271 lines
8.1 KiB
YAML
271 lines
8.1 KiB
YAML
services:
|
|
# Hive Backend API
|
|
hive-backend:
|
|
image: registry.home.deepblack.cloud/tony/hive-backend:latest
|
|
build:
|
|
context: ./backend
|
|
dockerfile: Dockerfile
|
|
environment:
|
|
- DATABASE_URL=postgresql://hive:hivepass@postgres:5432/hive
|
|
- REDIS_URL=redis://:hivepass@redis:6379
|
|
- ENVIRONMENT=production
|
|
- LOG_LEVEL=info
|
|
- CORS_ORIGINS=${CORS_ORIGINS:-https://hive.home.deepblack.cloud}
|
|
depends_on:
|
|
- postgres
|
|
- redis
|
|
ports:
|
|
- "8087:8000"
|
|
networks:
|
|
- hive-network
|
|
- tengig
|
|
secrets:
|
|
- github_token
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 5s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
placement:
|
|
constraints:
|
|
- node.hostname == walnut
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
# API routes
|
|
- "traefik.http.routers.hive-api.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/api`)"
|
|
- "traefik.http.routers.hive-api.entrypoints=web,web-secured"
|
|
- "traefik.http.routers.hive-api.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.routers.hive-api.service=hive-api"
|
|
- "traefik.http.routers.hive-api.priority=200"
|
|
- "traefik.http.services.hive-api.loadbalancer.server.port=8000"
|
|
- "traefik.http.services.hive-api.loadbalancer.passhostheader=true"
|
|
# Socket.IO routes
|
|
- "traefik.http.routers.hive-socketio.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/socket.io`)"
|
|
- "traefik.http.routers.hive-socketio.entrypoints=web,web-secured"
|
|
- "traefik.http.routers.hive-socketio.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.routers.hive-socketio.service=hive-socketio"
|
|
- "traefik.http.routers.hive-socketio.priority=200"
|
|
- "traefik.http.services.hive-socketio.loadbalancer.server.port=8000"
|
|
- "traefik.http.services.hive-socketio.loadbalancer.passhostheader=true"
|
|
|
|
# Hive Frontend
|
|
hive-frontend:
|
|
image: registry.home.deepblack.cloud/tony/hive-frontend:latest
|
|
build:
|
|
context: ./frontend
|
|
dockerfile: Dockerfile
|
|
depends_on:
|
|
- hive-backend
|
|
ports:
|
|
- "3001:3000"
|
|
networks:
|
|
- hive-network
|
|
- tengig
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 5s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 256M
|
|
reservations:
|
|
memory: 128M
|
|
placement:
|
|
constraints:
|
|
- node.hostname == walnut
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
# Frontend routes (catch-all with lower priority)
|
|
- "traefik.http.routers.hive-frontend.rule=Host(`hive.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.hive-frontend.entrypoints=web,web-secured"
|
|
- "traefik.http.routers.hive-frontend.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.routers.hive-frontend.service=hive-frontend"
|
|
- "traefik.http.routers.hive-frontend.priority=100"
|
|
- "traefik.http.services.hive-frontend.loadbalancer.server.port=3000"
|
|
- "traefik.http.services.hive-frontend.loadbalancer.passhostheader=true"
|
|
|
|
# N8N Workflow Automation
|
|
# n8n:
|
|
# image: n8nio/n8n
|
|
# volumes:
|
|
# - /rust/containers/n8n/data:/home/node/.n8n
|
|
# - /rust/containers/n8n/import:/home/node/import
|
|
# environment:
|
|
# - N8N_REDIS_HOST=redis
|
|
# - N8N_REDIS_PORT=6379
|
|
# - N8N_REDIS_PASSWORD=hivepass
|
|
# - N8N_QUEUE_BULL_REDIS_HOST=redis
|
|
# - N8N_QUEUE_BULL_REDIS_PORT=6379
|
|
# - N8N_QUEUE_BULL_REDIS_PASSWORD=hivepass
|
|
# networks:
|
|
# - hive-network
|
|
# - tengig
|
|
# ports:
|
|
# - 5678:5678
|
|
# deploy:
|
|
# placement:
|
|
# constraints: []
|
|
# - node.hostname == walnut
|
|
# labels:
|
|
# - "traefik.enable=true"
|
|
# - "traefik.http.routers.n8n.rule=Host(`n8n.home.deepblack.cloud`)"
|
|
# - "traefik.http.routers.n8n.entrypoints=web-secured"
|
|
# - "traefik.http.routers.n8n.tls.certresolver=letsencryptresolver"
|
|
# - "traefik.http.services.n8n.loadbalancer.server.port=5678"
|
|
# - "traefik.http.services.n8n.loadbalancer.passhostheader=true"
|
|
# - "traefik.docker.network=tengig"
|
|
|
|
# PostgreSQL Database
|
|
postgres:
|
|
image: postgres:15
|
|
environment:
|
|
- POSTGRES_DB=hive
|
|
- POSTGRES_USER=hive
|
|
- POSTGRES_PASSWORD=hivepass
|
|
- PGDATA=/var/lib/postgresql/data/pgdata
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
ports:
|
|
- "5433:5432"
|
|
networks:
|
|
- hive-network
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 10s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
placement:
|
|
constraints: []
|
|
|
|
# Redis Cache (Password Protected)
|
|
redis:
|
|
image: redis:7-alpine
|
|
command: ["redis-server", "--requirepass", "hivepass", "--appendonly", "yes", "--maxmemory", "256mb", "--maxmemory-policy", "allkeys-lru"]
|
|
volumes:
|
|
- redis_data:/data
|
|
ports:
|
|
- "6380:6379"
|
|
networks:
|
|
- hive-network
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 5s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 256M
|
|
reservations:
|
|
memory: 128M
|
|
|
|
# Prometheus Metrics
|
|
prometheus:
|
|
image: prom/prometheus:latest
|
|
command:
|
|
- '--config.file=/etc/prometheus/prometheus.yml'
|
|
- '--storage.tsdb.path=/prometheus'
|
|
- '--web.console.libraries=/etc/prometheus/console_libraries'
|
|
- '--web.console.templates=/etc/prometheus/consoles'
|
|
- '--storage.tsdb.retention.time=30d'
|
|
- '--web.enable-lifecycle'
|
|
volumes:
|
|
- prometheus_data:/prometheus
|
|
ports:
|
|
- "9091:9090"
|
|
networks:
|
|
- hive-network
|
|
- tengig
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 10s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
placement:
|
|
constraints: []
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.hive-prometheus.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/prometheus`)"
|
|
- "traefik.http.routers.hive-prometheus.entrypoints=web-secured"
|
|
- "traefik.http.routers.hive-prometheus.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.hive-prometheus.loadbalancer.server.port=9090"
|
|
- "traefik.docker.network=tengig"
|
|
|
|
# Grafana Dashboard
|
|
grafana:
|
|
image: grafana/grafana:latest
|
|
environment:
|
|
- GF_SECURITY_ADMIN_USER=admin
|
|
- GF_SECURITY_ADMIN_PASSWORD=hiveadmin
|
|
- GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
|
|
- GF_SERVER_ROOT_URL=https://hive.home.deepblack.cloud/grafana
|
|
- GF_SERVER_SERVE_FROM_SUB_PATH=true
|
|
volumes:
|
|
- grafana_data:/var/lib/grafana
|
|
depends_on:
|
|
- prometheus
|
|
ports:
|
|
- "3002:3000"
|
|
networks:
|
|
- hive-network
|
|
- tengig
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 10s
|
|
max_attempts: 3
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
placement:
|
|
constraints: []
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.hive-grafana.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/grafana`)"
|
|
- "traefik.http.routers.hive-grafana.entrypoints=web-secured"
|
|
- "traefik.http.routers.hive-grafana.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.hive-grafana.loadbalancer.server.port=3000"
|
|
- "traefik.docker.network=tengig"
|
|
|
|
networks:
|
|
hive-network:
|
|
driver: overlay
|
|
attachable: true
|
|
tengig:
|
|
external: true
|
|
|
|
volumes:
|
|
postgres_data:
|
|
redis_data:
|
|
prometheus_data:
|
|
grafana_data:
|
|
|
|
secrets:
|
|
github_token:
|
|
external: true
|