cg-dmf-poc/docker-compose.yml at develop · Baseflow/cg-dmf-poc · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: cg-dmf-poc

services:
  postgres:
    image: postgres:16-alpine
    container_name: dmf-postgres
    environment:
      POSTGRES_DB: documenten
      POSTGRES_USER: documenten
      POSTGRES_PASSWORD: documenten
    volumes:
      - postgres_data:/var/lib/postgresql/data
      - ./data/postgres-init:/docker-entrypoint-initdb.d
    healthcheck:
      test: [ 'CMD-SHELL', 'pg_isready -U documenten' ]
      interval: 10s
      timeout: 5s
      retries: 5

  keycloak:
    container_name: dmf-keycloak
    image: keycloak/keycloak:latest
    command:
      - start-dev
      - --import-realm
      - -Dkeycloak.migration.strategy=SKIP
    environment:
      - KEYCLOAK_ADMIN=keycloak
      - KEYCLOAK_ADMIN_PASSWORD=keycloak
      - KC_DB_URL_HOST=postgres
      - KC_DB_PASSWORD=documenten
      - KC_DB=postgres
      - KC_DB_URL_DATABASE=keycloak
      - KC_DB_USERNAME=documenten
    ports:
      - '8081:8080'
    volumes:
      - ./data/realm-export.json:/opt/keycloak/data/import/realm.json
    depends_on:
      postgres:
        condition: service_healthy

  app:
    build: .
    container_name: dmf-app
    environment:
      DB_URL: jdbc:postgresql://postgres:5432/documenten
      DB_USER: documenten
      DB_PASSWORD: documenten
      OIDC_ISSUER: http://keycloak:8080/realms/cg-dmf
      ZGW_ALLOWED_CLIENT_IDS: gzac
      BLOB_STORAGE_TYPE1: S3
      BLOB_STORAGE_NAME1: minio-local
      BLOB_STORAGE_URL1: http://minio:9000
      BLOB_STORAGE_ACCESS_KEY1: minioadmin
      BLOB_STORAGE_SECRET_KEY1: minioadmin
      OPENZAAK_CLIENT_SECRET: ${OPENZAAK_CLIENT_SECRET:-}
    healthcheck:
      test:
        [
          'CMD-SHELL',
          'wget -qO- http://localhost:8080/health/liveness || exit 1',
        ]
      interval: 5s
      timeout: 5s
      retries: 20
    depends_on:
      postgres:
        condition: service_healthy

  minio:
    image: minio/minio:latest
    container_name: dmf-minio
    # restart: always
    environment:
      - S3_ACCESS_KEY=minioadmin
      - S3_SECRET_KEY=minioadmin
      - CONSOLE_ACCESS_KEY=admin
      - CONSOLE_SECRET_KEY=admin
    command: server --address ":9000" --console-address ":9001" /data
    volumes:
      - minio_data:/data

  azurite:
    image: mcr.microsoft.com/azure-storage/azurite:latest
    container_name: dmf-azurite
    ports:
      - '10000:10000'
      - '10001:10001'
      - '10002:10002'
    command: 'azurite --blobHost 0.0.0.0 --queueHost 0.0.0.0 --tableHost 0.0.0.0'

  notificaties-api:
    image: openzaak/open-notificaties:latest
    container_name: notificaties-api
    environment:
      DB_HOST: postgres
      DB_NAME: notificaties
      DB_USER: documenten
      DB_PASSWORD: documenten
      DJANGO_SETTINGS_MODULE: nrc.conf.docker
      SECRET_KEY: "${SECRET_KEY:-\\(,gc7VE(#CO<zCR3e(lRtOsw5q+U2DpG5o\\X#P4PVRm*=u|E%}"
      IS_HTTPS: no
      ALLOWED_HOSTS: '*'
      CACHE_DEFAULT: redis:6379/0
      CACHE_AXES: redis:6379/1
      RABBITMQ_HOST: rabbitmq
      PUBLISH_BROKER_URL: amqp://guest:guest@rabbitmq:5672/%2F
      CELERY_BROKER_URL: amqp://guest:guest@rabbitmq:5672//
      CELERY_RESULT_EXPIRES: 3600
      CELERY_RESULT_BACKEND: redis://redis:6379/1
      CELERY_LOGLEVEL: DEBUG
      CELERY_WORKER_CONCURRENCY: ${CELERY_WORKER_CONCURRENCY:-4}
      SUBPATH: ${SUBPATH:-/}
      OPENNOTIFICATIES_SUPERUSER_USERNAME: admin
      OPENNOTIFICATIES_SUPERUSER_EMAIL: admin@localhost
      DJANGO_SUPERUSER_PASSWORD: admin
      DISABLE_2FA: ${DISABLE_2FA:-yes}
      LOG_NOTIFICATIONS_IN_DB: ${LOG_NOTIFICATIONS_IN_DB:-yes}
      DB_CONN_MAX_AGE: '0'
      DB_POOL_ENABLED: True

      # Enabling Open Telemetry requires the services in docker/docker-compose.observability.yaml
      # to be up and running.
      OTEL_SDK_DISABLED: ${OTEL_SDK_DISABLED:-true}
      OTEL_RESOURCE_ATTRIBUTES: maykin.saas.client=maykin,maykin.saas.target=dev
      OTEL_METRIC_EXPORT_INTERVAL: ${OTEL_METRIC_EXPORT_INTERVAL:-60000}
      OTEL_EXPORTER_OTLP_ENDPOINT: ${OTEL_EXPORTER_OTLP_ENDPOINT:-http://otel-collector:4317} # gRPC
      # otel:supersecret, escape spaces and = with percent encoding
      OTEL_EXPORTER_OTLP_HEADERS: Authorization=Basic b3RlbDpzdXBlcnNlY3JldA==
      OTEL_EXPORTER_OTLP_METRICS_INSECURE: ${OTEL_EXPORTER_OTLP_METRICS_INSECURE:-true}
      _OTEL_ENABLE_CONTAINER_RESOURCE_DETECTOR: true

    ports:
      - '8000:8000'

  rabbitmq:
    image: rabbitmq:4.0-alpine

  redis:
    image: redis

volumes:
  postgres_data:
  minio_data: