# UK Data Services - Production Docker Compose Configuration version: '3.8' services: # Web Application web: build: context: . dockerfile: Dockerfile-optimized container_name: ukds-web restart: unless-stopped ports: - "80:80" - "443:443" volumes: # Persistent logs - ./logs:/var/www/html/logs # Upload directory for file processing - ./uploads:/var/www/html/uploads # Cache directory for performance - ./cache:/var/www/html/cache # SSL certificates (if using HTTPS) - ./ssl:/etc/ssl/certs/ukds:ro environment: - APACHE_DOCUMENT_ROOT=/var/www/html - PHP_MEMORY_LIMIT=256M - PHP_MAX_EXECUTION_TIME=300 - PHP_UPLOAD_MAX_FILESIZE=50M - PHP_POST_MAX_SIZE=50M # Database connection - DB_HOST=database - DB_NAME=ukdataservices - DB_USER=webuser - DB_PASSWORD=secure_web_password_2025 # Application settings - SITE_URL=https://ukdataservices.co.uk - CONTACT_EMAIL=info@ukdataservices.co.uk - ANALYTICS_ID=GA_MEASUREMENT_ID # Security settings - SECURITY_SALT=your-unique-security-salt-here - API_SECRET_KEY=your-api-secret-key-here depends_on: - database - redis networks: - ukds-network labels: - "traefik.enable=true" - "traefik.http.routers.ukds.rule=Host(`ukdataservices.co.uk`)" - "traefik.http.routers.ukds.tls=true" - "traefik.http.routers.ukds.tls.certresolver=letsencrypt" # Database database: image: mysql:8.0 container_name: ukds-database restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: secure_root_password_2025 MYSQL_DATABASE: ukdataservices MYSQL_USER: webuser MYSQL_PASSWORD: secure_web_password_2025 MYSQL_CHARACTER_SET_SERVER: utf8mb4 MYSQL_COLLATION_SERVER: utf8mb4_unicode_ci ports: - "3306:3306" volumes: # Persistent database storage - mysql_data:/var/lib/mysql # Database initialization scripts - ./database/init:/docker-entrypoint-initdb.d:ro # Database configuration - ./database/my.cnf:/etc/mysql/conf.d/custom.cnf:ro command: --default-authentication-plugin=mysql_native_password networks: - ukds-network labels: - "traefik.enable=false" # Redis Cache (for performance) redis: image: redis:7-alpine container_name: ukds-redis restart: unless-stopped ports: - "6379:6379" volumes: - redis_data:/data - ./redis/redis.conf:/etc/redis/redis.conf:ro command: redis-server /etc/redis/redis.conf networks: - ukds-network labels: - "traefik.enable=false" # Backup Service backup: image: alpine:latest container_name: ukds-backup restart: "no" volumes: - mysql_data:/backup/mysql:ro - ./backups:/backups - ./logs:/backup/logs:ro command: | sh -c " apk add --no-cache mysql-client tar gzip && while true; do echo 'Starting backup at:' $$(date) mysqldump -h database -u root -psecure_root_password_2025 ukdataservices > /backups/ukds_$$(date +%Y%m%d_%H%M%S).sql tar -czf /backups/logs_$$(date +%Y%m%d_%H%M%S).tar.gz -C /backup/logs . find /backups -name '*.sql' -mtime +7 -delete find /backups -name '*.tar.gz' -mtime +7 -delete echo 'Backup completed at:' $$(date) sleep 86400 done " depends_on: - database networks: - ukds-network # Monitoring (optional) monitoring: image: prom/node-exporter:latest container_name: ukds-monitoring restart: unless-stopped ports: - "9100:9100" volumes: - /proc:/host/proc:ro - /sys:/host/sys:ro - /:/rootfs:ro command: - '--path.procfs=/host/proc' - '--path.rootfs=/rootfs' - '--path.sysfs=/host/sys' - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' networks: - ukds-network labels: - "traefik.enable=false" # Networks networks: ukds-network: driver: bridge ipam: config: - subnet: 172.20.0.0/16 # Persistent Volumes volumes: mysql_data: driver: local redis_data: driver: local # Additional configurations for production x-logging: &default-logging driver: "json-file" options: max-size: "10m" max-file: "3"