-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcompose.aws.yml
More file actions
126 lines (118 loc) · 5.36 KB
/
compose.aws.yml
File metadata and controls
126 lines (118 loc) · 5.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
services:
reverse-proxy:
image: traefik:v3.4
command:
- '--providers.docker=true'
- '--providers.docker.exposedByDefault=false'
- '--entrypoints.web.address=:80'
- '--entrypoints.websecure.address=:443'
- '--entrypoints.web.http.redirections.entryPoint.to=websecure'
- '--entrypoints.web.http.redirections.entryPoint.scheme=https'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge=true'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web'
- '--certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}' # Use an environment variable for the email
- '--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json'
restart: unless-stopped
ports:
- '80:80'
- '443:443'
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./letsencrypt:/letsencrypt
postgres:
image: postgres:alpine
container_name: oopsops-dbs
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
volumes:
- postgres-data:/var/lib/postgresql/data
- ./create-multiple-dbs.sh:/docker-entrypoint-initdb.d/create-multiple-dbs.sh
restart: unless-stopped
document-service:
image: ghcr.io/aet-devops25/team-oopsops/server/document-service:latest
restart: unless-stopped
environment:
- SPRING_PROFILES_ACTIVE=prod
- DOCUMENT_DB_URL=jdbc:postgresql://postgres:5432/documentdb
- DOCUMENT_DB_USER=${POSTGRES_USER}
- DOCUMENT_DB_PASS=${POSTGRES_PASSWORD}
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=https://keycloak.${API_HOST}/realms/oopsops
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.document-service.rule=Host(`${API_HOST}`) && PathPrefix(`/api/v1/documents`)'
- 'traefik.http.services.document-service.loadbalancer.server.port=8091'
- 'traefik.http.routers.document-service.entrypoints=websecure'
- 'traefik.http.routers.document-service.tls.certresolver=letsencrypt'
authentication-service:
image: ghcr.io/aet-devops25/team-oopsops/server/authentication-service:latest
restart: unless-stopped
environment:
- SPRING_PROFILES_ACTIVE=prod
- DB_URL=jdbc:postgresql://postgres:5432/authdb
- DB_USERNAME=${POSTGRES_USER}
- DB_PASSWORD=${POSTGRES_PASSWORD}
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=https://keycloak.${API_HOST}/realms/oopsops
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.auth-service.rule=Host(`${API_HOST}`) && PathPrefix(`/api/v1/auth`)' # Assuming /api/v1/auth is your base path
- 'traefik.http.services.auth-service.loadbalancer.server.port=8092'
- 'traefik.http.routers.auth-service.entrypoints=websecure'
- 'traefik.http.routers.auth-service.tls.certresolver=letsencrypt'
anonymization-service:
image: ghcr.io/aet-devops25/team-oopsops/server/anonymization-service:latest
restart: unless-stopped
environment:
- SPRING_PROFILES_ACTIVE=prod
- ANONYMIZATION_DB_URL=jdbc:postgresql://postgres:5432/anonymizationdb
- ANONYMIZATION_DB_USER=${POSTGRES_USER}
- ANONYMIZATION_DB_PASS=${POSTGRES_PASSWORD}
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=https://keycloak.${API_HOST}/realms/oopsops
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.anonymization-service.rule=Host(`${API_HOST}`) && PathPrefix(`/api/v1/anonymization`)'
- 'traefik.http.services.anonymization-service.loadbalancer.server.port=8094'
- 'traefik.http.routers.anonymization-service.entrypoints=websecure'
- 'traefik.http.routers.anonymization-service.tls.certresolver=letsencrypt'
genai-service:
image: ghcr.io/aet-devops25/team-oopsops/genai-service:latest
restart: unless-stopped
environment:
- OPENAI_API_KEY=${OPENAI_API_KEY}
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.genai-service.rule=Host(`${API_HOST}`) && PathPrefix(`/api/v1/genai`)' # Assuming a base path
- 'traefik.http.services.genai-service.loadbalancer.server.port=8000'
- 'traefik.http.routers.genai-service.entrypoints=websecure'
- 'traefik.http.routers.genai-service.tls.certresolver=letsencrypt'
client:
image: ghcr.io/aet-devops25/team-oopsops/client:latest
restart: unless-stopped
environment:
- VITE_API_URL=https://${API_HOST}
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.client.rule=Host(`${CLIENT_HOST}`)'
- 'traefik.http.services.client.loadbalancer.server.port=80'
- 'traefik.http.routers.client.entrypoints=websecure'
- 'traefik.http.routers.client.tls.certresolver=letsencrypt'
keycloak:
image: quay.io/keycloak/keycloak:22.0.3
command: start-dev --import-realm
volumes:
- ./keycloak:/opt/keycloak/data/import
environment:
- KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN_USER}
- KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
- KC_HOSTNAME=keycloak.${API_HOST}
- KC_PROXY=edge
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.keycloak.rule=Host(`keycloak.${API_HOST}`)'
- 'traefik.http.services.keycloak.loadbalancer.server.port=8080'
- 'traefik.http.routers.keycloak.entrypoints=websecure'
- 'traefik.http.routers.keycloak.tls.certresolver=letsencrypt'
volumes:
postgres-data:
letsencrypt:
keycloak-data: