services: cache: image: redis:7-alpine networks: - cache restart: unless-stopped volumes: - redis:/data db: # See also: https://www.postgresql.org/support/versioning/ # https://www.postgresql.org/developer/roadmap/ image: postgres:16-alpine environment: POSTGRES_DB: POSTGRES_DB_FILE: POSTGRES_PASSWORD: POSTGRES_PASSWORD_FILE: POSTGRES_USER: POSTGRES_USER_FILE: networks: - database restart: unless-stopped volumes: - pgdata_16:/var/lib/postgresql/data backend: image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest} command: ./celery.sh -l ${CELERY_LOG_LEVEL:-warning} depends_on: - cache - db networks: - cache - database - public volumes: - backend_ca_dir:/var/lib/django-ca/certs/ - shared_ca_dir:/var/lib/django-ca/certs/ca/shared/ - ocsp_key_dir:/var/lib/django-ca/certs/ocsp/ environment: DJANGO_CA_ALLOWED_HOSTS: DJANGO_CA_CA_DEFAULT_CA: DJANGO_CA_CA_DEFAULT_HOSTNAME: DJANGO_CA_CA_ENABLE_ACME: DJANGO_CA_CA_ENABLE_REST_API: DJANGO_CA_CA_URL_PATH: ${DJANGO_CA_CA_URL_PATH-django_ca/} DJANGO_CA_SECRET_KEY: DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/ca/shared/secret_key} DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose} POSTGRES_DB: POSTGRES_DB_FILE: POSTGRES_PASSWORD: POSTGRES_PASSWORD_FILE: POSTGRES_USER: POSTGRES_USER_FILE: WAIT_FOR_CONNECTIONS: 'db:5432' restart: unless-stopped stop_grace_period: 30s frontend: image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest} depends_on: - cache - db networks: - cache - database - frontend volumes: - static:/usr/share/django-ca/static/ - frontend_ca_dir:/var/lib/django-ca/certs/ - shared_ca_dir:/var/lib/django-ca/certs/ca/shared/ - ocsp_key_dir:/var/lib/django-ca/certs/ocsp/ - nginx_templates:/var/lib/django-ca/nginx/templates/ environment: DJANGO_CA_ALLOWED_HOSTS: DJANGO_CA_CA_DEFAULT_CA: DJANGO_CA_CA_DEFAULT_HOSTNAME: DJANGO_CA_CA_ENABLE_ACME: DJANGO_CA_CA_ENABLE_REST_API: DJANGO_CA_CA_URL_PATH: ${DJANGO_CA_CA_URL_PATH-django_ca/} DJANGO_CA_SECRET_KEY: DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/ca/shared/secret_key} DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose} # Instruct the startup script to copy nginx configuration template NGINX_TEMPLATE: ${NGINX_TEMPLATE:-default} POSTGRES_DB: POSTGRES_DB_FILE: POSTGRES_PASSWORD: POSTGRES_PASSWORD_FILE: POSTGRES_USER: POSTGRES_USER_FILE: WAIT_FOR_CONNECTIONS: 'db:5432' restart: unless-stopped healthcheck: test: ["CMD", "/usr/src/django-ca/ca/uwsgi-health.py"] timeout: 3s start_period: 25s interval: 10s stop_signal: SIGINT webserver: image: nginx:1.24-alpine depends_on: frontend: condition: service_healthy environment: NGINX_HOST: ${DJANGO_CA_CA_DEFAULT_HOSTNAME:-localhost} NGINX_PORT: ${NGINX_PORT:-80} NGINX_HTTPS_PORT: ${NGINX_HTTPS_PORT:-443} NGINX_PRIVATE_KEY: NGINX_PUBLIC_KEY: DJANGO_CA_CA_URL_PATH: ${DJANGO_CA_CA_URL_PATH-django_ca/} ports: - 80:80 networks: - frontend - public volumes: - nginx_templates:/etc/nginx/templates/ - static:/usr/share/nginx/html/static/ volumes: shared: static: backend_ca_dir: frontend_ca_dir: shared_ca_dir: ocsp_key_dir: nginx_templates: pgdata_16: redis: networks: public: frontend: internal: true cache: internal: true database: internal: true