version: '3.8' services: global-it24-web: build: context: . dockerfile: Dockerfile args: NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_SITE_URL:-https://global-it24.local} container_name: global-it24-landing restart: unless-stopped environment: - NODE_ENV=production - NEXT_PUBLIC_SITE_URL=${NEXT_PUBLIC_SITE_URL:-https://global-it24.local} networks: - traefik-public labels: # Включаем Traefik для этого контейнера - "traefik.enable=true" # Настройка HTTP - "traefik.http.routers.global-it24.rule=Host(`${DOMAIN:-global-it24.local}`)" - "traefik.http.routers.global-it24.entrypoints=web" - "traefik.http.routers.global-it24.middlewares=redirect-to-https@docker" # Настройка HTTPS - "traefik.http.routers.global-it24-secure.rule=Host(`${DOMAIN:-global-it24.local}`)" - "traefik.http.routers.global-it24-secure.entrypoints=websecure" - "traefik.http.routers.global-it24-secure.tls=true" - "traefik.http.routers.global-it24-secure.tls.certresolver=letsencrypt" # Middleware для редиректа HTTP -> HTTPS - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - "traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true" # Указываем порт сервиса - "traefik.http.services.global-it24.loadbalancer.server.port=3000" # Middleware для заголовков безопасности - "traefik.http.middlewares.security-headers.headers.customResponseHeaders.X-Frame-Options=SAMEORIGIN" - "traefik.http.middlewares.security-headers.headers.customResponseHeaders.X-Content-Type-Options=nosniff" - "traefik.http.middlewares.security-headers.headers.customResponseHeaders.X-XSS-Protection=1; mode=block" - "traefik.http.routers.global-it24-secure.middlewares=security-headers@docker" healthcheck: test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/"] interval: 30s timeout: 10s retries: 3 start_period: 40s networks: traefik-public: external: true