jack/PocketVeto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d6ebbf75d05947db1286e1db937d9c9db781d146
PocketVeto/docker-compose.yml
Jack Levy 8911351c99 fix: DB password — read from secrets file, bypasses Docker Compose interpolation 
- Add secrets/db_password file support to docker-compose.yml (Docker secrets mount)
- config.py reads POSTGRES_PASSWORD_FILE if set, builds DATABASE_URL with proper URL encoding
- Remove inline DATABASE_URL construction from docker-compose.yml (was subject to $VAR interpolation)
- Any password with any characters now works — no escaping needed

Authored by: Jack Levy
2026-03-15 17:31:09 -04:00

123 lines
2.7 KiB
YAML
Raw Blame History

services:
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: ${POSTGRES_USER:-congress}
POSTGRES_DB: ${POSTGRES_DB:-pocketveto}
POSTGRES_PASSWORD_FILE: /run/secrets/db_password
secrets:
- db_password
volumes:
- ./postgres/data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-congress} -d ${POSTGRES_DB:-pocketveto}"]
interval: 5s
timeout: 5s
retries: 10
networks:
- app_network
redis:
image: redis:7-alpine
volumes:
- ./redis/data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 3s
retries: 10
networks:
- app_network
api:
build:
context: ./backend
dockerfile: Dockerfile
command: >
sh -c "alembic upgrade head &&
uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload"
env_file: .env
environment:
- POSTGRES_HOST=postgres
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- REDIS_URL=redis://redis:6379/0
secrets:
- db_password
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- app_network
worker:
build:
context: ./backend
dockerfile: Dockerfile
command: celery -A app.workers.celery_app worker --loglevel=info --concurrency=4 -Q polling,documents,llm,news
env_file: .env
environment:
- POSTGRES_HOST=postgres
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- REDIS_URL=redis://redis:6379/0
secrets:
- db_password
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- app_network
beat:
build:
context: ./backend
dockerfile: Dockerfile
command: celery -A app.workers.celery_app beat --loglevel=info --scheduler=redbeat.RedBeatScheduler
env_file: .env
environment:
- POSTGRES_HOST=postgres
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- REDIS_URL=redis://redis:6379/0
secrets:
- db_password
depends_on:
redis:
condition: service_healthy
networks:
- app_network
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
environment:
- NODE_ENV=production
depends_on:
- api
networks:
- app_network
nginx:
image: nginx:alpine
ports:
- "80:80"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
depends_on:
- api
- frontend
restart: unless-stopped
networks:
- app_network
networks:
app_network:
driver: bridge
secrets:
db_password:
file: ./secrets/db_password
Reference in New Issue View Git Blame Copy Permalink