docker-compose-dnc.yml

version: '3'

services:
    production-api:
        image: your-api-image
        ports:
            - "5000:5000"
        networks:
            - api-network
        restart: unless-stopped

    nginx-certbot:
        image: nginx-certbot
        build: 
            context: .
            dockerfile: Dockerfile-dnc
        environment:
            - DOMAIN=api.yourdomain.com
            - CERTBOT_EMAIL=devops@yourdomain.com
        ports:
            - 80:80
            - 443:443
        volumes:
            - ./nginx-dnc/nginx.conf:/etc/nginx/nginx.conf         # Nginx general configs
            - ./nginx-dnc/nginxconfig.io:/etc/nginx/nginxconfig.io # Nginx proxy, security and other configs
            - ./nginx-dnc/sites-enabled:/etc/nginx/sites-enabled   # Server configs
            - ./nginx-dnc/dhparam.pem:/etc/nginx/dhparam.pem       # DHParams
            - nginx_secrets:/etc/letsencrypt                       # Persist certificates on host machine
        read_only: true
        tmpfs:
            - /etc/nginx/conf.d
            - /var/cache/nginx
            - /var/run
            - /tmp
            - /var/log/nginx
            - /var/log/letsencrypt
            - /var/lib/letsencrypt
            - /var/www/letsencrypt
        cap_drop:
            - ALL
        cap_add:
            - NET_BIND_SERVICE
            - CHOWN
            - SETUID
            - SETGID
        restart: unless-stopped
        networks:
            - api-network
        depends_on:
            - production-api

volumes:
    nginx_secrets:

networks:
    api-network:
        driver: bridge