nineskeletor/docker-compose.yml

306 lines
7.8 KiB
YAML
Executable File
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

version: '3'
# Port
# 6379 = redis
# 5432 = postgres
# 80 = mercure
# 9000 = minio nginx
# 1025 = fake smtp
# 1080 = fake webmail
# 389 = fake ldap
# 636 = fake ldaps
# 6080 = tool phpldapadmin
# 6081 = tool adminer
services:
# Service redis
redis-master:
image: redis:6-alpine
container_name: nineskeletor-redismaster
volumes:
- "./.data:/data:rw"
ports:
- "6379:6379"
redis-slave:
image: redis:6-alpine
container_name: nineskeletor-redisslave
command: redis-server --slaveof redis-master 6379
links:
- redis-master
volumes:
- "./.data:/data:rw"
redis-sentinel:
container_name: nineskeletor-redissentinel
build:
context: ./misc/images/redis-sentinel
links:
- redis-master
# Service postgres pour le stockage de la bdd applicative
postgres:
image: postgres:13-alpine
container_name: nineskeletor-postgres
hostname: nineskeletor-postgres
environment:
POSTGRES_MULTIPLE_DATABASES: app,hydra
POSTGRES_PASSWORD: changeme
POSTGRES_USER: symfony
ports:
- 5432:5432
volumes:
- db-data:/var/lib/postgres/data:rw
- ./misc/images/postgres:/docker-entrypoint-initdb.d
# Service app
app:
build:
context: .
dockerfile: ./misc/images/app/app-docker/Dockerfile
container_name: nineskeletor-app
image: reg.cadoles.com/envole/nineskeletor
ports:
- ${APP_HTTP_PORT:-8080}:8080
links:
- postgres
- hydra
- redis-sentinel
depends_on:
- postgres
- hydra
volumes:
- ./src:/app/src:delegated
- ./public:/app/public:delegated
- ./templates:/app/templates:delegated
- ./translations:/app/translations:delegated
- ./tests:/app/tests:delegated
- ./config:/app/config:delegated
- ./.env:/app/.env:delegated
environment:
PHP_FPM_MEMORY_LIMIT: 128m
APP_ENV: dev
# Service websocket
mercure:
image: dunglas/mercure
container_name: nineskeletor-mercure
restart: unless-stopped
ports:
- "8081:80"
environment:
SERVER_NAME: ':80'
MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_EXTRA_DIRECTIVES: |
cors_origins "http://localhost:8080"
anonymous
# Comment the following line to disable the development mode
#command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
volumes:
- mercure_data:/data
- mercure_config:/config
# Service de stockage Minio
minio1:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: nineskeletor-minio1
volumes:
- data1-1:/data1
- data1-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio2:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: nineskeletor-minio2
volumes:
- data2-1:/data1
- data2-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio3:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: nineskeletor-minio3
volumes:
- data3-1:/data1
- data3-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio4:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: nineskeletor-minio4
volumes:
- data4-1:/data1
- data4-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service nginx orchestrateur des minio
nginx:
image: nginx:1.19.2-alpine
container_name: nineskeletor-nginx
volumes:
- ./misc/images/minio/nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "9000:9000"
depends_on:
- minio1
- minio2
- minio3
- minio4
# Service hydra
hydra:
image: cadoles/hydra-v1
container_name: nineskeletor-hydra
volumes:
- ./misc/images/hydra/clients.d:/etc/hydra/clients.d
ports:
- 7080:4444
- 4445:4445
links:
- postgres
depends_on:
- postgres
restart: on-failure
environment:
LOG_LEAK_SENSITIVE_VALUES: "true"
HYDRA_URLS_SELF_ISSUER: http://localhost:7080
HYDRA_URLS_CONSENT: http://localhost:7081/consent
HYDRA_URLS_LOGIN: http://localhost:7081/login
HYDRA_URLS_LOGOUT: http://localhost:7081/logout
HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra
#HYDRA_WAIT4X_DATABASE_TYPE: postgres
#HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:changeme@postgres:5432/hydra
HYDRA_ALLOW_INSECURE: "yes"
HYDRA_LEVEL: debug
hydra-dispatcher:
build:
context: ./misc/images/hydra-dispatcher
container_name: nineskeletor-hydra-dispatcher
links:
- hydra
ports:
- 7081:80
restart: on-failure
environment:
- APP_ENV=dev
- APP_DEBUG=yes
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
# url dispatcher
- BASE_URL=http://localhost:7081
- COOKIE_PATH=/
- DEFAULT_LOCALE=fr
- APP_LOCALES=fr,en
volumes:
- ./misc/images/hydra-dispatcher/hydra:/var/www/config/hydra:ro
- ./misc/images/hydra-dispatcher/templates:/var/www/templates
- ./misc/images/hydra-dispatcher/theme.css:/var/www/public/build/theme/theme.css
# Service fake smtp = optionnel
mailer:
image: schickling/mailcatcher
container_name: nineskeletor-mailer
ports:
- 1025:1025
- 1080:1080
# Service fake openldap = optionnel si nineskeletor a une synchronisation avec un annuaire
openldap:
image: osixia/openldap:1.5.0
container_name: nineskeletor-openldap
environment:
LDAP_LOG_LEVEL: "256"
LDAP_ORGANISATION: "nine"
LDAP_DOMAIN: "nine.fr"
LDAP_ADMIN_PASSWORD: "changeme"
LDAP_CONFIG_PASSWORD: "changeme"
LDAP_READONLY_USER: "true"
LDAP_READONLY_USER_USERNAME: "readonly"
LDAP_READONLY_USER_PASSWORD: "readonly"
LDAP_TLS: "false"
volumes:
- /var/lib/ldap
- /etc/ldap/slapd.d
- /container/service/slapd/assets/certs/
ports:
- "389:389"
- "636:636"
# Service tool phpldapadmin = optionnel dans le cas de la présence d'un fake openldap
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: nineskeletor-phpldapadmin
environment:
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
PHPLDAPADMIN_HTTPS: "false"
ports:
- "6080:80"
depends_on:
- openldap
# Service tool adminer = optionnel
adminer:
image: adminer
container_name: nineskeletor-adminer
restart: always
ports:
- 6081:8080
volumes:
db-data:
mercure_data:
mercure_config:
data1-1:
data1-2:
data2-1:
data2-2:
data3-1:
data3-2:
data4-1:
data4-2: