compose.yml

name: "$$COMPOSE_BASE_NAME$$"
include:
  - ./compose.base.yml
   
x-scaling:
  classifier: &scale-classifier
    scale: ${CLASSIFIER_SCALE:-1}
  
services:
  # Kafka Connect in the full configuration, including PostgreSQL
  kafka-connect:
    build:
      context: ./kafka_connect/
      dockerfile: kafka_connect.Dockerfile
    depends_on:
      initializer:
        condition: service_completed_successfully
      postgres:
        condition: service_started
    secrets:
      - kafka-truststore
      - kafka-connect-keystore
    networks:
      kafka-clients:
        ipv4_address: 192.168.100.10
        aliases: [ "kafka-connect" ]
      databases: {}
      outside-world:
        ipv4_address: 192.168.103.10
    ports:
      - "31002:8083"
    volumes:
      - ./kafka_connect/properties/:/opt/kafka-connect/config/
      - kafka-connect-offsets:/tmp/kafka-connect

  loader:
    image: domrad/loader
    restart: always
    depends_on:
      initializer:
        condition: service_completed_successfully
      postgres:
        condition: service_started
    networks:
      - kafka-clients
      - databases
      - outside-world
    volumes:
      - ./secrets/secrets_loader/:/app/secrets
      - ./misc/testing_domains.txt:/app/sample.txt
    env_file:
      - ./envs/loader.env

  webui:
    image: domrad/webui
    restart: always
    depends_on:
      kafka1:
        condition: service_started
      postgres:
        condition: service_healthy
    networks:
      - kafka-clients
      - databases
      - outside-world
    ports:
      - "31003:31003"
    volumes:
      - ./secrets/secrets_webui/:/app/kafka-ssl
    env_file:
      - ./envs/webui.env

  config-manager:
    profiles:
      - configmanager
    image: domrad/config-manager
    depends_on:
      initializer:
        condition: service_completed_successfully
    user: root
    secrets:
      - ca-cert
      - config-manager-cert
      - config-manager-key
    networks:
      - kafka-clients
    volumes:
      - ./client_properties/:/var/domainradar_properties/
      - ./client_properties/config_manager.toml:/app/config.toml
      - ./domrad_control.sock:/app/config_manager.sock

  # --- Classifier --- #

  classifier:
    <<: *scale-classifier
    image: domrad/classifier
    restart: always
    depends_on:
      initializer:
        condition: service_completed_successfully
    secrets:
      - ca-cert
      - classifier-unit-cert
      - classifier-unit-key
    networks:
      - kafka-clients
    volumes:
      - ./client_properties/classifier_unit.toml:/app/config.toml

  # --- Databases --- #

  postgres:
    image: docker.io/postgres:16
    mem_limit: "${POSTGRES_MEM_LIMIT:-2gb}"
    restart: always
    secrets:
      - postgres_master_password
      - postgres_prefilter_password
      - postgres_controller_password
      - postgres_connect_password
      - postgres_webui_password
    volumes:
      - postgres-data:/var/lib/postgresql/data
      - ./postgres/init/:/docker-entrypoint-initdb.d/
      - ./postgres/postgres.conf:/etc/postgresql/postgresql.conf
    env_file:
      - ./postgres/postgres.env
    ports:
      - "31010:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      databases:
        ipv4_address: 192.168.101.2
        aliases: [ "postgres" ]
      outside-world:
        ipv4_address: 192.168.103.20

volumes:
  postgres-data: {}
  kafka-connect-offsets: {}

secrets:
  postgres_master_password:
    file: ./postgres/master.secret
  postgres_prefilter_password:
    file: ./postgres/prefilter.secret
  postgres_controller_password:
    file: ./postgres/controller.secret
  postgres_connect_password:
    file: ./postgres/connect.secret
  postgres_webui_password:
    file: ./postgres/webui.secret