# КЛГ АСУ ТК v27 — Full Stack # docker compose up -d # (version удалён — deprecated в Docker Compose v2+) services: # ─── Database ─────────────────────────────────── postgres: image: postgres:15-alpine environment: POSTGRES_USER: ${DB_USER:-klg} POSTGRES_PASSWORD: ${DB_PASSWORD:-klg} POSTGRES_DB: ${DB_NAME:-klg} ports: - "5432:5432" volumes: - postgres_data:/var/lib/postgresql/data - ./backend/migrations:/docker-entrypoint-initdb.d:ro healthcheck: test: ["CMD-SHELL", "pg_isready -U klg -d klg"] interval: 5s timeout: 5s retries: 5 # ─── Cache ────────────────────────────────────── redis: image: redis:7-alpine ports: - "6379:6379" healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 5s # ─── Object Storage ──────────────────────────── minio: image: minio/minio environment: MINIO_ROOT_USER: ${MINIO_USER:-minioadmin} MINIO_ROOT_PASSWORD: ${MINIO_PASSWORD:-minioadmin} command: server /data --console-address ":9001" ports: - "9000:9000" - "9001:9001" volumes: - minio_data:/data # ─── Keycloak DB ─────────────────────────────── keycloak-db: image: postgres:15-alpine environment: POSTGRES_USER: keycloak POSTGRES_PASSWORD: ${KC_DB_PASSWORD:-keycloak} POSTGRES_DB: keycloak volumes: - keycloak_db_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U keycloak -d keycloak"] interval: 5s timeout: 5s retries: 5 # ─── Auth (Keycloak) ─────────────────────────── keycloak: image: quay.io/keycloak/keycloak:24.0 environment: KEYCLOAK_ADMIN: admin KEYCLOAK_ADMIN_PASSWORD: ${KC_ADMIN_PASSWORD:-admin} KC_DB: postgres KC_DB_URL: jdbc:postgresql://keycloak-db:5432/keycloak KC_DB_USERNAME: keycloak KC_DB_PASSWORD: ${KC_DB_PASSWORD:-keycloak} command: start-dev ports: - "8080:8080" depends_on: keycloak-db: condition: service_healthy # ─── Backend (FastAPI) ───────────────────────── backend: build: context: ./backend dockerfile: Dockerfile environment: DATABASE_URL: postgresql://${DB_USER:-klg}:${DB_PASSWORD:-klg}@postgres:5432/${DB_NAME:-klg} REDIS_URL: redis://redis:6379/0 MINIO_ENDPOINT: minio:9000 MINIO_ACCESS_KEY: ${MINIO_USER:-minioadmin} MINIO_SECRET_KEY: ${MINIO_PASSWORD:-minioadmin} KEYCLOAK_URL: http://keycloak:8080 KEYCLOAK_REALM: klg SECRET_KEY: ${SECRET_KEY:?SECRET_KEY is required — set it in .env} ENVIRONMENT: ${ENVIRONMENT:-production} # ФГИС РЭВС FGIS_API_URL: ${FGIS_API_URL:-https://fgis-revs-test.favt.gov.ru/api/v2} FGIS_ORG_ID: ${FGIS_ORG_ID:-} FGIS_API_KEY: ${FGIS_API_KEY:-} FGIS_CERT_PATH: /etc/ssl/fgis/client.pem # Прокси Anthropic через papa-app (Railway) — обход блокировки с российских IP AI_PROXY_URL: ${AI_PROXY_URL:-} AI_PROXY_SECRET: ${AI_PROXY_SECRET:-} ports: - "8000:8000" volumes: - ./certs/fgis:/etc/ssl/fgis:ro - attachments_data:/app/storage depends_on: postgres: condition: service_healthy redis: condition: service_healthy restart: unless-stopped # ─── Frontend (Next.js) ──────────────────────── frontend: build: context: . dockerfile: Dockerfile environment: NEXT_PUBLIC_API_URL: http://backend:8000 NEXT_PUBLIC_WS_URL: ws://backend:8000 NEXT_PUBLIC_USE_MOCK_DATA: "true" ports: - "3000:3000" depends_on: - backend restart: unless-stopped # ─── Monitoring ──────────────────────────────── prometheus: image: prom/prometheus:latest volumes: - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml:ro ports: - "9090:9090" profiles: - monitoring grafana: image: grafana/grafana:latest ports: - "3001:3000" profiles: - monitoring volumes: postgres_data: keycloak_db_data: minio_data: attachments_data: