admin
a781227474
- Add frpc/frpc.toml template for mapping the local Docker web entry on port 4002 to the public frps server. - Add an optional Docker Compose frpc service behind the frpc profile, mounting the reusable frpc.toml configuration. - Document how to enable the frpc profile, inspect frpc logs, and keep normal local startup unchanged. - Clarify that public deployments should map only port 4002 and let Nginx Proxy Manager provide HTTPS for sstwbg.example.com instead of exposing 4443. - Update Docker and deployment docs to match the reusable frpc workflow.
88 lines
2.3 KiB
YAML
88 lines
2.3 KiB
YAML
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
container_name: tuwen_db
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: surclaw
|
|
POSTGRES_USER: surclaw
|
|
POSTGRES_PASSWORD: surclaw_dev_password
|
|
ports:
|
|
- "5433:5432"
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U surclaw -d surclaw"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
api:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile.server
|
|
container_name: tuwen_api
|
|
restart: unless-stopped
|
|
environment:
|
|
API_PORT: 3100
|
|
API_BODY_LIMIT: 100mb
|
|
CORS_ORIGIN: http://localhost:4002,https://localhost:4443,http://localhost:3001
|
|
DATABASE_URL: postgresql://surclaw:surclaw_dev_password@db:5432/surclaw?schema=public
|
|
# XXX Public HTTPS reverse-proxy deployments can override these from the shell or .env.
|
|
SESSION_SECRET: ${SESSION_SECRET:-change-me-in-production}
|
|
SESSION_COOKIE_SECURE: ${SESSION_COOKIE_SECURE:-false}
|
|
TRUST_PROXY: ${TRUST_PROXY:-false}
|
|
FILE_STORAGE_DIR: /app/uploads
|
|
RUN_DB_MIGRATIONS: "true"
|
|
RUN_DB_SEED: "true"
|
|
ports:
|
|
- "3002:3100"
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
volumes:
|
|
- uploads_data:/app/uploads
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "node -e \"fetch('http://localhost:3100/api/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))\""]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 12
|
|
start_period: 20s
|
|
|
|
web:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
container_name: tuwen_web
|
|
restart: unless-stopped
|
|
ports:
|
|
- "4002:80"
|
|
- "4443:443"
|
|
depends_on:
|
|
api:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -q --spider http://127.0.0.1/ || exit 1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
|
|
frpc:
|
|
# XXX Optional public tunnel client. Edit frpc/frpc.toml before enabling this service.
|
|
image: snowdreamtech/frpc:latest
|
|
container_name: tuwen_frpc
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
command: ["-c", "/etc/frp/frpc.toml"]
|
|
volumes:
|
|
- ./frpc/frpc.toml:/etc/frp/frpc.toml:ro
|
|
depends_on:
|
|
web:
|
|
condition: service_healthy
|
|
profiles:
|
|
- frpc
|
|
|
|
volumes:
|
|
postgres_data:
|
|
uploads_data:
|