-
Notifications
You must be signed in to change notification settings - Fork 3
/
docker-compose-prod.yaml
146 lines (138 loc) · 4.14 KB
/
docker-compose-prod.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
version: '3.5'
services:
traefik:
image: "traefik:v2.3"
networks:
- semapps
command:
# - "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=myEmail@myemail.fr"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
# - "8080:8080"
volumes:
- "./data/letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
fuseki:
image: semapps/jena-fuseki-webacl
container_name: fuseki
volumes:
- ./data/fuseki:/fuseki
- ./data/staging:/staging
ports:
- "3030:3030"
networks:
- semapps
environment:
ADMIN_PASSWORD: "MyFusekiPassword"
fuseki_compact:
image: semapps/jena-fuseki-webacl:latest
entrypoint: /docker-compact-entrypoint.sh
profiles:
- compact
volumes:
- ./data/fuseki:/fuseki
middleware:
build:
dockerfile: ./deploy/middleware/Dockerfile.prod
depends_on:
- fuseki
- keycloak
volumes:
- ./middleware/logs:/archipelago/middleware/logs
- ./middleware/jwt:/archipelago/middleware/jwt
- ./middleware/uploads:/archipelago/middleware/uploads
environment:
- SEMAPPS_SPARQL_ENDPOINT=http://fuseki:3030/
- SEMAPPS_MAIN_DATASET=localData
- SEMAPPS_JENA_USER=admin
- SEMAPPS_JENA_PASSWORD=MyFusekiPassword
- SEMAPPS_HOME_URL=https://data.myDomain.com/
- 'SEMAPPS_OIDC_ISSUER=http://keycloak:8080/auth/realms/DP/'
- SEMAPPS_OIDC_CLIENT_ID=semapps
- SEMAPPS_REDIS_URL=redis://redis:6379/0
networks:
- semapps
expose:
- "3000"
labels:
- "traefik.enable=true"
- "traefik.http.routers.middleware.rule=Host(`data.myDomain.com`)"
- "traefik.http.routers.middleware.entrypoints=websecure"
- "traefik.http.routers.middleware.tls.certresolver=myresolver"
frontend:
build:
dockerfile: ./deploy/frontend/Dockerfile.prod
environment:
- REACT_APP_MIDDLEWARE_URL=https://data.myDomain.com/
- REACT_APP_MAPBOX_ACCESS_TOKEN=MyMapBoxToken
- PORT=4000
networks:
- semapps
expose:
- "4000"
labels:
- "traefik.enable=true"
- "traefik.http.routers.frontend.rule=Host(`myDomain.com`)"
- "traefik.http.routers.frontend.entrypoints=websecure"
- "traefik.http.routers.frontend.tls.certresolver=myresolver"
keycloak:
image: jboss/keycloak
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: myKeycloakPassword
KEYCLOAK_IMPORT: /tmp/realm-export.json
KEYCLOAK_FRONTEND_URL: 'https://login.myDomain.com/auth'
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
depends_on:
- postgres
volumes:
- './deploy/keycloak/realm-export.json:/tmp/realm-export.json'
ports:
- '8080:8080'
networks:
- semapps
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.rule=Host(`login.myDomain.com`)"
- "traefik.http.routers.keycloak.entrypoints=websecure"
- "traefik.http.routers.keycloak.tls.certresolver=myresolver"
postgres:
image: postgres
volumes:
- './keycloak/postgres:/var/lib/postgresql/data'
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
networks:
- semapps
redis:
image: redis
container_name: redis
expose:
- "6379"
volumes:
- ./data/redis_data:/data
networks:
- semapps
command: ["redis-server", "--appendonly", "yes"]
networks:
semapps:
name: semapps_network