Docker compose demonization with systemd

Easy way to (auto)start your infrastructure with docker-compose. Very useful for development, review servers, pre-prod, or test environments. Also includes tips on protecting iptables when using docker-compose.

This example shows a minimal setup with Nginx, PHP, MySQL, and Redis containers, plus a systemd service for automatic startup and shutdown.

docker-compose.yml configuration

nginx-d1:
    image: nginx:1.15
    container_name: nginx-d1
    ports:
        - "443:443"
        - "80:80"
    links:
        - php-d1
    volumes:
        - /data/code:/code
        - /srv/docker-compose/configs/nginx/conf.d:/etc/nginx/conf.d

php-d1:
    image: php72-fpm
    container_name: php-d1
    ports:
        - "9000"
    links:
        - mysql-d1
        - redis-d1
    volumes:
        - /data/code:/code

mysql-d1:
    image: percona
    container_name: mysql-d1
    command: --max_allowed_packet=1073741824
    ports:
        - "13306:3306"
    volumes:
        - /data/mysql-d1:/var/lib/mysql
    environment:
        - MYSQL_ROOT_PASSWORD=ROOTPASSWORD!!!

redis-d1:
    image: redis
    container_name: redis-d1
    ports:
        - "6379"

Systemd startup service

# cat /etc/systemd/system/docker-compose.service
[Unit]
Description=Docker compose service
Requires=docker.service
After=docker.service

[Service]
Restart=always

WorkingDirectory=/srv/docker-compose
ExecStartPre=/usr/local/bin/docker-compose down -v
ExecStartPre=/usr/local/bin/docker-compose rm -fv
ExecStart=/usr/local/bin/docker-compose up
ExecStop=/usr/local/bin/docker-compose down -v

[Install]
WantedBy=multi-user.target

Nginx vhost example

# cat app2-review.domain.com.conf
server {    
    listen 80;    
    listen 443 ssl http2;
    server_name ~^(www\.)?(?.+?).app2-review.domain.com$;
    root /code/app2/$sname/public;
...
    location / {
...
    }
}

PHP location example

location ~ [^/]\.php(/|$) {
...
    include fastcgi_params;
    fastcgi_pass php-d1:9000;
...
}
Human Logic, AI Syntax... Note on Content: I'm a Systems Engineer, not a native English writer. To ensure my technical ideas are clear and accessible, I use AI tools to polish the grammar and style. The workflow is simple: I provide the logic, the code, and the real-world experience. The AI handles the "English-to-Human" translation layer. If you find a bug, that's on me. If you find a perfectly placed comma, that's probably the AI.

Comments

Post a Comment

Popular posts from this blog

FreeRadius with Google Workspace LDAP

This was the first time I used FreeRadius. This program reminds me of Postfix — a similarly complicated and powerful tool. Only one big difference: very poor documentation and not enough examples. In the mailing lists there are many questions without answers from FreeRadius gurus. Here I provide examples of how I solved some problems or where I spent too much time…
Read more

Fixing pssh (parallel-ssh) Problems on Debian 10 with Python 3.7

Python reminds me of PHP many years ago, when multiple incompatible versions could exist on one server. Do you need another version? The best solution back then was a new server, because any update or installation could break the entire global environment. Half a year after the “Sunsetting Python 2”, major distributions still continue to install Python 2 by default, and it becomes a challenge not to replace the default version after some update or after installing a new package.
Read more