tdpeuter/2025SELab2-project-Dwengo
tdpeuter/2025SELab2-project-Dwengo
1
Fork 0
Code Issues Releases 4 Packages 2 Wiki Activity
2025SELab2-project-Dwengo/docker-compose.production.yml
Tibo De Peuter 77cdb652e9
Sync
2025-03-13 01:26:58 +01:00

150 lines
4.9 KiB
YAML
Raw Blame History

services:
web:
build:
context: .
dockerfile: frontend/Dockerfile
restart: unless-stopped
networks:
- dwengo-1
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.web.rule=PathPrefix(`/`)'
- 'traefik.http.services.web.loadbalancer.server.port=80'
api:
build:
context: .
dockerfile: backend/Dockerfile
restart: unless-stopped
volumes:
# TODO Replace with environment keys
- ./backend/.env:/app/.env
networks:
- dwengo-1
depends_on:
- db
- logging
labels:
- 'traefik.enable=true'
- 'traefik.http.middlewares.api-prefix.stripprefix.prefixes=/api'
- 'traefik.http.routers.api.rule=Host(`sel2-1.ugent.be`)'
- 'traefik.http.routers.api.rule=PathPrefix(`/api`)'
- 'traefik.http.routers.api.middlewares=api-prefix'
- 'traefik.http.services.api.loadbalancer.server.port=3000'
db:
image: postgres:latest
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
restart: unless-stopped
volumes:
- dwengo_postgres_data:/var/lib/postgresql/data
networks:
- dwengo-1
reverse-proxy:
image: traefik:v3.3
command:
# TODO REMOVE ME
- "--api.insecure=true"
# Add Docker provider
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
# Add web entrypoint
- "--entrypoints.web.address=:80/tcp"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
# Add websecure entrypoint
- "--entrypoints.websecure.address=:443/tcp"
- "--entrypoints.websecure.http.tls=true"
- "--entrypoints.websecure.http.tls.certResolver=letsencrypt"
- "--entrypoints.websecure.http.tls.domains[0].main=sel2-1.ugent.be"
# Certificates
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=timo.demeyst@ugent.be"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
# TODO Remove the 8080 port and --api-insecure=true
- '2002:8080'
- '80:80/tcp'
- '443:443/tcp'
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- dwengo_letsencrypt:/letsencrypt
networks:
- dwengo-1
logging:
image: grafana/loki:latest
ports:
- '3102:3102'
- '9095:9095'
volumes:
- ./config/loki/config.yml:/etc/loki/config.yaml
- dwengo_loki_data:/loki
command: -config.file=/etc/loki/config.yaml
restart: unless-stopped
networks:
- dwengo-1
dashboards:
image: grafana/grafana:latest
ports:
- '3100:3000'
volumes:
- dwengo_grafana_data:/var/lib/grafana
restart: unless-stopped
networks:
- dwengo-1
idp: # Based on: https://medium.com/@fingervinicius/easy-running-keycloak-with-docker-compose-b0d7a4ee2358
image: quay.io/keycloak/keycloak:latest
volumes:
- dwengo_idp_data:/opt/keycloak/data
- ./config/idp:/opt/keycloak/data/import
environment:
KC_HOSTNAME: sel2-1.ugent.be
KC_HOSTNAME_PORT: 7080
KC_HOSTNAME_STRICT_BACKCHANNEL: 'true'
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: admin
KC_HEALTH_ENABLED: 'true'
KC_LOG_LEVEL: info
env_file:
- ./config/idp/.env
healthcheck:
test: ['CMD', 'curl', '-f', 'http://localhost:7080/health/ready']
interval: 15s
timeout: 2s
retries: 15
# TODO Replace with proper production command
command: ['start-dev', '--http-port', '7080', '--https-port', '7443', '--import-realm']
ports:
- '7080:7080'
- '7443:7443'
depends_on:
- db
networks:
- dwengo-1
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.idp.rule=PathPrefix(`/auth`)'
- 'traefik.http.services.idp.loadbalancer.server.port=7080'
volumes:
dwengo_grafana_data:
dwengo_idp_data:
dwengo_letsencrypt:
dwengo_loki_data:
dwengo_postgres_data:
networks:
dwengo-1:
View git blame Copy permalink