39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
version: '3.8'
|
|
|
|
# Deploy with:
|
|
# export POSTGRES_PASSWORD='...' FUSIONAUTH_DB_PASSWORD='...'
|
|
# sudo -E docker stack deploy -c fusionauth.yml fusionauth
|
|
#
|
|
# Passwords sourced from AWS Secrets Manager (swarm_infra_secrets)
|
|
#
|
|
# Runs on: CADDY_INSTANCE (ip-10-0-1-168)
|
|
# FusionAuth is Java-based and memory hungry — deployed on caddy node (t3.large, 8GB)
|
|
# Accessible publicly via Caddy reverse proxy at auth.erdaverse.com
|
|
|
|
services:
|
|
fusionauth:
|
|
image: fusionauth/fusionauth-app:latest
|
|
environment:
|
|
DATABASE_URL: jdbc:postgresql://postgres:5432/fusionauth_db
|
|
DATABASE_ROOT_USERNAME: postgres
|
|
DATABASE_ROOT_PASSWORD: ${POSTGRES_PASSWORD}
|
|
DATABASE_USERNAME: fusionauth_user
|
|
DATABASE_PASSWORD: ${FUSIONAUTH_DB_PASSWORD}
|
|
FUSIONAUTH_APP_MEMORY: 512M
|
|
FUSIONAUTH_APP_RUNTIME_MODE: production
|
|
SEARCH_TYPE: database
|
|
networks:
|
|
- erda-net
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.hostname == ip-10-0-1-168
|
|
restart_policy:
|
|
condition: on-failure
|
|
delay: 5s
|
|
max_attempts: 3
|
|
|
|
networks:
|
|
erda-net:
|
|
external: true
|