-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
139 lines (138 loc) · 4.04 KB
/
Copy pathdocker-compose.yml
File metadata and controls
139 lines (138 loc) · 4.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
services:
setup-keycloak:
depends_on:
- server
image: alpine
environment:
- KEYCLOAK_URL=http://keycloak:8080
- KEYCLOAK_REALM=master
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=password
- DISUKO_CLIENT_ID=243e5c8-9b1a-4c3d-9f0e-7b2a1c8e5f6ac
- DISUKO_CLIENT_SECRET=RST845JLOP8x9Z2n1QFDA25A1B2C3D4k
- DISUKO_HOST=https://localhost:3009
entrypoint: ["/bin/sh", "-c"]
command:
- |
apk add --no-cache curl jq
sh /tmp/setup-keycloak.sh
healthcheck:
test: ["CMD", "echo", "healthy"]
volumes:
- ./import:/tmp
disuko-nginx:
depends_on:
- server
- client
build:
context: ./nginx
dockerfile: Dockerfile
container_name: disuko-nginx
ports:
- 3009:3009 # 3009 is used as port 3000 is blocked on the GitHub runner
volumes:
- ./certs:/etc/nginx/certs
healthcheck:
test: ["CMD", "service", "nginx", "status"]
interval: 30s
timeout: 10s
retries: 3
valkey:
image: valkey/valkey
ports:
- 6379:6379
healthcheck:
test: ["CMD", "valkey-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
db:
image: ghcr.io/documentdb/documentdb/documentdb-local:latest
ports:
- 10260:10260
command:
["--skip-init-data", "--username", "disuko", "--password", "disuko"]
volumes:
- documentdb_data:/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -h localhost -p 9712 -U documentdb -d postgres"]
interval: 30s
timeout: 10s
start_period: 30s
retries: 5
client:
build:
context: ./frontend
dockerfile: Dockerfile.build
args:
- APP=portal
- MODE=production
healthcheck:
test: ["CMD-SHELL", "curl -f localhost:8080/index.html || exit 1"]
interval: 30s
timeout: 10s
retries: 3
keycloak:
image: quay.io/keycloak/keycloak:26.5.0
environment:
KC_LOG_LEVEL: info
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: password
KC_HOSTNAME: http://localhost:8080/
KC_HOSTNAME_BACKCHANNEL_DYNAMIC: true
command: start-dev --health-enabled=true
ports:
- 127.0.0.1:8080:8080
volumes:
- keycloak_data:/opt/keycloak/data
healthcheck:
test:
[
"CMD-SHELL",
"exec 3<>/dev/tcp/127.0.0.1/9000;echo -e 'GET /health/ready HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n' >&3;if [ $? -eq 0 ]; then echo 'Healthcheck Successful';exit 0;else echo 'Healthcheck Failed';exit 1;fi;",
]
interval: 30s
timeout: 10s
retries: 15
server:
build: backend
depends_on:
db:
condition: service_healthy
keycloak:
condition: service_healthy
environment:
- DATABASE_TYPE=MongoDB
- DATABASE_HOST=db
- DATABASE_PORT=10260
- DATABASE_SCHEME=http
- DATABASE_USER=disuko
- DATABASE_PASSWORD=disuko
- DATABASE_SKIP_VERIFY=true
- CACHE_HOST=valkey
- DISUKO_HOST=https://localhost:3009
- SERVER_PORT=3009
- CLIENT_REDIRECT_URL=https://localhost:3009
- OAUTH2_INSECURE_PROVIDER=http://localhost:8080/realms/master
- OAUTH2_PROVIDER=http://keycloak:8080/realms/master
- OAUTH2_LOGOUT_ENDPOINT=http://localhost:8080/realms/master/protocol/openid-connect/logout
- OAUTH2_REDIRECTURL=https://localhost:3009/api/v1/login
- OAUTH2_SECRET=RST845JLOP8x9Z2n1QFDA25A1B2C3D4k
- OAUTH2_CLIENTID=243e5c8-9b1a-4c3d-9f0e-7b2a1c8e5f6ac
- OAUTH2_UPPERCASEUSERNAME=false
- OAUTH2_REGEXTOKEN=^[a-zA-Z0-9_\\.-]{10,150}$
- OAUTH2_PREVENT_TOKEN_HIJACKING=false
- S3_ENABLED=false
- SERVER_UPLOADPATH=/go/server/uploads
- VANILLA_DISUKO=true
- SERVER_ALLOWED_ORIGINS=https://localhost:3009
volumes:
- ./uploads:/go/server/uploads
healthcheck:
test: wget --no-verbose --tries=1 --spider server:3009/healthz || exit 1
interval: 10s
timeout: 60s
retries: 25
volumes:
documentdb_data:
keycloak_data: