fix: Voorbereiding production

compose.prod.yml

@@ -0,0 +1,110 @@
+#
+# This file is used to define the production environment for the project.
+# It is used to deploy the project on a server.
+# Should not be used for local development.
+#
+services:
+    web:
+        build:
+            context: .
+            dockerfile: frontend/Dockerfile
+        restart: unless-stopped
+        networks:
+            - dwengo-1
+        labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.web.rule=PathPrefix(`/`)'
+            - 'traefik.http.services.web.loadbalancer.server.port=80'
+
+    api:
+        build:
+            context: .
+            dockerfile: backend/Dockerfile
+        restart: unless-stopped
+        volumes:
+            # TODO Replace with environment keys
+            - ./backend/.env:/app/.env
+        depends_on:
+            - db
+            - logging
+        networks:
+            - dwengo-1
+        labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.api.rule=PathPrefix(`/api`)'
+            - 'traefik.http.services.api.loadbalancer.server.port=3000'
+
+    db:
+        # Also see compose.yml
+        networks:
+            - dwengo-1
+
+    idp:
+        # Also see compose.yml
+        # TODO Replace with proper production command
+        command: ['start-dev', '--http-port', '7080', '--https-port', '7443', '--import-realm']
+        networks:
+            - dwengo-1
+        labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.idp.rule=PathPrefix(`/idp`)'
+            - 'traefik.http.services.idp.loadbalancer.server.port=7080'
+        env_file:
+            -   ./config/idp/.env
+        environment:
+            KC_HOSTNAME: 'sel2-1.ugent.be'
+            PROXY_ADDRESS_FORWARDING: 'true'
+            KC_HTTP_RELATIVE_PATH: '/idp'
+
+    reverse-proxy:
+        image: traefik:v3.3
+        ports:
+            - '80:80/tcp'
+            - '443:443/tcp'
+        command:
+            # Add Docker provider
+            - "--providers.docker=true"
+            - "--providers.docker.exposedbydefault=false"
+
+            # Add web entrypoint
+            - "--entrypoints.web.address=:80/tcp"
+            - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+            - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
+
+            # Add websecure entrypoint
+            - "--entrypoints.websecure.address=:443/tcp"
+            - "--entrypoints.websecure.http.tls=true"
+            - "--entrypoints.websecure.http.tls.certResolver=letsencrypt"
+            - "--entrypoints.websecure.http.tls.domains[0].main=sel2-1.ugent.be"
+
+            # Certificates
+            - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
+            - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
+            - "--certificatesresolvers.letsencrypt.acme.email=timo.demeyst@ugent.be"
+            - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
+        restart: unless-stopped
+        volumes:
+            - /var/run/docker.sock:/var/run/docker.sock:ro
+            - dwengo_letsencrypt:/letsencrypt
+        networks:
+            - dwengo-1
+
+    logging:
+        # Also see compose.yml
+        networks:
+            - dwengo-1
+
+    dashboards:
+        image: grafana/grafana:latest
+        ports:
+            - '9002:3000'
+        restart: unless-stopped
+        volumes:
+            - dwengo_grafana_data:/var/lib/grafana
+
+volumes:
+    dwengo_grafana_data:
+    dwengo_letsencrypt:
+
+networks:
+    dwengo-1: