CadeiaDominial/docker-compose.yml at main · transistir/CadeiaDominial · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
version: '3.8'

services:
  # Banco de dados PostgreSQL
  db:
    image: postgres:15
    container_name: cadeia_dominial_db
    environment:
      POSTGRES_DB: ${DB_NAME:-cadeia_dominial}
      POSTGRES_USER: ${DB_USER:-cadeia_user}
      POSTGRES_PASSWORD: ${DB_PASSWORD:-sua_senha_segura_aqui}
    volumes:
      - postgres_data:/var/lib/postgresql/data
      - ./scripts/init-db.sql:/docker-entrypoint-initdb.d/init-db.sql
    # ports:
    #   - "5432:5432"  # REMOVIDO POR SEGURANÇA - BLOQUEIA ACESSO EXTERNO AO BANCO
    networks:
      - cadeia_network
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-cadeia_user} -d ${DB_NAME:-cadeia_dominial}"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Aplicação Django
  web:
    build: .
    container_name: cadeia_dominial_web
    environment:
      - DEBUG=${DEBUG:-False}
      - SECRET_KEY=${SECRET_KEY}
      - DB_NAME=${DB_NAME:-cadeia_dominial}
      - DB_USER=${DB_USER:-cadeia_user}
      - DB_PASSWORD=${DB_PASSWORD:-sua_senha_segura_aqui}
      - DB_HOST=db
      - DB_PORT=5432
      - ALLOWED_HOSTS=${ALLOWED_HOSTS:-localhost,127.0.0.1}
      - DJANGO_SETTINGS_MODULE=cadeia_dominial.settings_prod
      - ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
      - ADMIN_EMAIL=${ADMIN_EMAIL:-admin@cadeiadominial.com.br}
      - ADMIN_PASSWORD=${ADMIN_PASSWORD}
    volumes:
      - ./staticfiles:/app/staticfiles
      - ./media:/app/media
    depends_on:
      db:
        condition: service_healthy
    networks:
      - cadeia_network
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/admin/"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s

  # Nginx com SSL automático plug-and-play
  nginx:
    build:
      context: ./nginx
      dockerfile: Dockerfile
    container_name: cadeia_dominial_nginx
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./staticfiles:/var/www/static:ro
      - ./media:/var/www/media:ro
      - ssl_certs:/etc/letsencrypt
      - ssl_www:/var/www/certbot
    depends_on:
      web:
        condition: service_healthy
    networks:
      - cadeia_network
    restart: unless-stopped
    environment:
      - DOMAIN_NAME=${DOMAIN_NAME:-localhost}
      - CERTBOT_EMAIL=${CERTBOT_EMAIL:-admin@localhost}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost/health"]
      interval: 30s
      timeout: 10s
      retries: 3

volumes:
  postgres_data:
  ssl_certs:
  ssl_www:

networks:
  cadeia_network:
    driver: bridge