|
| 1 | +# documentation: https://infisical.com/docs/documentation/getting-started/introduction |
| 2 | +# slogan: Infisical is the open source secret management platform that developers use to centralize their application configuration and secrets like API keys and database credentials. |
| 3 | +# tags: security, environment, secrets, infisical, database, configuration, secret, api, keys, auth, encryption |
| 4 | +# logo: svgs/infisical.png |
| 5 | +# port: 8080 |
| 6 | + |
| 7 | +version: "3" |
| 8 | + |
| 9 | +services: |
| 10 | + backend: |
| 11 | + restart: always |
| 12 | + depends_on: |
| 13 | + redis: |
| 14 | + condition: service_healthy |
| 15 | + db-migration: |
| 16 | + condition: service_completed_successfully |
| 17 | + image: "infisical/infisical:latest-postgres" |
| 18 | + environment: |
| 19 | + - SERVICE_FQDN_BACKEND_8080 |
| 20 | + - SITE_URL=${SERVICE_FQDN_BACKEND_8080} |
| 21 | + - NODE_ENV=production |
| 22 | + - ENCRYPTION_KEY=${SERVICE_PASSWORD_ENCRYPTIONKEY} |
| 23 | + - AUTH_SECRET=${SERVICE_REALBASE64_AUTHSECRET} |
| 24 | + - DB_CONNECTION_URI=postgres://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@db:5432/${POSTGRES_DB} |
| 25 | + - REDIS_URL=redis://redis:6379 |
| 26 | + healthcheck: |
| 27 | + test: |
| 28 | + - CMD-SHELL |
| 29 | + - "wget --no-verbose --tries=1 --spider http://127.0.0.1:8080/api/status || exit 1" |
| 30 | + redis: |
| 31 | + image: "redis:7" |
| 32 | + environment: |
| 33 | + - ALLOW_EMPTY_PASSWORD=yes |
| 34 | + restart: always |
| 35 | + healthcheck: |
| 36 | + test: |
| 37 | + - CMD-SHELL |
| 38 | + - "redis-cli -h localhost -p 6379 ping" |
| 39 | + interval: 5s |
| 40 | + timeout: 5s |
| 41 | + retries: 3 |
| 42 | + volumes: |
| 43 | + - redis_data:/data |
| 44 | + db: |
| 45 | + image: "postgres:14-alpine" |
| 46 | + restart: always |
| 47 | + volumes: |
| 48 | + - pg_data:/var/lib/postgresql/data |
| 49 | + environment: |
| 50 | + - POSTGRES_USER=${SERVICE_USER_POSTGRES} |
| 51 | + - POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES} |
| 52 | + - POSTGRES_DB=${POSTGRES_DB:-infisical} |
| 53 | + healthcheck: |
| 54 | + test: |
| 55 | + - CMD-SHELL |
| 56 | + - "pg_isready -h localhost -U $${POSTGRES_USER} -d $${POSTGRES_DB}" |
| 57 | + interval: 5s |
| 58 | + timeout: 10s |
| 59 | + retries: 10 |
| 60 | + db-migration: |
| 61 | + depends_on: |
| 62 | + db: |
| 63 | + condition: service_healthy |
| 64 | + image: "infisical/infisical:latest-postgres" |
| 65 | + command: "npm run migration:latest" |
| 66 | + restart: on-failure |
| 67 | + environment: |
| 68 | + - POSTGRES_USER=${SERVICE_USER_POSTGRES} |
| 69 | + - POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES} |
| 70 | + - POSTGRES_DB=${POSTGRES_DB:-infisical} |
| 71 | + - DB_CONNECTION_URI=postgres://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@db:5432/${POSTGRES_DB:-infisical} |
| 72 | + - REDIS_URL=redis://redis:6379 |
| 73 | +volumes: |
| 74 | + pg_data: |
| 75 | + redis_data: |
0 commit comments