Michael Schiemer
77abc65cd7
Some checks failed
Deploy Application / deploy (push) Has been cancelled
106 lines
2.8 KiB
YAML
106 lines
2.8 KiB
YAML
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: postgres
|
|
restart: unless-stopped
|
|
networks:
|
|
- infrastructure
|
|
- app-internal
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- POSTGRES_DB=michaelschiemer
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
|
- PGDATA=/var/lib/postgresql/data/pgdata
|
|
volumes:
|
|
- postgres-data:/var/lib/postgresql/data
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
secrets:
|
|
- postgres_password
|
|
command: >
|
|
postgres
|
|
-c max_connections=200
|
|
-c shared_buffers=256MB
|
|
-c effective_cache_size=1GB
|
|
-c maintenance_work_mem=64MB
|
|
-c checkpoint_completion_target=0.9
|
|
-c wal_buffers=16MB
|
|
-c default_statistics_target=100
|
|
-c random_page_cost=1.1
|
|
-c effective_io_concurrency=200
|
|
-c work_mem=4MB
|
|
-c min_wal_size=1GB
|
|
-c max_wal_size=4GB
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres -d michaelschiemer"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
shm_size: 256mb
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 2G
|
|
reservations:
|
|
memory: 512M
|
|
|
|
# Automated Backup Service
|
|
postgres-backup:
|
|
image: postgres:16-alpine
|
|
container_name: postgres-backup
|
|
restart: unless-stopped
|
|
networks:
|
|
- app-internal
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- POSTGRES_HOST=postgres
|
|
- POSTGRES_DB=michaelschiemer
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
|
- BACKUP_RETENTION_DAYS=7
|
|
- BACKUP_SCHEDULE=0 2 * * *
|
|
volumes:
|
|
- postgres-backups:/backups
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
entrypoint: >
|
|
sh -c "
|
|
echo 'Starting PostgreSQL backup service...'
|
|
while true; do
|
|
echo \"\$(date): Running backup...\"
|
|
PGPASSWORD=\$$(cat /run/secrets/postgres_password) pg_dump -h \$$POSTGRES_HOST -U \$$POSTGRES_USER -d \$$POSTGRES_DB -F c -f /backups/backup_\$$(date +%Y%m%d_%H%M%S).dump
|
|
echo \"\$(date): Backup completed\"
|
|
# Cleanup old backups
|
|
find /backups -name 'backup_*.dump' -mtime +\$$BACKUP_RETENTION_DAYS -delete
|
|
echo \"\$(date): Cleanup completed\"
|
|
# Wait until next scheduled time
|
|
sleep 86400
|
|
done
|
|
"
|
|
secrets:
|
|
- postgres_password
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
|
|
networks:
|
|
infrastructure:
|
|
external: true
|
|
name: infrastructure
|
|
app-internal:
|
|
external: true
|
|
name: app-internal
|
|
|
|
volumes:
|
|
postgres-data:
|
|
name: postgres-data
|
|
postgres-backups:
|
|
name: postgres-backups
|
|
|
|
secrets:
|
|
postgres_password:
|
|
file: ./secrets/postgres_password.txt
|
|
|