f239a939ce
Multi-stage Dockerfile compiles wasm client + axum server in one Rust builder and copies into a debian:bookworm-slim runtime (non-root uid). docker-compose.yml binds localhost:8080 by default; docker-compose.prod.yml replaces ports with a Caddy reverse proxy on host 80/443 that talks to the voxel container over the internal network. Caddy auto-issues Let's Encrypt certs. DEPLOY.md covers the three deployment modes (local-only, VPS with Cloudflare or Caddy, Cloudflare Tunnel from a workstation).
27 lines
731 B
YAML
27 lines
731 B
YAML
# Production overrides — Caddy on 80/443 terminates TLS and reverse
|
|
# proxies to the voxel container over the internal Docker network.
|
|
# The voxel service drops its host port mapping (was 127.0.0.1:8080:8080
|
|
# in the base file); Caddy reaches it via the service name. Run with:
|
|
# docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
|
|
services:
|
|
voxel:
|
|
ports: !override []
|
|
restart: always
|
|
|
|
caddy:
|
|
image: caddy:2-alpine
|
|
container_name: voxel-caddy
|
|
restart: always
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./Caddyfile:/etc/caddy/Caddyfile:ro
|
|
- caddy_data:/data
|
|
- caddy_config:/config
|
|
depends_on:
|
|
- voxel
|
|
|
|
volumes:
|
|
caddy_data:
|
|
caddy_config:
|