nineskeletor/docker-compose.yml

263 lines
6.7 KiB
YAML
Executable File

version: '3'
# Port
# 6379 = redis
# 5432 = postgresql
# 80 = mercure
# 9000 = minio nginx
# 1025 = fake smtp
# 1080 = fake webmail
# 389 = fake ldap
# 636 = fake ldaps
# 6080 = tool phpldapadmin
# 6081 = tool adminer
services:
# Service redis pour le stockage des sessions
redis:
image: redis:4.0
container_name: ninegate-redis
ports:
- 6379:6379
environment:
- TZ=Europe/Paris
volumes:
- /etc/localtime:/etc/localtime:ro
# Service postgresql pour le stockage de la bdd applicative
postgresql:
image: postgres:13-alpine
container_name: ninegate-postgresql
hostname: ninegate-postgresql
environment:
POSTGRES_MULTIPLE_DATABASES: ninegate,hydra
POSTGRES_PASSWORD: ChangeMe
POSTGRES_USER: symfony
ports:
- 5432:5432
volumes:
- db-data:/var/lib/postgresql/data:rw
- ./containers/postgresql:/docker-entrypoint-initdb.d
# Service websocket
mercure:
image: dunglas/mercure
container_name: ninegate-mercure
restart: unless-stopped
ports:
- "80"
environment:
SERVER_NAME: ':80'
MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_EXTRA_DIRECTIVES: |
cors_origins https://127.0.0.1:8000
# Comment the following line to disable the development mode
command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
volumes:
- mercure_data:/data
- mercure_config:/config
# Service de stockage Minio
minio1:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: ninegate-minio1
volumes:
- data1-1:/data1
- data1-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio2:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: ninegate-minio2
volumes:
- data2-1:/data1
- data2-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio3:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: ninegate-minio3
volumes:
- data3-1:/data1
- data3-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service de stockage Minio
minio4:
image: minio/minio:RELEASE.2021-01-16T02-19-44Z
container_name: ninegate-minio4
volumes:
- data4-1:/data1
- data4-2:/data2
expose:
- "9000"
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# Service nginx orchestrateur des minio
nginx:
image: nginx:1.19.2-alpine
container_name: ninegate-nginx
volumes:
- ./containers/minio/nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "9000:9000"
depends_on:
- minio1
- minio2
- minio3
- minio4
# Service hydra
hydra:
image: cadoles/hydra-v1
container_name: ninegate-hydra
volumes:
- ./containers/hydra/clients.d:/etc/hydra/clients.d
ports:
- 7080:4444
- 4445:4445
links:
- postgresql
depends_on:
- postgresql
restart: on-failure
environment:
LOG_LEAK_SENSITIVE_VALUES: "true"
HYDRA_URLS_SELF_ISSUER: http://127.0.0.1:7080
HYDRA_URLS_CONSENT: http://127.0.0.1:7081/consent
HYDRA_URLS_LOGIN: http://127.0.0.1:7081/login
HYDRA_URLS_LOGOUT: http://127.0.0.1:7081/logout
HYDRA_DSN: postgres://symfony:ChangeMe@postgresql:5432/hydra
#HYDRA_WAIT4X_DATABASE_TYPE: postgres
#HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:ChangeMe@postgresql:5432/hydra
HYDRA_ALLOW_INSECURE: "yes"
HYDRA_LEVEL: debug
hydra-dispatcher:
build:
context: ./containers/hydra-dispatcher
container_name: ninegate-hydra-dispatcher
links:
- hydra
ports:
- 7081:80
restart: on-failure
environment:
- APP_ENV=dev
- APP_DEBUG=yes
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
# url dispatcher
- BASE_URL=http://127.0.0.1:7081
- COOKIE_PATH=/
- DEFAULT_LOCALE=fr
- APP_LOCALES=fr,en
volumes:
- ./containers/hydra-dispatcher/hydra:/var/www/config/hydra:ro
- ./containers/hydra-dispatcher/templates:/var/www/templates
- ./containers/hydra-dispatcher/theme.css:/var/www/public/build/theme/theme.css
# Service fake smtp = optionnel
mailer:
image: schickling/mailcatcher
container_name: ninegate-mailer
ports:
- 1025:1025
- 1080:1080
# Service fake openldap = optionnel si ninegate a une synchronisation avec un annuaire
openldap:
image: osixia/openldap:1.5.0
container_name: ninegate-openldap
environment:
LDAP_LOG_LEVEL: "256"
LDAP_ORGANISATION: "nine"
LDAP_DOMAIN: "nine.fr"
LDAP_ADMIN_PASSWORD: "changeme"
LDAP_CONFIG_PASSWORD: "changeme"
LDAP_READONLY_USER: "true"
LDAP_READONLY_USER_USERNAME: "readonly"
LDAP_READONLY_USER_PASSWORD: "readonly"
LDAP_TLS: "false"
volumes:
- /var/lib/ldap
- /etc/ldap/slapd.d
- /container/service/slapd/assets/certs/
ports:
- "389:389"
- "636:636"
# Service tool phpldapadmin = optionnel dans le cas de la présence d'un fake openldap
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: ninegate-phpldapadmin
environment:
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
PHPLDAPADMIN_HTTPS: "false"
ports:
- "6080:80"
depends_on:
- openldap
# Service tool adminer = optionnel
adminer:
image: adminer
container_name: ninegate-adminer
restart: always
ports:
- 6081:8080
volumes:
db-data:
mercure_data:
mercure_config:
data1-1:
data1-2:
data2-1:
data2-2:
data3-1:
data3-2:
data4-1:
data4-2: