-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
131 lines (124 loc) · 3.81 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# Docker-compose file for setting up dependencies for a fully working development environment
# This file is used to start up the following services:
# - Postgres
# - Minio (S3 local development replacement)
# - Imgproxy (for local development)
# - Nyckeln under dörrmattan (login service local replacement)
# - The Phoenix application
services:
db:
image: postgres:14
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
volumes:
- _postgres:/var/lib/postgresql/data
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
interval: 5s
timeout: 5s
retries: 5
minio:
image: minio/minio
environment:
MINIO_DOMAIN: localhost # Needed to enable virtual host style requests
# Encryption stuff
MINIO_KMS_KES_ENDPOINT: https://play.min.io:7373
MINIO_KMS_KES_KEY_FILE: root.key
MINIO_KMS_KES_CERT_FILE: root.cert
MINIO_KMS_KES_KEY_NAME: my-minio-sse-kms-key
# Root admin user
MINIO_ROOT_USER: admin
MINIO_ROOT_PASSWORD: adminadmin
# We need to download the root.key and root.cert files before starting the server
entrypoint: >
bin/sh -c 'curl -sSL --tlsv1.2 -O "https://raw.githubusercontent.com/minio/kes/master/root.key" -O "https://raw.githubusercontent.com/minio/kes/master/root.cert";
minio server /data --console-address ":9001";'
volumes:
- _minio:/data
ports:
- "9000:9000"
- "9001:9001" # Console port
healthcheck:
test: "mc ready local"
interval: 2s
timeout: 10s
retries: 5
# Service to create buckets and set up encryption on Minio
createbuckets:
image: minio/mc
depends_on:
minio:
condition: service_healthy
entrypoint: >
/bin/sh -c "
mc alias set myminio http://minio:9000 admin adminadmin;
mc admin user add myminio IPGAGmgxUBwvZoHowCez RNHuldJLrZSB0RxmpCEYzLOwN0HRIz9RnC2I4qQG;
mc admin policy attach myminio readwrite --user IPGAGmgxUBwvZoHowCez;
mc mb myminio/metaspexet-haj;
mc encrypt set sse-s3 myminio/metaspexet-haj;
exit 0;
"
imgproxy:
image: darthsim/imgproxy
environment:
# Imgproxy encryption stuff
IMGPROXY_KEY: "aaaa"
IMGPROXY_SALT: "1b1b"
# Minio configuration
IMGPROXY_USE_S3: true
AWS_ACCESS_KEY_ID: IPGAGmgxUBwvZoHowCez
AWS_SECRET_ACCESS_KEY: RNHuldJLrZSB0RxmpCEYzLOwN0HRIz9RnC2I4qQG
IMGPROXY_S3_ENDPOINT: "http://minio:9000"
IMGPROXY_S3_REGION: "eu-north-1"
IMGPROXY_BASE_URL: "s3://metaspexet-haj"
# Imgproxy configuration
IMGPROXY_TTL: 31536000
IMGPROXY_MAX_SRC_RESOLUTION: 30
IMGPROXY_DEVELOPMENT_ERRORS_MODE: true
ports:
- "8080:8080"
login:
image: ghcr.io/datasektionen/nyckeln-under-dorrmattan
ports:
- 7002:7002
app:
build:
context: .
dockerfile: Dockerfile
command:
- "./entrypoint.sh"
environment:
# Database stuff
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: haj_dev
POSTGRES_HOST: db
# Imgproxy stuff
IMGPROXY_KEY: aaaa
IMGPROXY_SALT: 1b1b
IMAGE_URL: http://localhost:8080
# Minio/S3 stuff
AWS_ACCESS_KEY_ID: IPGAGmgxUBwvZoHowCez
AWS_SECRET_ACCESS_KEY: RNHuldJLrZSB0RxmpCEYzLOwN0HRIz9RnC2I4qQG
# Login stuff
LOGIN_URL: http://login:7002
LOGIN_FRONTEND_URL: http://localhost:7002
LOGIN_API_KEY: VERY_SECRET_API_KEY
# Misc
ZFINGER_URL: http://zfinger.datasektionen.se
ports:
- "4000:4000"
volumes:
- .:/app
- _elixir_build:/app/_build # So that we can have separate build files for the host and the container
depends_on:
- db
- minio
- imgproxy
- login
volumes:
_postgres:
_minio:
_elixir_build: