version: "3.7" services: hub: image: eu.gcr.io/dev-and-test-env/hub:${HUB_TAG:-dev} environment: JAEGER_DISABLED: "false" JAEGER_AGENT_HOST: tracing command: - "/bin/hub" - "--log-level=DEBUG" - "--http-address=:9192" - "--metrics-health-address=:9090" - "--metadb-host=metadb" - "--metadb-port=5433" - "--metadb-name=hub" - "--metadb-user=user" - "--metadb-password-path=/db/password" - "--metadb-conn-pool-size=10" - "--profiling=:9292" - "--jwt-public-key-path=/config/auth/idp.crt" - "--jwt-private-key-path=/config/auth/idp.key" - "--pantheon-url=http://pantheon:4300" - "--datastore-url=http://datastore:9191" - "--profiler-url=http://profiler:8080" - "--encryption-passphrase-path=/db/password" volumes: - ./config/db-password:/db/password - ./config/auth:/config/auth depends_on: - datastore - pantheon - metadb graphql: image: eu.gcr.io/dev-and-test-env/pgql-server:${GRAPHQL_TAG:-dev} environment: JAEGER_DISABLED: "false" JAEGER_AGENT_HOST: tracing PGQL_ENABLE_PLAYGROUND: "false" PGQL_LOG_LEVEL: "DEBUG" PGQL_PANTHEON_HOST: pantheon PGQL_PANTHEON_PORT: "5431" PGQL_PANTHEON_DISABLE_SSL: "true" PGQL_HUB_URL: http://hub:9192 PGQL_JWT_PUBLIC_KEY_PATH: /config/auth/idp.crt PGQL_JWT_PRIVATE_KEY_PATH: /config/auth/key.pem volumes: - ./config/auth:/config/auth depends_on: - hub datastore: image: eu.gcr.io/dev-and-test-env/datastore-manager:${DATASTORE_TAG:-dev} ports: - "127.0.0.1:9191:9191" environment: JAEGER_DISABLED: "false" JAEGER_AGENT_HOST: tracing command: - "/bin/ds-manager" - "--log-level=DEBUG" - "--http-address=:9191" - "--metrics-health-address=:9090" - "--encryption-passphrase-path=/enc/passphrase" - "--pantheon-url=http://pantheon:4300" - "--metadb-host=metadb" - "--metadb-port=5433" - "--metadb-name=datastore" - "--metadb-user=user" - "--metadb-password-path=/db/password" - "--metadb-conn-pool-size=10" - "--storagedb-host=metadb" - "--storagedb-port=5433" - "--storagedb-user=user" - "--storagedb-password-path=/db/password" - "--storagedb-conn-pool-size=10" - "--blobstorage-host=blobstorage:9000" - "--blobstorage-access-key=minioaccesskey" - "--blobstorage-secret-key-path=/blobstorage/secret" - "--blobstorage-ssl=false" - "--blobstorage-bucket=ds-mgr-uploads" - "--blobstorage-path-prefix=local/lemon" - "--profiling=:9292" - "--jwt-public-key-path=/config/auth/idp.crt" volumes: - ./config/enc-passphrase:/enc/passphrase - ./config/db-password:/db/password - ./config/blobstore/secret_key:/blobstorage/secret - ./config/auth:/config/auth depends_on: - metadb - blobstorage ds-worker: image: eu.gcr.io/dev-and-test-env/datastore-manager:${DATASTORE_TAG:-dev} environment: JAEGER_AGENT_HOST: tracing command: - "/bin/ds-ingest" - "--log-level=DEBUG" - "--metrics-health-address=:9090" - "--metadb-host=metadb" - "--metadb-port=5433" - "--metadb-name=datastore" - "--metadb-user=user" - "--metadb-password-path=/db/password" - "--metadb-conn-pool-size=10" - "--storagedb-host=metadb" - "--storagedb-port=5433" - "--storagedb-user=user" - "--storagedb-password-path=/db/password" - "--storagedb-conn-pool-size=10" - "--blobstorage-host=blobstorage:9000" - "--blobstorage-access-key=minioaccesskey" - "--blobstorage-secret-key-path=/blobstorage/secret" - "--blobstorage-ssl=false" - "--blobstorage-bucket=ds-mgr-uploads" - "--blobstorage-path-prefix=local/lemon" - "--pantheon-jdbc=http://pantheon:8765?frameMaxSize=1024" - "--pantheon-jdbc-key=/config/auth/idp.key" volumes: - ./config/db-password:/db/password - ./config/blobstore/secret_key:/blobstorage/secret - ./config/auth:/config/auth depends_on: - metadb - blobstorage pantheon: image: eu.gcr.io/dev-and-test-env/pantheon:${PANTHEON_TAG:-latest} command: - -Dconfig.resource=environments/production.conf environment: JDBC_DATABASE_URL: jdbc:postgresql://metadb:5433/pantheon?user=pantheon&password=test PLAY_HTTP_SECRET_KEY: secret DATASTORE_API_URL: http://datastore:9191/internal/api/v1/ IDP_BASE_URL: https://auth:8443/api/v2/ # pg_wire SIGN_AND_VERIFY_ALGO: RS512 SERVICE_TOKEN_KEY: /config/auth/idp.key AUTHENTICATE_CERT: /config/auth/idp.crt TRACING_ENABLED: "true" TRACING_HOST: tracing TRACING_SYNC: "true" ports: - "127.0.0.1:5429:5431" volumes: - ./config/auth:/config/auth depends_on: - auth - metadb pantheon-stunnel: image: eu.gcr.io/dev-and-test-env/stunnel:v0.0.19 ports: - "5435:5433" volumes: - ./config/pg-stunnel/cert:/cert - ./config/pg-stunnel/config:/etc/stunnel # Override config metadb: image: postgres:latest command: -p 5433 ${POSTGRES_ARGS:--c log_connections=on} environment: POSTGRES_USER: user POSTGRES_PASSWORD_FILE: /db/password PGPORT: "5433" ports: - "127.0.0.1:5433:5433" volumes: - ./config/db-password:/db/password - ./config/datastore/db-bootstrap.sh:/docker-entrypoint-initdb.d/datastore-db-bootstrap.sh - ./config/hub/db-bootstrap.sh:/docker-entrypoint-initdb.d/hub-db-bootstrap.sh - ./config/auth/db-bootstrap.sh:/docker-entrypoint-initdb.d/auth-db-bootstrap.sh - ./config/pantheon/db-bootstrap.sh:/docker-entrypoint-initdb.d/pantheon-db-bootstrap.sh - contiamo-metadb-datavolume:/var/lib/postgresql/data blobstorage: image: minio/minio:latest # RELEASE.2019-07-24T02-02-23Z volumes: - contiamo-minio-data-volume:/data - ./config/blobstore:/config/blobstore ports: - "127.0.0.1:9001:9000" env_file: # should be able to use the secret file, via the env, but haven't gotten it to work yet - ./config/blobstore/config.env command: server /data ui: image: eu.gcr.io/dev-and-test-env/contiamo-ui:${CONTIAMOUI_TAG:-latest} environment: DEPLOYMENTURL: http://localhost:9898 volumes: - ./config/ui-config.js:/usr/share/nginx/html/config.js auth: image: eu.gcr.io/dev-and-test-env/idp:${IDP_TAG:-dev} environment: JAEGER_DISABLED: "false" JAEGER_AGENT_HOST: tracing ports: - "127.0.0.1:8443:8443" command: - "/bin/idp" - "--log-level=DEBUG" - "--secure-cookie=false" - "--bootstrap-file=/config/auth/bootstrap.json" - "--domain=" - "--external-link-base-url=http://localhost:9898/auth" - "--postgres-host=metadb" - "--postgres-port=5433" - "--postgres-db=simpleidp" - "--postgres-user=user" - "--postgres-password-path=/db/password" - "--grpc-addr=0.0.0.0:3001" - "--http-addr=0.0.0.0:8443" - "--ca-cert=" # put a CA cert file path here to enable internal TLS - "--key=/config/auth/idp.key" - "--cert=/config/auth/idp.crt" - "--template-dir=/templates" - "--encryption-secret-path=/db/password" - "--smtp-server=" # - "--smtp-server=smtpmock:2500" # uncomment if you want to use mailslurper for debugging emails (see below) - "--smtp-password-path=/db/password" - "--tracing=tracing:6831" - "--auth-providers-config-file=/config/auth/providers.json" - "--dev" depends_on: - metadb volumes: - ./config/auth:/config/auth - ./config/db-password:/db/password # smtpmock: # image: adampresley/mailslurper:latest # ports: # - "8080:8080" # - "2500:2500" # - "8085:8085" # networks: # - default profiler: image: eu.gcr.io/dev-and-test-env/profiler:${PROFILER_TAG:-dev} environment: PROFILER_PANTHEON_JDBC_URL: "http://pantheon:8765" PANTHEON_INSECURE_TRANSPORT: "true" PROFILER_DEBUG: "true" PROFILER_LOG_LEVEL: "DEBUG" nginx: image: nginx:alpine ports: - "127.0.0.1:9898:80" volumes: - ./config/ingress/nginx.conf:/etc/nginx/conf.d/default.conf - ./config/ingress:/ingress depends_on: - datastore - pantheon - ui tracing: image: jaegertracing/all-in-one:1.14 environment: COLLECTOR_ZIPKIN_HTTP_PORT: "9411" ports: - "5775:5775/udp" - "6831:6831/udp" - "6832:6832/udp" - "5778:5778" - "16686:16686" - "14268:14268" - "9411:9411" volumes: contiamo-metadb-datavolume: {} contiamo-minio-data-volume: {}