Last active
January 1, 2024 11:28
-
-
Save edvard-rgb/3eefdfcf6725ef767998fbbca9755448 to your computer and use it in GitHub Desktop.
Saleor platform using docker-compose, Traefik, NginX
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DATABASE_URL=postgres://saleor:password@db/saleor | |
| DEFAULT_FROM_EMAIL=noreply@domain.com | |
| CELERY_BROKER_URL=redis://redis:6379/1 | |
| JAEGER_AGENT_HOST=jaeger | |
| SECRET_KEY=secret_key | |
| API_URI=https://saleor-api.domain.com/graphql/ | |
| ALLOWED_HOSTS=saleor-api.domain.com,saleor-mail.domain.com,saleor-store.domain.com,saleor-admin.domain.com,saleor-jaeger.domain.com | |
| ALLOWED_CLIENT_HOSTS=saleor-api.domain.com,saleor-mail.domain.com,saleor-store.domain.com,saleor-admin.domain.com,saleor-jaeger.domain.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2.1' | |
| services: | |
| api: | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.saleor-api.entrypoints: https | |
| traefik.http.routers.saleor-api.rule: Host(`saleor-api.domain.com`) | |
| traefik.http.routers.saleor-api.service: saleor-api | |
| traefik.http.services.saleor-api.loadbalancer.server.port: 8000 | |
| traefik.docker.network: web | |
| networks: | |
| web: | |
| storefront: | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.saleor-store.entrypoints: https | |
| traefik.http.routers.saleor-store.rule: Host(`saleor-store.domain.com`) | |
| traefik.http.routers.saleor-store.service: saleor-store | |
| traefik.http.services.saleor-store.loadbalancer.server.port: 80 | |
| traefik.docker.network: web | |
| networks: | |
| web: | |
| dashboard: | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.saleor-admin.entrypoints: https | |
| traefik.http.routers.saleor-admin.rule: Host(`saleor-admin.domain.com`) | |
| traefik.http.routers.saleor-admin.service: saleor-admin | |
| traefik.http.services.saleor-admin.loadbalancer.server.port: 80 | |
| traefik.docker.network: web | |
| networks: | |
| web: | |
| jaeger: | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.saleor-jaeger.entrypoints: https | |
| traefik.http.routers.saleor-jaeger.rule: Host(`saleor-jaeger.domain.com`) | |
| traefik.http.routers.saleor-jaeger.service: saleor-jaeger | |
| traefik.http.services.saleor-jaeger.loadbalancer.server.port: 16686 | |
| traefik.docker.network: web | |
| networks: | |
| web: | |
| mailhog: | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.saleor-mail.entrypoints: https | |
| traefik.http.routers.saleor-mail.rule: Host(`saleor-mail.domain.com`) | |
| traefik.http.routers.saleor-mail.service: saleor-mail | |
| traefik.http.services.saleor-mail.loadbalancer.server.port: 8025 | |
| traefik.docker.network: web | |
| networks: | |
| web: | |
| db: | |
| labels: | |
| traefik.enable: false | |
| redis: | |
| labels: | |
| traefik.enable: false | |
| worker: | |
| labels: | |
| traefik.enable: false | |
| networks: | |
| web: | |
| external: | |
| name: web |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2.1' | |
| services: | |
| api: | |
| ports: | |
| - 8000:8000 | |
| build: | |
| context: ./saleor | |
| dockerfile: ./Dockerfile | |
| args: | |
| STATIC_URL: '/static/' | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| depends_on: | |
| - db | |
| - redis | |
| - jaeger | |
| volumes: | |
| - ./saleor/saleor/:/app/saleor:Z | |
| - ./saleor/templates/:/app/templates:Z | |
| - ./saleor/tests/:/app/tests | |
| # shared volume between worker and api for media | |
| - saleor-media:/app/media | |
| command: python manage.py runserver 0.0.0.0:8000 | |
| env_file: common.env | |
| environment: | |
| - JAEGER_AGENT_HOST=jaeger | |
| - STOREFRONT_URL=https://saleor-store.domain.com/ | |
| - DASHBOARD_URL=https://saleor-admin.domain.com/ | |
| storefront: | |
| build: | |
| context: ./saleor-storefront | |
| dockerfile: ./Dockerfile | |
| ports: | |
| - 3000:3000 | |
| restart: unless-stopped | |
| volumes: | |
| - ./saleor-storefront/:/app:cached | |
| - /app/node_modules/ | |
| environment: | |
| - API_URI=https://saleor-api.domain.com/graphql/ | |
| - ALLOWED_CLIENT_HOSTS=domain.com | |
| - ALLOWED_HOSTS=domain.com | |
| dashboard: | |
| build: | |
| context: ./saleor-dashboard | |
| dockerfile: ./Dockerfile | |
| ports: | |
| - 9000:9000 | |
| restart: unless-stopped | |
| volumes: | |
| - ./saleor-dashboard/:/app:cached | |
| - /app/node_modules/ | |
| environment: | |
| - API_URI=https://saleor-api.domain.com/graphql/ | |
| - ALLOWED_CLIENT_HOSTS=domain.com | |
| - ALLOWED_HOSTS=domain.com | |
| db: | |
| image: library/postgres:11.1-alpine | |
| ports: | |
| - 5432:5432 | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| volumes: | |
| - saleor-db:/var/lib/postgresql/data | |
| environment: | |
| - POSTGRES_USER=saleor | |
| - POSTGRES_PASSWORD=password | |
| redis: | |
| image: library/redis:5.0-alpine | |
| ports: | |
| - 6379:6379 | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| volumes: | |
| - saleor-redis:/data | |
| worker: | |
| build: | |
| context: ./saleor | |
| dockerfile: ./Dockerfile | |
| args: | |
| STATIC_URL: '/static/' | |
| command: celery -A saleor --app=saleor.celeryconf:app worker --loglevel=info | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| env_file: common.env | |
| depends_on: | |
| - redis | |
| - mailhog | |
| volumes: | |
| - ./saleor/saleor/:/app/saleor:Z,cached | |
| - ./saleor/templates/:/app/templates:Z,cached | |
| # shared volume between worker and api for media | |
| - saleor-media:/app/media | |
| environment: | |
| - EMAIL_URL=smtp://mailhog:1025 | |
| jaeger: | |
| image: jaegertracing/all-in-one | |
| ports: | |
| - "5775:5775/udp" | |
| - "6831:6831/udp" | |
| - "6832:6832/udp" | |
| - "5778:5778" | |
| - "16686:16686" | |
| - "14268:14268" | |
| - "9411:9411" | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| mailhog: | |
| image: mailhog/mailhog | |
| ports: | |
| - 1025:1025 # smtp server | |
| - 8025:8025 # web ui. Visit http://localhost:8025/ to check emails | |
| restart: unless-stopped | |
| networks: | |
| - saleor-backend-tier | |
| volumes: | |
| saleor-db: | |
| driver: local | |
| saleor-redis: | |
| driver: local | |
| saleor-media: | |
| networks: | |
| saleor-backend-tier: | |
| driver: bridge |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM node:10 as builder | |
| WORKDIR /app | |
| COPY package*.json ./ | |
| RUN npm install | |
| COPY . . | |
| ARG APP_MOUNT_URI | |
| ARG API_URI | |
| ARG STATIC_URL | |
| ENV API_URI ${API_URI:-https://saleor-api.domain.com/graphql/} | |
| ENV APP_MOUNT_URI ${APP_MOUNT_URI:-/dashboard/} | |
| ENV STATIC_URL ${STATIC_URL:-/dashboard/} | |
| RUN STATIC_URL=${STATIC_URL} API_URI=${API_URI} APP_MOUNT_URI=${APP_MOUNT_URI} npm run build | |
| FROM nginx:stable | |
| COPY --from=builder /app/build /usr/share/nginx/html | |
| RUN rm /etc/nginx/conf.d/default.conf | |
| COPY nginx/default.conf /etc/nginx/conf.d | |
| EXPOSE 80 | |
| CMD ["nginx", "-g", "daemon off;"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name saleor-admin.domain.com; | |
| location / { | |
| root /usr/share/nginx/html; | |
| index index.html index.htm; | |
| try_files $uri $uri/ /index.html; | |
| } | |
| error_page 500 502 503 504 /50x.html; | |
| location = /50x.html { | |
| root /usr/share/nginx/html; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM node:10 as builder | |
| WORKDIR /app | |
| COPY package*.json ./ | |
| RUN npm install | |
| COPY . . | |
| ARG API_URI | |
| ARG SENTRY_DSN | |
| ARG SENTRY_APM | |
| ARG DEMO_MODE | |
| ARG GTM_ID | |
| ENV API_URI ${API_URI:-https://saleor-api.domain.com/graphql/} | |
| RUN API_URI=${API_URI} npm run build | |
| FROM nginx:stable | |
| COPY --from=builder /app/dist /usr/share/nginx/html | |
| RUN rm /etc/nginx/conf.d/default.conf | |
| COPY nginx/default.conf /etc/nginx/conf.d | |
| EXPOSE 80 | |
| CMD ["nginx", "-g", "daemon off;"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name saleor-store.domain.com; | |
| location / { | |
| root /usr/share/nginx/html; | |
| index index.html index.htm; | |
| try_files $uri $uri/ /index.html; | |
| } | |
| error_page 500 502 503 504 /50x.html; | |
| location = /50x.html { | |
| root /usr/share/nginx/html; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http: | |
| middlewares: | |
| https-redirect: | |
| redirectScheme: | |
| scheme: https | |
| default-headers: | |
| headers: | |
| frameDeny: true | |
| sslRedirect: true | |
| browserXssFilter: true | |
| contentTypeNosniff: true | |
| forceSTSHeader: true | |
| stsIncludeSubdomains: true | |
| stsPreload: true | |
| default-whitelist: | |
| ipWhiteList: | |
| sourceRange: | |
| - "10.0.0.0/8" | |
| - "192.168.0.0/16" | |
| - "172.16.0.0/12" | |
| secured: | |
| chain: | |
| middlewares: | |
| - default-whitelist | |
| - default-headers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.7' | |
| services: | |
| traefik: | |
| image: traefik:v2.2.1 | |
| container_name: traefik | |
| restart: unless-stopped | |
| security_opt: | |
| - no-new-privileges:true | |
| networks: | |
| - web | |
| ports: | |
| - 80:80 | |
| - 443:443 | |
| volumes: | |
| - /etc/localtime:/etc/localtime:ro | |
| - /var/run/docker.sock:/var/run/docker.sock:ro | |
| - ./data/traefik.yml:/traefik.yml:ro | |
| - ./data/acme.json:/acme.json | |
| - ./data/config.yml:/config.yml:ro | |
| labels: | |
| traefik.enable: true | |
| traefik.http.routers.traefik.entrypoints: https | |
| traefik.http.routers.traefik.rule: Host(`traefik.domain.com`) | |
| traefik.http.middlewares.traefik-auth.basicauth.users: admin:password | |
| traefik.http.routers.traefik.middlewares: traefik-auth | |
| traefik.http.routers.traefik.service: api@internal | |
| tty: true | |
| networks: | |
| web: | |
| external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| log: | |
| level: INFO | |
| api: | |
| dashboard: true | |
| debug: true | |
| entryPoints: | |
| http: | |
| address: ":80" | |
| http: | |
| redirections: | |
| entrypoint: | |
| to: https | |
| https: | |
| address: ":443" | |
| http: | |
| middlewares: | |
| - default-headers@file | |
| tls: | |
| certResolver: domain | |
| domains: | |
| - main: domain.com | |
| sans: | |
| - "*.domain.com" | |
| - main: domain2.com | |
| sans: | |
| - "*.domain2.com" | |
| providers: | |
| docker: | |
| endpoint: "unix:///var/run/docker.sock" | |
| exposedByDefault: false | |
| file: | |
| filename: /config.yml | |
| certificatesResolvers: | |
| domain: | |
| acme: | |
| email: info@domain.com | |
| storage: acme.json | |
| dnsChallenge: | |
| provider: domain | |
| resolvers: | |
| - "1.1.1.1:53" | |
| - "8.8.8.8:53" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment