workadventure/contrib/docker/docker-compose.prod.yaml

version: "3.5"
services:
  reverse-proxy:
    image: traefik:v2.6
    command:
      - --log.level=${LOG_LEVEL}
      - --providers.docker
      # Entry points
      - --entryPoints.web.address=:${HTTP_PORT}
      - --entrypoints.web.http.redirections.entryPoint.to=websecure
      - --entrypoints.web.http.redirections.entryPoint.scheme=https
      - --entryPoints.websecure.address=:${HTTPS_PORT}
      # HTTP challenge
      - --certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}
      - --certificatesresolvers.myresolver.acme.storage=/acme.json
      - --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web
      # Let's Encrypt's staging server
      # uncomment during testing to avoid rate limiting
      #- --certificatesresolvers.dnsresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
    ports:
      - "${HTTP_PORT}:80"
      - "${HTTPS_PORT}:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${DATA_DIR}/letsencrypt/acme.json:/acme.json
    restart: ${RESTART_POLICY}


  front:
    build:
      context: ../..
      dockerfile: front/Dockerfile
    #image: thecodingmachine/workadventure-front:${VERSION}
    environment:
      - DEBUG_MODE
      - JITSI_URL
      - JITSI_PRIVATE_MODE
      - PUSHER_URL=//${PUSHER_HOST}
      - ICON_URL=//${ICON_HOST}
      - TURN_SERVER
      - TURN_USER
      - TURN_PASSWORD
      - TURN_STATIC_AUTH_SECRET
      - STUN_SERVER
      - START_ROOM_URL
      - SKIP_RENDER_OPTIMIZATIONS
      - MAX_PER_GROUP
      - MAX_USERNAME_LENGTH
      - DISABLE_ANONYMOUS
      - DISABLE_NOTIFICATIONS
    labels:
      - "traefik.http.routers.front.rule=Host(`${FRONT_HOST}`)"
      - "traefik.http.routers.front.entryPoints=web"
      - "traefik.http.services.front.loadbalancer.server.port=80"
      - "traefik.http.routers.front-ssl.rule=Host(`${FRONT_HOST}`)"
      - "traefik.http.routers.front-ssl.entryPoints=websecure"
      - "traefik.http.routers.front-ssl.service=front"
      - "traefik.http.routers.front-ssl.tls=true"
      - "traefik.http.routers.front-ssl.tls.certresolver=myresolver"
    restart: ${RESTART_POLICY}

  pusher:
    build:
      context: ../..
      dockerfile: pusher/Dockerfile
    #image: thecodingmachine/workadventure-pusher:${VERSION}
    command: yarn run runprod
    environment:
      - SECRET_JITSI_KEY
      - SECRET_KEY
      - API_URL
      - FRONT_URL=https://${FRONT_HOST}
      - JITSI_URL
      - JITSI_ISS
      - DISABLE_ANONYMOUS
    labels:
      - "traefik.http.routers.pusher.rule=Host(`${PUSHER_HOST}`)"
      - "traefik.http.routers.pusher.entryPoints=web"
      - "traefik.http.services.pusher.loadbalancer.server.port=8080"
      - "traefik.http.routers.pusher-ssl.rule=Host(${PUSHER_HOST}`)"
      - "traefik.http.routers.pusher-ssl.entryPoints=websecure"
      - "traefik.http.routers.pusher-ssl.service=pusher"
      - "traefik.http.routers.pusher-ssl.tls=true"
      - "traefik.http.routers.pusher-ssl.tls.certresolver=myresolver"
    restart: ${RESTART_POLICY}

  back:
    build:
      context: ../..
      dockerfile: back/Dockerfile
    #image: thecodingmachine/workadventure-back:${VERSION}
    command: yarn run runprod
    environment:
      - SECRET_JITSI_KEY
      - SECRET_KEY
      - ADMIN_API_TOKEN
      - ADMIN_API_URL
      - TURN_SERVER
      - TURN_USER
      - TURN_PASSWORD
      - TURN_STATIC_AUTH_SECRET
      - STUN_SERVER
      - JITSI_URL
      - JITSI_ISS
      - MAX_PER_GROUP
      - STORE_VARIABLES_FOR_LOCAL_MAPS
    labels:
      - "traefik.http.routers.back.rule=Host(`${BACK_HOST}`)"
      - "traefik.http.routers.back.entryPoints=web"
      - "traefik.http.services.back.loadbalancer.server.port=8080"
      - "traefik.http.routers.back-ssl.rule=Host(`${BACK_HOST}`)"
      - "traefik.http.routers.back-ssl.entryPoints=websecure"
      - "traefik.http.routers.back-ssl.service=back"
      - "traefik.http.routers.back-ssl.tls=true"
      - "traefik.http.routers.back-ssl.tls.certresolver=myresolver"
    restart: ${RESTART_POLICY}

  icon:
    image: matthiasluedtke/iconserver:v3.13.0
    labels:
      - "traefik.http.routers.icon.rule=Host(`${ICON_HOST}`)"
      - "traefik.http.routers.icon.entryPoints=web,traefik"
      - "traefik.http.services.icon.loadbalancer.server.port=8080"
      - "traefik.http.routers.icon-ssl.rule=Host(`${ICON_HOST}`)"
      - "traefik.http.routers.icon-ssl.entryPoints=websecure"
      - "traefik.http.routers.icon-ssl.service=icon"
      - "traefik.http.routers.icon-ssl.tls=true"
      - "traefik.http.routers.icon-ssl.tls.certresolver=myresolver"
update docker production templates 2022-02-09 14:11:28 +01:00			`version: "3.5"`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`services:`
			`reverse-proxy:`
update docker production templates 2022-02-09 14:11:28 +01:00			`image: traefik:v2.6`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`command:`
update docker production templates 2022-02-09 14:11:28 +01:00			`- --log.level=${LOG_LEVEL}`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`- --providers.docker`
update docker production templates 2022-02-09 14:11:28 +01:00			`# Entry points`
			`- --entryPoints.web.address=:${HTTP_PORT}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- --entrypoints.web.http.redirections.entryPoint.to=websecure`
			`- --entrypoints.web.http.redirections.entryPoint.scheme=https`
update docker production templates 2022-02-09 14:11:28 +01:00			`- --entryPoints.websecure.address=:${HTTPS_PORT}`
			`# HTTP challenge`
Use email address from .env 2021-02-19 23:10:48 +01:00			`- --certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- --certificatesresolvers.myresolver.acme.storage=/acme.json`
			`- --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web`
update docker production templates 2022-02-09 14:11:28 +01:00			`# Let's Encrypt's staging server`
			`# uncomment during testing to avoid rate limiting`
			`#- --certificatesresolvers.dnsresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`ports:`
update docker production templates 2022-02-09 14:11:28 +01:00			`- "${HTTP_PORT}:80"`
			`- "${HTTPS_PORT}:443"`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`volumes:`
			`- /var/run/docker.sock:/var/run/docker.sock`
update docker production templates 2022-02-09 14:11:28 +01:00			`- ${DATA_DIR}/letsencrypt/acme.json:/acme.json`
			`restart: ${RESTART_POLICY}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00
			`front:`
Using locally built images 2021-02-02 11:34:29 +01:00			`build:`
Moving docker-compose prod file to contrib/docker 2021-02-03 12:29:41 +01:00			`context: ../..`
Using locally built images 2021-02-02 11:34:29 +01:00			`dockerfile: front/Dockerfile`
update docker production templates 2022-02-09 14:11:28 +01:00			`#image: thecodingmachine/workadventure-front:${VERSION}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`environment:`
update docker production templates 2022-02-09 14:11:28 +01:00			`- DEBUG_MODE`
			`- JITSI_URL`
			`- JITSI_PRIVATE_MODE`
			`- PUSHER_URL=//${PUSHER_HOST}`
			`- ICON_URL=//${ICON_HOST}`
			`- TURN_SERVER`
			`- TURN_USER`
			`- TURN_PASSWORD`
			`- TURN_STATIC_AUTH_SECRET`
			`- STUN_SERVER`
			`- START_ROOM_URL`
			`- SKIP_RENDER_OPTIMIZATIONS`
			`- MAX_PER_GROUP`
			`- MAX_USERNAME_LENGTH`
			`- DISABLE_ANONYMOUS`
			`- DISABLE_NOTIFICATIONS`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`labels:`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.front.rule=Host(`${FRONT_HOST}`)"
			`- "traefik.http.routers.front.entryPoints=web"`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.services.front.loadbalancer.server.port=80"`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.front-ssl.rule=Host(`${FRONT_HOST}`)"
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`- "traefik.http.routers.front-ssl.entryPoints=websecure"`
			`- "traefik.http.routers.front-ssl.service=front"`
update docker production templates 2022-02-09 14:11:28 +01:00			`- "traefik.http.routers.front-ssl.tls=true"`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.routers.front-ssl.tls.certresolver=myresolver"`
update docker production templates 2022-02-09 14:11:28 +01:00			`restart: ${RESTART_POLICY}`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00
			`pusher:`
Using locally built images 2021-02-02 11:34:29 +01:00			`build:`
Moving docker-compose prod file to contrib/docker 2021-02-03 12:29:41 +01:00			`context: ../..`
Using locally built images 2021-02-02 11:34:29 +01:00			`dockerfile: pusher/Dockerfile`
update docker production templates 2022-02-09 14:11:28 +01:00			`#image: thecodingmachine/workadventure-pusher:${VERSION}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`command: yarn run runprod`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`environment:`
update docker production templates 2022-02-09 14:11:28 +01:00			`- SECRET_JITSI_KEY`
			`- SECRET_KEY`
			`- API_URL`
			`- FRONT_URL=https://${FRONT_HOST}`
			`- JITSI_URL`
			`- JITSI_ISS`
			`- DISABLE_ANONYMOUS`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`labels:`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.pusher.rule=Host(`${PUSHER_HOST}`)"
			`- "traefik.http.routers.pusher.entryPoints=web"`
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`- "traefik.http.services.pusher.loadbalancer.server.port=8080"`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.pusher-ssl.rule=Host(${PUSHER_HOST}`)"
*: Dockerfiles cleanup, docker-compose.prod.yaml New docker-compose.prod.yaml should provide a production-ish deployment of WorkAdventure 2021-01-08 00:20:27 +01:00			`- "traefik.http.routers.pusher-ssl.entryPoints=websecure"`
			`- "traefik.http.routers.pusher-ssl.service=pusher"`
update docker production templates 2022-02-09 14:11:28 +01:00			`- "traefik.http.routers.pusher-ssl.tls=true"`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.routers.pusher-ssl.tls.certresolver=myresolver"`
update docker production templates 2022-02-09 14:11:28 +01:00			`restart: ${RESTART_POLICY}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00
			`back:`
Using locally built images 2021-02-02 11:34:29 +01:00			`build:`
Moving docker-compose prod file to contrib/docker 2021-02-03 12:29:41 +01:00			`context: ../..`
Using locally built images 2021-02-02 11:34:29 +01:00			`dockerfile: back/Dockerfile`
update docker production templates 2022-02-09 14:11:28 +01:00			`#image: thecodingmachine/workadventure-back:${VERSION}`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`command: yarn run runprod`
			`environment:`
update docker production templates 2022-02-09 14:11:28 +01:00			`- SECRET_JITSI_KEY`
			`- SECRET_KEY`
			`- ADMIN_API_TOKEN`
			`- ADMIN_API_URL`
			`- TURN_SERVER`
			`- TURN_USER`
			`- TURN_PASSWORD`
			`- TURN_STATIC_AUTH_SECRET`
			`- STUN_SERVER`
			`- JITSI_URL`
			`- JITSI_ISS`
			`- MAX_PER_GROUP`
			`- STORE_VARIABLES_FOR_LOCAL_MAPS`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`labels:`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.back.rule=Host(`${BACK_HOST}`)"
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.routers.back.entryPoints=web"`
			`- "traefik.http.services.back.loadbalancer.server.port=8080"`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.back-ssl.rule=Host(`${BACK_HOST}`)"
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.routers.back-ssl.entryPoints=websecure"`
			`- "traefik.http.routers.back-ssl.service=back"`
update docker production templates 2022-02-09 14:11:28 +01:00			`- "traefik.http.routers.back-ssl.tls=true"`
Reworking docker-compose.prod.yaml to make it generic while still having a front container configurable 2021-02-02 11:19:24 +01:00			`- "traefik.http.routers.back-ssl.tls.certresolver=myresolver"`
update docker production templates 2022-02-09 14:11:28 +01:00			`restart: ${RESTART_POLICY}`

Add icon server on production docker services 2021-11-10 18:22:03 +01:00			`icon:`
			`image: matthiasluedtke/iconserver:v3.13.0`
			`labels:`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.icon.rule=Host(`${ICON_HOST}`)"
Add icon server on production docker services 2021-11-10 18:22:03 +01:00			`- "traefik.http.routers.icon.entryPoints=web,traefik"`
			`- "traefik.http.services.icon.loadbalancer.server.port=8080"`
update docker production templates 2022-02-09 14:11:28 +01:00			- "traefik.http.routers.icon-ssl.rule=Host(`${ICON_HOST}`)"
Add icon server on production docker services 2021-11-10 18:22:03 +01:00			`- "traefik.http.routers.icon-ssl.entryPoints=websecure"`
			`- "traefik.http.routers.icon-ssl.service=icon"`
update docker production templates 2022-02-09 14:11:28 +01:00			`- "traefik.http.routers.icon-ssl.tls=true"`
Add icon server on production docker services 2021-11-10 18:22:03 +01:00			`- "traefik.http.routers.icon-ssl.tls.certresolver=myresolver"`