Docker compose demonization with systemd

How to (auto)start infrastructure with docker-compose. Very useful for development needs as example for review server (pre-prod or test environment). Here about how to protect iptables when we use docker-compose.

Configuration docker-compose.yml
nginx-d1:
    image: nginx:1.15
    container_name: nginx-d1
    ports:
        - "443:443"
        - "80:80"
    links:
        - php-d1
    volumes:
        - /data/code:/code
        - /srv/docker-compose/configs/nginx/conf.d:/etc/nginx/conf.d

php-d1:
    image: php72-fpm
    container_name: php-d1
    ports:
        - "9000"
    links:
        - mysql-d1
        - redis-d1
    volumes:
        - /data/code:/code

mysql-d1:
    image: percona
    container_name: mysql-d1
    command: --max_allowed_packet=1073741824
    ports:
        - "13306:3306"
    volumes:
        - /data/mysql-d1:/var/lib/mysql
    environment:
        - MYSQL_ROOT_PASSWORD=ROOTPASSWORD!!!

redis-d1:
    image: redis
    container_name: redis-d1
    ports:
        - "6379"

And we need startup service
# cat /etc/systemd/system/docker-compose.service
[Unit]
Description=Docker compose service
Requires=docker.service
After=docker.service

[Service]
Restart=always

WorkingDirectory=/srv/docker-compose
ExecStartPre=/usr/local/bin/docker-compose down -v
ExecStartPre=/usr/local/bin/docker-compose rm -fv
ExecStart=/usr/local/bin/docker-compose up
ExecStop=/usr/local/bin/docker-compose down -v

[Install]
WantedBy=multi-user.target

On top we need some sync scripts for DB and static files... and Nginx vhost config compatible with GitLab CI.
# cat app2-review.domain.com.conf
server {    listen 80;    listen 443 ssl http2;
    server_name ~^(www\.)?(?.+?).app2-review.domain.com$;
    root /code/app2/$sname/public;
...
    location / {
...
    }
}

And short example how to use php
    location ~ [^/]\.php(/|$) {
...
        include fastcgi_params;
        fastcgi_pass php-d1:9000;
...
    }

Comments

Popular posts from this blog

Redis with failover replication

FreeRadius and Google Workspace LDAP