evidencija-rezija/docker-stack/docker-compose-swarm.yml

# this compose file runs Postgres db and exposes it's port to the host machine
version: "3.7"

networks:
  traefik-network:
    name: "traefik-network"
    external: true
  util-bills-mongo-network:
    name: "util-bills-mongo-network"
    attachable: false
    external: false
    internal: true # bridge network, isolated from host and other networks

services:
  web-app:
    image: utility-bills-tracker:${IMAGE_VERSION}
    networks:
      - traefik-network
      - util-bills-mongo-network
    volumes:
      - ./web-app/etc/hosts/:/etc/hosts
    environment:
      MONGODB_URI: mongodb://rezije.app:w4z4piJBgCdAm4tpawqB@mongo:27017/utility-bills
      GOOGLE_ID: 355397364527-adjrokm6hromcaaar0qfhk050mfr35ou.apps.googleusercontent.com
      GOOGLE_SECRET: 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
      AUTH_SECRET: Gh0jQ35oq6DR8HkLR3heA8EaEDtxYN/xkP6blvukZ0w=
      LINKEDIN_ID: 776qlcsykl1rag
      LINKEDIN_SECRET: ugf61aJ2iyErLK40
      HOSTNAME: rezije.app # IP address at which the server will be listening (0.0.0.0 = listen on all addresses)
      NEXTAUTH_URL: https://rezije.app # URL next-auth will use while redirecting user during authentication (if not set - will use HOSTNAME)
      PORT: ${PORT:-80}
      # Share link security
      SHARE_LINK_SECRET: ef68362357315d5decb27d24ff9abdb4a02a3351cd2899f79bf238dce0fe08c5
      SHARE_TTL_INITIAL_DAYS: 10
      SHARE_TTL_AFTER_VISIT_HOURS: 1
      # Upload rate limiting
      UPLOAD_RATE_LIMIT_PER_IP: 5
      UPLOAD_RATE_LIMIT_WINDOW_MS: 3600000
    deploy:
      # u slucaju rušenja kontejnera čekamo 5s i dižemo novi kontejner => ako se i on sruši opet ceka 5s i pokusava ponovno (tako 5 puta)
      restart_policy:
        condition: any
        delay: 5s
        max_attempts: 0 # u slučaju rušenja containera pokušavaj ga pokrenuti dok ne uspije = BESKONAČNO
      labels:
        - traefik.enable=true
        - traefik.docker.network=traefik-network # mreže preko koje ide komunikacija sa Traefikom
        - traefik.http.services.web-app.loadbalancer.server.port=80
        - traefik.http.routers.web-app.entrypoints=http
        - traefik.http.routers.web-app.rule=Host(`${FQDN:-rezije.app}`)
  mongo:
    image: mongo:4.4.27
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: example
    volumes:
      - ./mongo-volume:/data/db
    networks:
      - util-bills-mongo-network
  mongo-express:
    image: mongo-express
    environment:
      ME_CONFIG_MONGODB_ADMINUSERNAME: root
      ME_CONFIG_MONGODB_ADMINPASSWORD: HjktJCPWMBtM1ACrDaw7
      ME_CONFIG_MONGODB_URL: mongodb://root:HjktJCPWMBtM1ACrDaw7@mongo:27017/
    networks:
      - traefik-network
      - util-bills-mongo-network
    deploy:
      # u slucaju rušenja kontejnera čekamo 5s i dižemo novi kontejner => ako se i on sruši opet ceka 5s i pokusava ponovno (tako 5 puta)
      restart_policy:
        condition: any
        delay: 5s
        max_attempts: 0 # u slučaju rušenja containera pokušavaj ga pokrenuti dok ne uspije = BESKONAČNO
      labels:
        - traefik.enable=true
        - traefik.docker.network=traefik-network # mreže preko koje ide komunikacija sa Traefikom
        - traefik.http.services.mongo-express.loadbalancer.server.port=8081
        - traefik.http.routers.mongo-express.entrypoints=http
        - traefik.http.routers.mongo-express.rule=Host(`mongo.rezije.app`)

  mailgun-webhook:
    image: registry.budakova.org/mailgun-webhook-service:${MAILGUN_WEBHOOK_VERSION:-latest}
    networks:
      - traefik-network
    environment:
      PORT: 3000
      PROMETHEUS_APP_LABEL: mailgun-webhook-service
      PROMETHEUS_HISTOGRAM_BUCKETS: 0.1,0.5,1,5,10
      DEBUG: server:*,app:*
    deploy:
      restart_policy:
        condition: any
        delay: 5s
        max_attempts: 0
      labels:
        - traefik.enable=true
        - traefik.docker.network=traefik-network
        - traefik.http.services.mailgun-webhook.loadbalancer.server.port=3000
        - traefik.http.routers.mailgun-webhook.entrypoints=http
        - traefik.http.routers.mailgun-webhook.rule=Host(`webhook.rezije.app`)