263 lines
6.7 KiB
YAML
Executable File
263 lines
6.7 KiB
YAML
Executable File
version: '3'
|
|
|
|
# Port
|
|
# 6379 = redis
|
|
# 5432 = postgresql
|
|
# 80 = mercure
|
|
# 9000 = minio nginx
|
|
# 1025 = fake smtp
|
|
# 1080 = fake webmail
|
|
# 389 = fake ldap
|
|
# 636 = fake ldaps
|
|
# 6080 = tool phpldapadmin
|
|
# 6081 = tool adminer
|
|
|
|
|
|
services:
|
|
# Service redis pour le stockage des sessions
|
|
redis:
|
|
image: redis:4.0
|
|
container_name: ninegate-redis
|
|
ports:
|
|
- 6379:6379
|
|
environment:
|
|
- TZ=Europe/Paris
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
|
|
# Service postgresql pour le stockage de la bdd applicative
|
|
postgresql:
|
|
image: postgres:13-alpine
|
|
container_name: ninegate-postgresql
|
|
hostname: ninegate-postgresql
|
|
environment:
|
|
POSTGRES_MULTIPLE_DATABASES: ninegate,hydra
|
|
POSTGRES_PASSWORD: ChangeMe
|
|
POSTGRES_USER: symfony
|
|
ports:
|
|
- 5432:5432
|
|
volumes:
|
|
- db-data:/var/lib/postgresql/data:rw
|
|
- ./containers/postgresql:/docker-entrypoint-initdb.d
|
|
|
|
# Service websocket
|
|
mercure:
|
|
image: dunglas/mercure
|
|
container_name: ninegate-mercure
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80"
|
|
environment:
|
|
SERVER_NAME: ':80'
|
|
MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
|
|
MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
|
|
MERCURE_EXTRA_DIRECTIVES: |
|
|
cors_origins https://127.0.0.1:8000
|
|
# Comment the following line to disable the development mode
|
|
command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
|
|
volumes:
|
|
- mercure_data:/data
|
|
- mercure_config:/config
|
|
|
|
# Service de stockage Minio
|
|
minio1:
|
|
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
|
|
container_name: ninegate-minio1
|
|
volumes:
|
|
- data1-1:/data1
|
|
- data1-2:/data2
|
|
expose:
|
|
- "9000"
|
|
environment:
|
|
MINIO_ROOT_USER: minio
|
|
MINIO_ROOT_PASSWORD: changeme
|
|
command: server http://minio{1...4}/data{1...2}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
|
|
interval: 30s
|
|
timeout: 20s
|
|
retries: 3
|
|
|
|
# Service de stockage Minio
|
|
minio2:
|
|
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
|
|
container_name: ninegate-minio2
|
|
volumes:
|
|
- data2-1:/data1
|
|
- data2-2:/data2
|
|
expose:
|
|
- "9000"
|
|
environment:
|
|
MINIO_ROOT_USER: minio
|
|
MINIO_ROOT_PASSWORD: changeme
|
|
command: server http://minio{1...4}/data{1...2}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
|
|
interval: 30s
|
|
timeout: 20s
|
|
retries: 3
|
|
|
|
# Service de stockage Minio
|
|
minio3:
|
|
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
|
|
container_name: ninegate-minio3
|
|
volumes:
|
|
- data3-1:/data1
|
|
- data3-2:/data2
|
|
expose:
|
|
- "9000"
|
|
environment:
|
|
MINIO_ROOT_USER: minio
|
|
MINIO_ROOT_PASSWORD: changeme
|
|
command: server http://minio{1...4}/data{1...2}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
|
|
interval: 30s
|
|
timeout: 20s
|
|
retries: 3
|
|
|
|
# Service de stockage Minio
|
|
minio4:
|
|
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
|
|
container_name: ninegate-minio4
|
|
volumes:
|
|
- data4-1:/data1
|
|
- data4-2:/data2
|
|
expose:
|
|
- "9000"
|
|
environment:
|
|
MINIO_ROOT_USER: minio
|
|
MINIO_ROOT_PASSWORD: changeme
|
|
command: server http://minio{1...4}/data{1...2}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
|
|
interval: 30s
|
|
timeout: 20s
|
|
retries: 3
|
|
|
|
# Service nginx orchestrateur des minio
|
|
nginx:
|
|
image: nginx:1.19.2-alpine
|
|
container_name: ninegate-nginx
|
|
volumes:
|
|
- ./containers/minio/nginx.conf:/etc/nginx/nginx.conf:ro
|
|
ports:
|
|
- "9000:9000"
|
|
depends_on:
|
|
- minio1
|
|
- minio2
|
|
- minio3
|
|
- minio4
|
|
|
|
# Service hydra
|
|
hydra:
|
|
image: cadoles/hydra-v1
|
|
container_name: ninegate-hydra
|
|
volumes:
|
|
- ./containers/hydra/clients.d:/etc/hydra/clients.d
|
|
ports:
|
|
- 7080:4444
|
|
- 4445:4445
|
|
links:
|
|
- postgresql
|
|
depends_on:
|
|
- postgresql
|
|
restart: on-failure
|
|
environment:
|
|
LOG_LEAK_SENSITIVE_VALUES: "true"
|
|
HYDRA_URLS_SELF_ISSUER: http://127.0.0.1:7080
|
|
HYDRA_URLS_CONSENT: http://127.0.0.1:7081/consent
|
|
HYDRA_URLS_LOGIN: http://127.0.0.1:7081/login
|
|
HYDRA_URLS_LOGOUT: http://127.0.0.1:7081/logout
|
|
HYDRA_DSN: postgres://symfony:ChangeMe@postgresql:5432/hydra
|
|
#HYDRA_WAIT4X_DATABASE_TYPE: postgres
|
|
#HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:ChangeMe@postgresql:5432/hydra
|
|
HYDRA_ALLOW_INSECURE: "yes"
|
|
HYDRA_LEVEL: debug
|
|
|
|
hydra-dispatcher:
|
|
build:
|
|
context: ./containers/hydra-dispatcher
|
|
container_name: ninegate-hydra-dispatcher
|
|
links:
|
|
- hydra
|
|
ports:
|
|
- 7081:80
|
|
restart: on-failure
|
|
environment:
|
|
- APP_ENV=dev
|
|
- APP_DEBUG=yes
|
|
- HYDRA_BASE_URL=http://hydra:4444
|
|
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
|
|
# url dispatcher
|
|
- BASE_URL=http://127.0.0.1:7081
|
|
- COOKIE_PATH=/
|
|
- DEFAULT_LOCALE=fr
|
|
- APP_LOCALES=fr,en
|
|
volumes:
|
|
- ./containers/hydra-dispatcher/hydra:/var/www/config/hydra:ro
|
|
- ./containers/hydra-dispatcher/templates:/var/www/templates
|
|
- ./containers/hydra-dispatcher/theme.css:/var/www/public/build/theme/theme.css
|
|
|
|
# Service fake smtp = optionnel
|
|
mailer:
|
|
image: schickling/mailcatcher
|
|
container_name: ninegate-mailer
|
|
ports:
|
|
- 1025:1025
|
|
- 1080:1080
|
|
|
|
# Service fake openldap = optionnel si ninegate a une synchronisation avec un annuaire
|
|
openldap:
|
|
image: osixia/openldap:1.5.0
|
|
container_name: ninegate-openldap
|
|
environment:
|
|
LDAP_LOG_LEVEL: "256"
|
|
LDAP_ORGANISATION: "nine"
|
|
LDAP_DOMAIN: "nine.fr"
|
|
LDAP_ADMIN_PASSWORD: "changeme"
|
|
LDAP_CONFIG_PASSWORD: "changeme"
|
|
LDAP_READONLY_USER: "true"
|
|
LDAP_READONLY_USER_USERNAME: "readonly"
|
|
LDAP_READONLY_USER_PASSWORD: "readonly"
|
|
LDAP_TLS: "false"
|
|
volumes:
|
|
- /var/lib/ldap
|
|
- /etc/ldap/slapd.d
|
|
- /container/service/slapd/assets/certs/
|
|
ports:
|
|
- "389:389"
|
|
- "636:636"
|
|
|
|
# Service tool phpldapadmin = optionnel dans le cas de la présence d'un fake openldap
|
|
phpldapadmin:
|
|
image: osixia/phpldapadmin:latest
|
|
container_name: ninegate-phpldapadmin
|
|
environment:
|
|
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
|
|
PHPLDAPADMIN_HTTPS: "false"
|
|
ports:
|
|
- "6080:80"
|
|
depends_on:
|
|
- openldap
|
|
|
|
# Service tool adminer = optionnel
|
|
adminer:
|
|
image: adminer
|
|
container_name: ninegate-adminer
|
|
restart: always
|
|
ports:
|
|
- 6081:8080
|
|
|
|
volumes:
|
|
db-data:
|
|
mercure_data:
|
|
mercure_config:
|
|
data1-1:
|
|
data1-2:
|
|
data2-1:
|
|
data2-2:
|
|
data3-1:
|
|
data3-2:
|
|
data4-1:
|
|
data4-2: |