soroush.asadi
8f5d926d42
Audited against working Meezi/DrSousan pipelines. Fixes:
- Single docker-compose.yml is the production stack (api + internal db); folded in docker-compose.prod.yml; dev Postgres → docker-compose.dev.yml
- Dockerfile HEALTHCHECK (bash /dev/tcp) so deploy's docker-inspect Health.Status wait works
- Naming to convention: service api, container hamkadr_api/hamkadr_db, image mirror.soroushasadi.com/hamkadr/api:${API_TAG}
- Workflow rewritten to DrSousan pattern: ci build + deploy (rollback-tag before build, pg_dump backup, stop/rm/up, docker-inspect health-wait with crash detection, scoped image prune)
- environment: block with ${VAR:-default} substitution (no hard-failing env_file); HOST_PORT; .env excluded from image context
- nginx vhost + DEPLOY.md updated to match
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
57 lines
2.5 KiB
YAML
57 lines
2.5 KiB
YAML
# Production compose for hamkadr.ir — the Gitea deploy job uses THIS file directly
|
|
# (docker compose build api / up -d --no-deps api). Local dev DB → docker-compose.dev.yml.
|
|
# nginx (host) terminates TLS for hamkadr.ir and reverse-proxies to 127.0.0.1:${HOST_PORT}.
|
|
name: hamkadr # locked so redeploys reuse the same named volume (no orphaned data)
|
|
|
|
services:
|
|
|
|
# ── .NET 10 Razor Pages app ──────────────────────────────────────────────────
|
|
api:
|
|
image: mirror.soroushasadi.com/hamkadr/api:${API_TAG:-latest}
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
container_name: hamkadr_api
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
ports:
|
|
- "127.0.0.1:${HOST_PORT:-8090}:8080" # localhost-only; nginx proxies hamkadr.ir → here
|
|
environment:
|
|
ASPNETCORE_ENVIRONMENT: "Production"
|
|
ASPNETCORE_URLS: "http://+:8080"
|
|
ConnectionStrings__Default: "Host=db;Port=5432;Database=${POSTGRES_DB:-hamkadr};Username=${POSTGRES_USER:-hamkadr};Password=${POSTGRES_PASSWORD}"
|
|
Auth__AdminPhone: "${ADMIN_PHONE:-}"
|
|
# Channel scraping (optional; enable + configure via ENV_FILE)
|
|
Ingestion__Enabled: "${INGESTION_ENABLED:-false}"
|
|
Ingestion__IntervalMinutes: "${INGESTION_INTERVAL_MINUTES:-30}"
|
|
Ingestion__Telegram__Enabled: "${TELEGRAM_ENABLED:-false}"
|
|
Ingestion__Telegram__BotToken: "${TELEGRAM_BOT_TOKEN:-}"
|
|
Ingestion__Bale__Enabled: "${BALE_ENABLED:-false}"
|
|
Ingestion__Bale__BotToken: "${BALE_BOT_TOKEN:-}"
|
|
Ingestion__Divar__Enabled: "${DIVAR_ENABLED:-false}"
|
|
# healthcheck is defined in the Dockerfile (bash /dev/tcp probe) so the deploy
|
|
# job's `docker inspect Health.Status` wait works.
|
|
|
|
# ── PostgreSQL (internal only — never published) ─────────────────────────────
|
|
db:
|
|
image: mirror.soroushasadi.com/postgres:16-alpine
|
|
container_name: hamkadr_db
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB:-hamkadr}
|
|
POSTGRES_USER: ${POSTGRES_USER:-hamkadr}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- hamkadr_db_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-hamkadr} -d ${POSTGRES_DB:-hamkadr}"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 20
|
|
|
|
volumes:
|
|
hamkadr_db_data:
|
|
name: hamkadr_db_data
|