agari-folio/docker-compose.dev.yml at master · OpenUpSA/agari-folio · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
services:
  folio-db:
    image: postgres:14
    environment:
      POSTGRES_DB: folio
      POSTGRES_USER: admin
      POSTGRES_PASSWORD: folio-db-pass-123
    ports:
      - "5434:5432"
    volumes:
      - folio-db-data:/var/lib/postgresql/data
      - ./init.sql:/docker-entrypoint-initdb.d/init.sql:ro
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U admin -d folio"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Keycloak Database
  keycloak-db:
    image: postgres:14
    container_name: keycloak-db
    environment:
      POSTGRES_DB: keycloak_db
      POSTGRES_USER: admin
      POSTGRES_PASSWORD: keycloak-db-pass-123
    ports:
      - "5433:5432"
    volumes:
      - keycloak-db-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U admin -d keycloak_db"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Keycloak
  keycloak:
    image: quay.io/phasetwo/phasetwo-keycloak:26.2.5
    container_name: keycloak
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://keycloak-db:5432/keycloak_db
      KC_DB_USERNAME: admin
      KC_DB_PASSWORD: keycloak-db-pass-123
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin123
      KC_HOSTNAME_STRICT: "false"
      KC_HOSTNAME_STRICT_HTTPS: "false"
      KC_PROXY: edge
      KC_FEATURES: preview
      KC_CORS_ORIGINS: "*"
      JAVA_OPTS_APPEND: "-Djava.awt.headless=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.net.preferIPv4Stack=true -server -Xms512m -Xmx768m"
      KC_LOG_LEVEL_ORG_KEYCLOAK: DEBUG
    command:
      - start-dev
      # "If a realm already exists in the server, the import operation is skipped."
      - --import-realm
    volumes:
      - ./test/agari-realm-rbac.json:/opt/keycloak/data/import/agari-realm-rbac.json:ro
    ports:
      - "8080:8080"
    depends_on:
      keycloak-db:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/8080;echo -e 'GET /health/ready HTTP/1.1\r\nhost: 127.0.0.1:8080\r\nConnection: close\r\n\r\n' >&3;if [ $? -eq 0 ]; then exit 0;else exit 1;fi;exec 3<&-;exec 3>&-"]
      interval: 30s
      timeout: 15s
      retries: 12
      start_period: 120s

  index:
    image: docker.elastic.co/elasticsearch/elasticsearch:8.14.3
    expose:
      - "9200"
    ports:
      - "127.0.0.1:9200:9200"
    container_name: index
    environment:
      - node.name=index
      - cluster.name=opensanctions-index
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - xpack.security.enabled=false
      - "ES_JAVA_OPTS=-Xms2g -Xmx2g"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - index-os-data:/usr/share/elasticsearch/data
    healthcheck:
      # curl --fail exits with an exit code >0 if anything about the request fails
      test: ["CMD-SHELL", "curl --fail http://localhost:9200/_cluster/health || exit 1"]
    deploy:
      placement:
        max_replicas_per_node: 1

  minio:
    image: minio/minio:latest
    container_name: minio
    ports:
      - "9000:9000"
      - "9001:9001"
    environment:
      MINIO_ROOT_USER: admin
      MINIO_ROOT_PASSWORD: admin123
    command: server /data --console-address ":9001"
    volumes:
      - minio-data:/data
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 10s
      timeout: 5s
      retries: 5

  create_minio_bucket:
    image: minio/mc:latest
    depends_on:
      minio:
        condition: service_healthy
    entrypoint: >
      /bin/sh -c "
      sleep 10 &&
      mc alias set localminio http://minio:9000 admin admin123 &&
      mc mb localminio/agari-data || echo 'Bucket already exists'
      exit 0;
      "
    links:
      - minio

volumes:
  keycloak-db-data:
  folio-db-data:
  index-os-data: null
  minio-data: