experiment-RFHBX/docker-compose.yml at main · AshDevFr/experiment-RFHBX · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
services:
  postgres:
    image: postgres:16-alpine
    environment:
      POSTGRES_USER: ${DATABASE_USER:-postgres}
      POSTGRES_PASSWORD: ${DATABASE_PASSWORD:-password}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${DATABASE_USER:-postgres}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

  redis:
    image: redis:7-alpine
    volumes:
      - redis_data:/data
    ports:
      - "6379:6379"
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

  # ElasticMQ — local SQS-compatible service (no real AWS required)
  # Access the management UI at http://localhost:9325
  # SQS endpoint: http://elasticmq:9324 (within Docker) or http://localhost:9324 (from host)
  elasticmq:
    image: softwaremill/elasticmq-native
    ports:
      - "9324:9324"  # SQS-compatible API
      - "9325:9325"  # Management UI
    volumes:
      - ./elasticmq.conf:/opt/elasticmq.conf
    # Note: softwaremill/elasticmq-native is a minimal GraalVM native image
    # with no shell utilities (no wget, curl, nc). CMD-SHELL healthchecks
    # cannot work. Readiness is verified from the host side in CI instead.

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    volumes:
      - ./backend:/app
      - backend_bundle:/usr/local/bundle
    ports:
      - "3000:3000"
    environment:
      RAILS_ENV: development
      DATABASE_HOST: postgres
      DATABASE_PORT: 5432
      DATABASE_USER: ${DATABASE_USER:-postgres}
      DATABASE_PASSWORD: ${DATABASE_PASSWORD:-password}
      REDIS_URL: redis://redis:6379/0
      SQS_ENDPOINT: http://elasticmq:9324
      SQS_QUEUE_URL: http://elasticmq:9324/000000000000/palantir-queue
      SQS_QUEUE_NAME: palantir-queue
      AWS_REGION: us-east-1
      AWS_ACCESS_KEY_ID: dummy
      AWS_SECRET_ACCESS_KEY: dummy
      # OIDC / JWT authentication (Phase 6.1)
      # Point these at your OIDC provider (Keycloak, Auth0, Dex, etc.)
      OIDC_ISSUER_URL: ${OIDC_ISSUER_URL:-}
      OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-}
      OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-}
      OIDC_AUDIENCE: ${OIDC_AUDIENCE:-}
      OIDC_JWKS_CACHE_TTL: ${OIDC_JWKS_CACHE_TTL:-3600}
      # Dev auth bypass — set to "true" to skip OIDC in development
      DEV_AUTH_BYPASS: ${DEV_AUTH_BYPASS:-false}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
      interval: 10s
      timeout: 5s
      retries: 20
      start_period: 60s
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
      elasticmq:
        condition: service_started
    stdin_open: true
    tty: true

  # Sidekiq worker — processes background jobs and sidekiq-cron scheduled jobs
  # (QuestTickWorker, EyeOfSauronWorker fire every minute when the simulation
  # is running).  This service was previously missing, which is why quest
  # progress was never advancing and the Eye of Sauron page showed no activity.
  # Run alongside the backend: docker compose up backend sidekiq
  sidekiq:
    build:
      context: ./backend
      dockerfile: Dockerfile
    command: bundle exec sidekiq -C config/sidekiq.yml
    volumes:
      - ./backend:/app
      - backend_bundle:/usr/local/bundle
    environment:
      RAILS_ENV: development
      DATABASE_HOST: postgres
      DATABASE_PORT: 5432
      DATABASE_USER: ${DATABASE_USER:-postgres}
      DATABASE_PASSWORD: ${DATABASE_PASSWORD:-password}
      REDIS_URL: redis://redis:6379/0
      SQS_ENDPOINT: http://elasticmq:9324
      SQS_QUEUE_URL: http://elasticmq:9324/000000000000/palantir-queue
      SQS_QUEUE_NAME: palantir-queue
      AWS_REGION: us-east-1
      AWS_ACCESS_KEY_ID: dummy
      AWS_SECRET_ACCESS_KEY: dummy
      # OIDC / JWT authentication (Phase 6.1)
      OIDC_ISSUER_URL: ${OIDC_ISSUER_URL:-}
      OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-}
      OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-}
      OIDC_AUDIENCE: ${OIDC_AUDIENCE:-}
      OIDC_JWKS_CACHE_TTL: ${OIDC_JWKS_CACHE_TTL:-3600}
      DEV_AUTH_BYPASS: ${DEV_AUTH_BYPASS:-false}
    depends_on:
      backend:
        condition: service_healthy
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy

  # Shoryuken worker — processes SQS messages from the palantir-queue
  # Run separately: docker compose up shoryuken
  shoryuken:
    build:
      context: ./backend
      dockerfile: Dockerfile
    command: bundle exec shoryuken -r ./config/environment.rb -q palantir-queue
    volumes:
      - ./backend:/app
      - backend_bundle:/usr/local/bundle
    environment:
      RAILS_ENV: development
      DATABASE_HOST: postgres
      DATABASE_PORT: 5432
      DATABASE_USER: ${DATABASE_USER:-postgres}
      DATABASE_PASSWORD: ${DATABASE_PASSWORD:-password}
      REDIS_URL: redis://redis:6379/0
      SQS_ENDPOINT: http://elasticmq:9324
      SQS_QUEUE_URL: http://elasticmq:9324/000000000000/palantir-queue
      SQS_QUEUE_NAME: palantir-queue
      AWS_REGION: us-east-1
      AWS_ACCESS_KEY_ID: dummy
      AWS_SECRET_ACCESS_KEY: dummy
      # OIDC / JWT authentication (Phase 6.1)
      OIDC_ISSUER_URL: ${OIDC_ISSUER_URL:-}
      OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-}
      OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-}
      OIDC_AUDIENCE: ${OIDC_AUDIENCE:-}
      OIDC_JWKS_CACHE_TTL: ${OIDC_JWKS_CACHE_TTL:-3600}
    depends_on:
      backend:
        condition: service_started
      postgres:
        condition: service_healthy
      elasticmq:
        condition: service_started

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
    volumes:
      - ./frontend:/app
      - frontend_node_modules:/app/node_modules
    ports:
      - "5173:5173"
    environment:
      VITE_API_BASE_URL: http://backend:3000
      # Dev auth bypass — set DEV_AUTH_BYPASS="true" in .env to show the Dev Login button.
      # Note: sourced from DEV_AUTH_BYPASS (not VITE_DEV_AUTH_BYPASS) so that a single
      # flag in .env controls both the backend and the frontend container.
      VITE_DEV_AUTH_BYPASS: ${DEV_AUTH_BYPASS:-false}
    depends_on:
      - backend

volumes:
  postgres_data:
  redis_data:
  backend_bundle:
  frontend_node_modules: