Docker & Compose
Run Tzylo Auth CE using Docker Compose for production and staging environments.
Docker Compose is the recommended way to run Tzylo Auth CE alongside its required services such as the database and Redis.
This approach ensures consistent networking, configuration, and startup order across environments.
Why Docker Compose
- Run multiple services together
- Consistent service discovery
- Simple local and staging setup
- Explicit configuration
Basic Compose Setup
Below is a minimal Docker Compose configuration with:
- Tzylo Auth CE
- PostgreSQL
- Redis
docker-compose.yml
version: "3.9"
services:
auth:
image: tzylo/auth-ce:latest
ports:
- "7200:7200"
environment:
JWT_SECRET: supersecret
DATABASE_URL: postgresql://auth:auth@db:5432/authdb
REDIS_URL: redis://redis:6379
NODE_ENV: production
depends_on:
- db
- redis
db:
image: postgres:15
environment:
POSTGRES_DB: authdb
POSTGRES_USER: auth
POSTGRES_PASSWORD: auth
volumes:
- auth-db:/var/lib/postgresql/data
redis:
image: redis:7
volumes:
- auth-redis:/data
volumes:
auth-db:
auth-redis:Service Networking
Services communicate using their service names as hostnames.
- Database host:
db - Redis host:
redis - Auth service port:
7200
Do not use
localhost for inter-service communication inside Docker.Starting Services
Start stack
docker compose up -dThe Auth CE API will be available at http://localhost:7200.
Using environment files
For cleaner configuration, move secrets into an environment file:
.env
JWT_SECRET=supersecret
DATABASE_URL=postgresql://auth:auth@db:5432/authdb
REDIS_URL=redis://redis:6379Reference it in Compose:
docker-compose.yml
services:
auth:
env_file:
- .envCommon mistakes
- Using
localhostinDATABASE_URL - Exposing database ports unnecessarily
- Committing secrets to version control
- Running without Redis in scaled setups
Next: Scaling
For high availability and horizontal scaling, additional considerations apply.