actual-budget-rest-api/docker-compose.prod.sqlite.yml at main · ZoneMix/actual-budget-rest-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
services:
  actual-rest-api:
    build: .  # Builds Dockerfile (copies from ./src)
    image: actual-rest-api  # Tagged for reuse
    container_name: actual-rest-api
    ports:
      - "3000:3000"
    volumes:
      - ./data/prod/actual-api:/app/.actual-cache  # Persistent encrypted DB and SQLite auth.db
    working_dir: /app
    command: npm start
    # Use .env if not using secrets manager with CI/CD pipeline
    #env_file:
    #  - .env
    environment:
      # Environment variables should be provided via secrets manager or .env file
      # For production, use GitHub Secrets, AWS Secrets Manager, etc.
      DB_TYPE: sqlite
    depends_on:
      redis:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:3000/v2/health || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s

  redis:
    image: redis:7-alpine
    container_name: actual-rest-api-redis
    ports:
      - "6379:6379"
    volumes:
      - ./data/prod/redis:/data
    # Redis password (set REDIS_PASSWORD env var for production)
    # In production, always use a strong password
    command: >
      sh -c "if [ -n \"$$REDIS_PASSWORD\" ]; then
        redis-server --appendonly yes --requirepass \"$$REDIS_PASSWORD\"
      else
        redis-server --appendonly yes
      fi"
    environment:
      - REDIS_PASSWORD=${REDIS_PASSWORD}  # Redis password (set REDIS_PASSWORD env var for production)
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 3s
      retries: 5
      start_period: 10s
    restart: unless-stopped