services: web: build: context: . dockerfile: frontend/Dockerfile restart: unless-stopped networks: - dwengo-1 labels: - 'traefik.enable=true' - 'traefik.http.routers.web.rule=PathPrefix(`/`)' - 'traefik.http.services.web.loadbalancer.server.port=80' api: build: context: . dockerfile: backend/Dockerfile restart: unless-stopped volumes: # TODO Replace with environment keys - ./backend/.env:/app/.env networks: - dwengo-1 depends_on: - db - logging labels: - 'traefik.enable=true' - 'traefik.http.middlewares.api-prefix.stripprefix.prefixes=/api' - 'traefik.http.routers.api.rule=Host(`sel2-1.ugent.be`)' - 'traefik.http.routers.api.rule=PathPrefix(`/api`)' - 'traefik.http.routers.api.middlewares=api-prefix' - 'traefik.http.services.api.loadbalancer.server.port=3000' db: image: postgres:latest environment: POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_DB: postgres restart: unless-stopped volumes: - dwengo_postgres_data:/var/lib/postgresql/data networks: - dwengo-1 reverse-proxy: image: traefik:v3.3 command: # TODO REMOVE ME - "--api.insecure=true" # Add Docker provider - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" # Add web entrypoint - "--entrypoints.web.address=:80/tcp" - "--entrypoints.web.http.redirections.entryPoint.to=websecure" - "--entrypoints.web.http.redirections.entryPoint.scheme=https" # Add websecure entrypoint - "--entrypoints.websecure.address=:443/tcp" - "--entrypoints.websecure.http.tls=true" - "--entrypoints.websecure.http.tls.certResolver=letsencrypt" - "--entrypoints.websecure.http.tls.domains[0].main=sel2-1.ugent.be" # Certificates - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web" - "--certificatesresolvers.letsencrypt.acme.email=timo.demeyst@ugent.be" - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" ports: # TODO Remove the 8080 port and --api-insecure=true - '2002:8080' - '80:80/tcp' - '443:443/tcp' restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - dwengo_letsencrypt:/letsencrypt networks: - dwengo-1 logging: image: grafana/loki:latest ports: - '3102:3102' - '9095:9095' volumes: - ./config/loki/config.yml:/etc/loki/config.yaml - dwengo_loki_data:/loki command: -config.file=/etc/loki/config.yaml restart: unless-stopped networks: - dwengo-1 dashboards: image: grafana/grafana:latest ports: - '3100:3000' volumes: - dwengo_grafana_data:/var/lib/grafana restart: unless-stopped networks: - dwengo-1 idp: # Based on: https://medium.com/@fingervinicius/easy-running-keycloak-with-docker-compose-b0d7a4ee2358 image: quay.io/keycloak/keycloak:latest volumes: - dwengo_idp_data:/opt/keycloak/data - ./config/idp:/opt/keycloak/data/import environment: KC_HOSTNAME: sel2-1.ugent.be KC_HOSTNAME_PORT: 7080 KC_HOSTNAME_STRICT_BACKCHANNEL: 'true' KC_BOOTSTRAP_ADMIN_USERNAME: admin KC_BOOTSTRAP_ADMIN_PASSWORD: admin KC_HEALTH_ENABLED: 'true' KC_LOG_LEVEL: info env_file: - ./config/idp/.env healthcheck: test: ['CMD', 'curl', '-f', 'http://localhost:7080/health/ready'] interval: 15s timeout: 2s retries: 15 # TODO Replace with proper production command command: ['start-dev', '--http-port', '7080', '--https-port', '7443', '--import-realm'] ports: - '7080:7080' - '7443:7443' depends_on: - db networks: - dwengo-1 labels: - 'traefik.enable=true' - 'traefik.http.routers.idp.rule=PathPrefix(`/auth`)' - 'traefik.http.services.idp.loadbalancer.server.port=7080' volumes: dwengo_grafana_data: dwengo_idp_data: dwengo_letsencrypt: dwengo_loki_data: dwengo_postgres_data: networks: dwengo-1: