dpp-demonstrator/docker-compose.dev.yml at main · iotaledger/dpp-demonstrator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
version: "3.8"

services:
  traefik:
    image: traefik:v2.11
    container_name: traefik
    restart: unless-stopped
    command:
      # Log level and access log are enabled
      - "--log.level=info"
      - "--accesslog=true" # Enable Docker provider; disable auto-exposure for extra security
      - "--entrypoints.web.address=:80"
      - "--providers.docker=true"
      - "--providers.docker.exposedByDefault=false" # Define only the TLS (secure) entrypoint on port 443
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.websecure.http.tls.certResolver=devops"
      - "--entrypoints.websecure.http2.maxConcurrentStreams=1000"
      - "--entrypoints.websecure.http.tls.domains[0].main=dpp-demostrator.if4testing.rocks" # ACME DNS challenge with Cloudflare
      - "--certificatesresolvers.devops.acme.dnschallenge=true"
      - "--certificatesresolvers.devops.acme.dnschallenge.provider=cloudflare"
      - "--certificatesresolvers.devops.acme.email=devops@iota.org"
      - "--certificatesresolvers.devops.acme.storage=/letsencrypt/acme.json"
      - "--certificatesresolvers.devops.acme.dnschallenge.delaybeforecheck=0"
    ports:
      - "443:443"
    environment:
      CLOUDFLARE_EMAIL: "it@iota.org"
      CLOUDFLARE_DNS_API_TOKEN: ${CLOUDFLARE_DNS_API_TOKEN}
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./letsencrypt:/letsencrypt
    networks:
      - traefik_net

  redis:
    image: redis:latest
    container_name: gas-station-redis
    volumes:
      - redis_data:/data
    networks:
      - traefik_net

  iota-gas-station:
    image: "${DOCKER_IMAGE:-iotaledger/gas-station:latest}"
    container_name: iota-gas-station
    command: [ "--config-path", "/app/config.yaml" ]
    depends_on:
      - redis
    ports:
      - "9184:9184" # Metrics port
    environment:
      - CONFIG_PATH=/app/config.yaml
      - RUST_BACKTRACE=1
      - GAS_STATION_AUTH=${GAS_STATION_AUTH}
    volumes:
      - ${LOCAL_CONFIG_PATH:-./config.yaml}:/app/config.yaml
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gas.rule=Host(`dpp-demostrator.if4testing.rocks`) && PathPrefix(`/gas`)"
      - "traefik.http.routers.gas.entrypoints=websecure"
      - "traefik.http.routers.gas.tls.certresolver=devops"
      - "traefik.http.services.gas.loadbalancer.server.port=9527"
      - "traefik.http.routers.gas.middlewares=strip-gas-prefix"
      - "traefik.http.middlewares.strip-gas-prefix.stripprefix.prefixes=/gas"
    networks:
      - traefik_net

  frontend:
    read_only: true
    tmpfs:
      - /tmp:rw,noexec,nosuid,nodev,size=64m
    build:
      context: ./frontend
      dockerfile: Dockerfile
      args:
        APP_ENV: "dev"
        NEXT_PUBLIC_EXPLORER_URL: ${NEXT_PUBLIC_EXPLORER_URL}
        NEXT_PUBLIC_DAPP_URL: ${NEXT_PUBLIC_DAPP_URL}
        NEXT_PUBLIC_NETWORK_URL: ${NEXT_PUBLIC_NETWORK_URL}
        NEXT_PUBLIC_IOTA_CUSTOM_NOTARIZATION_PKG_ID: ${NEXT_PUBLIC_IOTA_CUSTOM_NOTARIZATION_PKG_ID}
        NEXT_PUBLIC_REWARD_WHITELIST_ID: ${NEXT_PUBLIC_REWARD_WHITELIST_ID}
        NEXT_PUBLIC_REWARD_VAULT_ID: ${NEXT_PUBLIC_REWARD_VAULT_ID}
        NEXT_PUBLIC_ADMIN_CAP_ID: ${NEXT_PUBLIC_ADMIN_CAP_ID}
        NEXT_PUBLIC_REFRESH_INTERVAL_MS: ${NEXT_PUBLIC_REFRESH_INTERVAL_MS}
        NEXT_PUBLIC_HAS_NFT_REWARD: ${NEXT_PUBLIC_HAS_NFT_REWARD}
        NEXT_PUBLIC_NETWORK: ${NEXT_PUBLIC_NETWORK}
        NEXT_PUBLIC_PRODUCT_ID: ${NEXT_PUBLIC_PRODUCT_ID}
        NEXT_PUBLIC_FEDERATION_ID: ${NEXT_PUBLIC_FEDERATION_ID}
        NEXT_PUBLIC_IOTA_IDENTITY_PKG_ID: ${NEXT_PUBLIC_IOTA_IDENTITY_PKG_ID}
        IOTA_IDENTITY_PKG_ID: ${IOTA_IDENTITY_PKG_ID}
        BACKEND_ENDPOINT: ${BACKEND_ENDPOINT}
        BACKEND_API_KEY: ${BACKEND_API_KEY}
        GAS_STATION_URL: ${GAS_STATION_URL}
        GAS_STATION_AUTH: ${GAS_STATION_AUTH}
        NEXT_PUBLIC_MANUFACTURER_DID: ${NEXT_PUBLIC_MANUFACTURER_DID}
    depends_on:
      - backend
      - iota-gas-station
    environment:
      BACKEND_ENDPOINT: ${BACKEND_ENDPOINT}
      BACKEND_API_KEY: ${BACKEND_API_KEY}
      GAS_STATION_URL: ${GAS_STATION_URL}
      GAS_STATION_AUTH: ${GAS_STATION_AUTH}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.frontend.rule=Host(`dpp-demostrator.if4testing.rocks`)"
      - "traefik.http.routers.frontend.entrypoints=websecure"
      - "traefik.http.routers.frontend.tls.certresolver=devops"
      - "traefik.http.services.frontend.loadbalancer.server.port=3000"
    networks:
      - traefik_net

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    deploy:
      resources:
        limits:
          memory: 12G
    environment:
      IOTA_HIERARCHIES_PKG_ID: ${IOTA_HIERARCHIES_PKG_ID}
      API_KEY: ${API_KEY}
      TCP_LISTNER: ${TCP_LISTNER}
      ROOT_AUTH_SECRET_KEY: ${ROOT_AUTH_SECRET_KEY}
      MANUFACTURER_SECRET_KEY: ${MANUFACTURER_SECRET_KEY}
      IOTA_IDENTITY_PKG_ID: ${IOTA_IDENTITY_PKG_ID}
      NEXT_PUBLIC_DAPP_URL: ${NEXT_PUBLIC_DAPP_URL}
    networks:
      - traefik_net

volumes:
  redis_data:
  traefik_letsencrypt:


networks:
  traefik_net:
    driver: bridge