trm/deploy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2c49328e123a4aff31a05809d648abcf47798b73
deploy/compose.yaml
T
julian 2c49328e12 Add postgres (TimescaleDB-HA + PostGIS) and processor services 
postgres service uses timescale/timescaledb-ha:pg16.6-ts2.17.2-all,
which bundles TimescaleDB and PostGIS (and others) ready for CREATE
EXTENSION. This avoids a future DB image swap when Phase 2 of processor
needs PostGIS for the geofence engine. Pinned to a specific tag for
reproducibility; the Docker Hub URL for verification is in the comment.

Data directory mount path is /home/postgres/pgdata/data (the ha-image
layout, different from the stock postgres image's /var/lib/...).
Internal-only — no host port mapping. POSTGRES_USER/PASSWORD/DB env
vars retained as the credential mechanism; if the ha-image rejects
them, fix the env-var scheme without changing the rest of the layout.

processor service references git.dev.microservices.al/trm/processor:
${PROCESSOR_TAG:-main}, depends on Redis + Postgres healthy, takes its
POSTGRES_URL from the same credential vars Postgres bootstraps with.

.env.example documents the new POSTGRES_*, PROCESSOR_TAG, and
PROCESSOR_INSTANCE_ID variables. Important: POSTGRES_PASSWORD only
applies on first boot; rotate via ALTER USER inside psql afterwards.
2026-05-01 10:38:52 +02:00

119 lines
4.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# TRM platform — deployment stack
#
# Deployed via Portainer Repository Stack:
# Repository: git.dev.microservices.al/trm/deploy
# Compose path: compose.yaml
# Branch: main
#
# Images are built and pushed by each service's own Gitea workflow.
# This file references them by tag and runs them as a coordinated stack.
#
# Before first deploy on the host: `docker login git.dev.microservices.al`
# (Portainer can store registry credentials in its UI; configure once.)
#
# Environment variables are populated from Portainer's stack environment
# config (or a `.env` file alongside this compose for non-Portainer hosts).
# Defaults are provided via `${VAR:-default}` so the stack starts with no
# explicit configuration on a fresh deploy.
name: trm
services:
# -------------------------------------------------------------------
# Redis — telemetry queue + (future) connection registry for Phase 2.
# Internal-only; no host port mapping.
# -------------------------------------------------------------------
redis:
image: redis:7-alpine
expose:
- '6379'
volumes:
- redis-data:/data
restart: unless-stopped
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
interval: 10s
timeout: 3s
retries: 5
# -------------------------------------------------------------------
# tcp-ingestion — Teltonika telemetry TCP server.
# Built by git.dev.microservices.al/trm/tcp-ingestion's Gitea workflow.
# -------------------------------------------------------------------
tcp-ingestion:
image: git.dev.microservices.al/trm/tcp-ingestion:${TCP_INGESTION_TAG:-main}
depends_on:
redis:
condition: service_healthy
ports:
# Devices connect to this port. Use `${HOST_BIND_IP:-0.0.0.0}:5027:5027`
# if you want to restrict which host interface accepts connections.
- '${TCP_INGESTION_PORT:-5027}:5027'
environment:
NODE_ENV: production
INSTANCE_ID: ${TCP_INGESTION_INSTANCE_ID:-stage-1}
REDIS_URL: redis://redis:6379
LOG_LEVEL: ${LOG_LEVEL:-info}
restart: unless-stopped
# -------------------------------------------------------------------
# postgres — PostgreSQL 16 with TimescaleDB + PostGIS extensions
# (and others) bundled. Image: timescale/timescaledb-ha, `-all` suffix
# = all extensions present and ready for `CREATE EXTENSION`.
#
# Schema is owned by Directus (when it lands); the `positions`
# hypertable is owned by the processor's migration runner.
# Internal-only; no host port mapping.
#
# The image tag should be reviewed every 36 months. Pick the latest
# stable `pg16-ts*-all` build from Docker Hub:
# https://hub.docker.com/r/timescale/timescaledb-ha/tags
# Pin to a specific tag (not rolling `pg16`) so deploys are reproducible.
# -------------------------------------------------------------------
postgres:
image: timescale/timescaledb-ha:pg16.6-ts2.17.2-all
expose:
- '5432'
volumes:
- postgres-data:/home/postgres/pgdata/data
environment:
POSTGRES_USER: ${POSTGRES_USER:-trm}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-trm-pilot-change-me}
POSTGRES_DB: ${POSTGRES_DB:-trm}
restart: unless-stopped
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U ${POSTGRES_USER:-trm} -d ${POSTGRES_DB:-trm}']
interval: 10s
timeout: 3s
retries: 5
# -------------------------------------------------------------------
# processor — consumes telemetry from Redis, writes to Postgres.
# Built by git.dev.microservices.al/trm/processor's Gitea workflow.
# -------------------------------------------------------------------
processor:
image: git.dev.microservices.al/trm/processor:${PROCESSOR_TAG:-main}
depends_on:
redis:
condition: service_healthy
postgres:
condition: service_healthy
environment:
NODE_ENV: production
INSTANCE_ID: ${PROCESSOR_INSTANCE_ID:-processor-1}
REDIS_URL: redis://redis:6379
POSTGRES_URL: postgres://${POSTGRES_USER:-trm}:${POSTGRES_PASSWORD:-trm-pilot-change-me}@postgres:5432/${POSTGRES_DB:-trm}
LOG_LEVEL: ${LOG_LEVEL:-info}
restart: unless-stopped
# -------------------------------------------------------------------
# Future services land here:
# - directus: business-plane API + admin UI
# - react-spa: front-end (static, served via nginx or Caddy)
# See ../docs/wiki/ for the platform architecture.
# -------------------------------------------------------------------
volumes:
redis-data:
postgres-data:
Reference in New Issue View Git Blame Copy Permalink