1  services:
 2    db:
 3      image: groonga/pgroonga:latest
 4      environment:
 5        POSTGRES_USER: ${POSTGRES_USER}
 6        POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
 7        POSTGRES_DB: lion
 8      volumes:
 9        - db:/var/lib/postgresql/data
10      ports:
11        - "5423:5432"
12      restart: unless-stopped
13      healthcheck:
14        test: ["CMD-SHELL", "pg_isready -d postgres"]
15        interval: 30s
16        timeout: 10s
17        retries: 5
18    valkey:
19      container_name: valkey
20      image: valkey/valkey:latest
21      ports:
22        - "6379:6379"
23      environment:
24        VALKEY_EXTRA_FLAGS: "--appendonly yes"
25      restart: unless-stopped
26      healthcheck:
27        test: ["CMD", "valkey-cli", "ping"]
28        interval: 30s
29        timeout: 10s
30        retries: 5
31      volumes:
32        - valkey:/data
33    vault:
34      image: openbao/openbao
35      container_name: vault
36      hostname: vault
37      ports:
38        - 8200:8200
39      volumes:
40        - ./lion-policy.hcl:/openbao/policies/lion-policy.hcl
41        - ./config.hcl:/openbao/config/config.hcl
42        - vault-data:/openbao/file/
43      environment:
44        - VAULT_ADDR=http://localhost:8200
45      cap_add:
46        - IPC_LOCK
47      command: server
48      restart: always
49  
50    vault-init:
51      image: openbao/openbao
52      container_name: vault-init
53      environment:
54        - VAULT_ADDR=http://vault:8200
55        - MY_VAULT_TOKEN=${MY_VAULT_TOKEN:-test}
56      volumes:
57        - ./lion-policy.hcl:/openbao/policies/lion-policy.hcl
58        - ./vault-root-token:/openbao/file/vault-root-token
59        - ./vault-init.sh:/usr/local/bin/vault-init.sh
60        - vault-data:/openbao/file/
61      command: /usr/local/bin/vault-init.sh
62      depends_on:
63        - vault
64    lionsmane-be:
65      image: codeberg.org/0x4d6165/lionsmane:dev
66      environment:
67        DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
68        VAULT_ADDR: http://vault:8200
69        VAULT_TOKEN: ${MY_VAULT_TOKEN}
70        REDIS_HOST: valkey
71        NODE_ENV: production
72        CORS_ORIGIN: "https://lionsmane.wanderingwires.net"
73        FROM_ADDR: ${FROM_ADDR}
74        SMTP_HOST: ${SMTP_HOST}
75        SMTP_USER: ${SMTP_USER}
76        SMTP_PASS: ${SMTP_PASS}
77        DISCORD_CLIENT_ID: ${DISCORD_CLIENT_ID}
78        DISCORD_CLIENT_SECRET: ${DISCORD_CLIENT_SECRET}
79        GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID}
80        GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET}
81      ports:
82        - "8181:8181"
83      restart: unless-stopped
84      healthcheck:
85        test: ["CMD-SHELL", "curl --fail http://localhost:8181/health"]
86        interval: 30s
87        timeout: 10s
88        retries: 3
89      depends_on:
90        db:
91          condition: service_healthy
92        valkey:
93          condition: service_healthy
94  
95  volumes:
96    db:
97    valkey:
98    vault-data: