admin
1faaa05032
- Make the default Docker Compose CORS_ORIGIN configurable so public and NAS deployments can override allowed origins without editing the compose file. - Update the default frpc profile command to call frpc explicitly, matching the snowdreamtech/frpc entrypoint behavior observed in the deployed copy. - Apply the same explicit frpc command to the NAS compose template. - Keep real frpc server address and token from the deployed copy out of the reusable template.
88 lines
2.4 KiB
YAML
88 lines
2.4 KiB
YAML
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
container_name: tuwen_db
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: surclaw
|
|
POSTGRES_USER: surclaw
|
|
POSTGRES_PASSWORD: surclaw_dev_password
|
|
ports:
|
|
- "5433:5432"
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U surclaw -d surclaw"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
api:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile.server
|
|
container_name: tuwen_api
|
|
restart: unless-stopped
|
|
environment:
|
|
API_PORT: 3100
|
|
API_BODY_LIMIT: 100mb
|
|
CORS_ORIGIN: ${CORS_ORIGIN:-http://localhost:4002,https://localhost:4443,http://localhost:3001}
|
|
DATABASE_URL: postgresql://surclaw:surclaw_dev_password@db:5432/surclaw?schema=public
|
|
# XXX Public HTTPS reverse-proxy deployments can override these from the shell or .env.
|
|
SESSION_SECRET: ${SESSION_SECRET:-change-me-in-production}
|
|
SESSION_COOKIE_SECURE: ${SESSION_COOKIE_SECURE:-false}
|
|
TRUST_PROXY: ${TRUST_PROXY:-false}
|
|
FILE_STORAGE_DIR: /app/uploads
|
|
RUN_DB_MIGRATIONS: "true"
|
|
RUN_DB_SEED: "true"
|
|
ports:
|
|
- "3002:3100"
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
volumes:
|
|
- uploads_data:/app/uploads
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "node -e \"fetch('http://localhost:3100/api/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))\""]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 12
|
|
start_period: 20s
|
|
|
|
web:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
container_name: tuwen_web
|
|
restart: unless-stopped
|
|
ports:
|
|
- "4002:80"
|
|
- "4443:443"
|
|
depends_on:
|
|
api:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -q --spider http://127.0.0.1/ || exit 1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
|
|
frpc:
|
|
# XXX Optional public tunnel client. Edit frpc/frpc.toml before enabling this service.
|
|
image: snowdreamtech/frpc:latest
|
|
container_name: tuwen_frpc
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
command: ["frpc", "-c", "/etc/frp/frpc.toml"]
|
|
volumes:
|
|
- ./frpc/frpc.toml:/etc/frp/frpc.toml:ro
|
|
depends_on:
|
|
web:
|
|
condition: service_healthy
|
|
profiles:
|
|
- frpc
|
|
|
|
volumes:
|
|
postgres_data:
|
|
uploads_data:
|