS_PORT=6379 # - N8N_REDIS_PASSWORD=whooshpass # - N8N_QUEUE_BULL_REDIS_HOST=redis # - N8N_QUEUE_BULL_REDIS_PORT=6379 # - N8N_QUEUE_BULL_REDIS_PASSWORD=whooshpass # networks: # - whoosh-network # - tengig # ports: # - 5678:5678 # deploy: # placement: # constraints: [] # - node.hostname == walnut # labels: # - "traefik.enable=true" # - "traefik.http.routers.n8n.rule=Host(`n8n.home.deepblack.cloud`)" # - "traefik.http.routers.n8n.entrypoints=web-secured" # - "traefik.http.routers.n8n.tls.certresolver=letsencryptresolver" # - "traefik.http.services.n8n.loadbalancer.server.port=5678" # - "traefik.http.services.n8n.loadbalancer.passhostheader=true" # - "traefik.docker.network=tengig" # PostgreSQL Database postgres: image: postgres:15 environment: - POSTGRES_DB=whoosh - POSTGRES_USER=whoosh - POSTGRES_PASSWORD=whooshpass - PGDATA=/var/lib/postgresql/data/pgdata volumes: - postgres_data:/var/lib/postgresql/data ports: - "5433:5432" networks: - whoosh-network deploy: replicas: 1 restart_policy: condition: on-failure delay: 10s max_attempts: 3 resources: limits: memory: 512M reservations: memory: 256M placement: constraints: - node.hostname == walnut # Redis Cache (Password Protected) redis: image: redis:7-alpine command: ["redis-server", "--requirepass", "whooshpass", "--appendonly", "yes", "--maxmemory", "256mb", "--maxmemory-policy", "allkeys-lru"] volumes: - redis_data:/data ports: - "6380:6379" networks: - whoosh-network deploy: replicas: 1 restart_policy: condition: on-failure delay: 5s max_attempts: 3 resources: limits: memory: 256M reservations: memory: 128M # Prometheus Metrics prometheus: image: prom/prometheus:latest command: - '--config.file=/etc/prometheus/prometheus.yml' - '--storage.tsdb.path=/prometheus' - '--web.console.libraries=/etc/prometheus/console_libraries' - '--web.console.templates=/etc/prometheus/consoles' - '--storage.tsdb.retention.time=30d' - '--web.enable-lifecycle' volumes: - prometheus_data:/prometheus ports: - "9091:9090" networks: - whoosh-network - tengig deploy: replicas: 1 restart_policy: condition: on-failure delay: 10s max_attempts: 3 resources: limits: memory: 512M reservations: memory: 256M placement: constraints: - node.hostname == walnut labels: - "traefik.enable=true" - "traefik.http.routers.whoosh-prometheus.rule=Host(`whoosh.home.deepblack.cloud`) && PathPrefix(`/prometheus`)" - "traefik.http.routers.whoosh-prometheus.entrypoints=web-secured" - "traefik.http.routers.whoosh-prometheus.tls.certresolver=letsencryptresolver" - "traefik.http.services.whoosh-prometheus.loadbalancer.server.port=9090" - "traefik.docker.network=tengig" # Grafana Dashboard grafana: image: grafana/grafana:latest environment: - GF_SECURITY_ADMIN_USER=admin - GF_SECURITY_ADMIN_PASSWORD=whooshadmin - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource - GF_SERVER_ROOT_URL=https://whoosh.home.deepblack.cloud/grafana - GF_SERVER_SERVE_FROM_SUB_PATH=true volumes: - grafana_data:/var/lib/grafana depends_on: - prometheus ports: - "3002:3000" networks: - whoosh-network - tengig deploy: replicas: 1 restart_policy: condition: on-failure delay: 10s max_attempts: 3 resources: limits: memory: 512M reservations: memory: 256M placement: constraints: - node.hostname == walnut labels: - "traefik.enable=true" - "traefik.http.routers.whoosh-grafana.rule=Host(`whoosh.home.deepblack.cloud`) && PathPrefix(`/grafana`)" - "traefik.http.routers.whoosh-grafana.entrypoints=web-secured" - "traefik.http.routers.whoosh-grafana.tls.certresolver=letsencryptresolver" - "traefik.http.services.whoosh-grafana.loadbalancer.server.port=3000" - "traefik.docker.network=tengig" networks: whoosh-network: driver: overlay attachable: true tengig: external: true volumes: postgres_data: redis_data: prometheus_data: grafana_data: secrets: github_token: external: true