Cybersecurity-Projects/PROJECTS/intermediate/api-security-scanner/compose.yml

82 lines
2.1 KiB
YAML

# ⒸAngelaMos | 2026
services:
# PostgreSQL Database
db:
image: postgres:16-alpine
container_name: apisec_db_prod
environment:
POSTGRES_USER: ${POSTGRES_USER:-apiuser}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-apipass}
POSTGRES_DB: ${POSTGRES_DB:-apisecurity}
# Uncomment to expose DB port (not recommended for production)
# ports:
# - "${HOST_DB_PORT:-5432}:5432"
volumes:
- postgres_data_prod:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-apiuser}"]
interval: 10s
timeout: 5s
retries: 5
networks:
- apisec_network
restart: always
# FastAPI Backend
backend:
build:
context: .
dockerfile: conf/docker/prod/fastapi.docker
container_name: apisec_backend_prod
environment:
DATABASE_URL: postgresql://${POSTGRES_USER:-apiuser}:${POSTGRES_PASSWORD:-apipass}@db:5432/${POSTGRES_DB:-apisecurity}
SECRET_KEY: ${SECRET_KEY}
DEBUG: "false"
BACKEND_HOST: ${BACKEND_HOST:-0.0.0.0}
BACKEND_PORT: ${BACKEND_PORT:-8000}
CORS_ORIGINS: ${CORS_ORIGINS:-https://yourdomain.com}
expose:
- "8000"
depends_on:
db:
condition: service_healthy
networks:
- apisec_network
restart: always
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
# Nginx serving static files
frontend:
build:
context: .
dockerfile: conf/docker/prod/vite.docker
container_name: apisec_frontend_prod
ports:
- "${HOST_NGINX_PORT:-80}:80"
# Uncomment for HTTPS - or dns proxy with Cloudfare:
# - "${HOST_NGINX_HTTPS_PORT:-443}:443"
depends_on:
- backend
networks:
- apisec_network
restart: always
# Optional: Mount SSL certificates for HTTPS -
# or dns proxy with Cloudfare (easier)
# volumes:
# - ./ssl:/etc/nginx/ssl:ro
volumes:
postgres_data_prod:
name: apisec_postgres_data_prod
networks:
apisec_network:
name: apisec_network_prod
driver: bridge