Files
sriphat-dataplatform/01-infra/docker-compose.yml

140 lines
3.7 KiB
YAML

x-common-configs: &common-config
extra_hosts:
- "dev.sriphat.com:192.168.100.9"
pull_policy: ${DOCKER_PULL_POLICY:-missing}
services:
# nginx-proxy:
# image: jc21/nginx-proxy-manager:latest
# container_name: nginx-proxy-manager
# ports:
# - "8020:80"
# - "8043:443"
# - "8021:81"
# volumes:
# - ./data:/data
# - ./letsencrypt:/etc/letsencrypt
# environment:
# - TZ=${TZ:-Asia/Bangkok}
# env_file:
# - ../.env
# networks:
# - shared_data_network
# restart: unless-stopped
nginx-proxy:
image: nginx:latest
container_name: nginx-proxy-manager
ports:
- "8020:80"
environment:
- TZ=${TZ:-Asia/Bangkok}
volumes:
- ./nginx-configs/default-all.conf:/etc/nginx/conf.d/default.conf:ro
networks:
- shared_data_network
restart: unless-stopped
<<: *common-config
keycloak:
image: quay.io/keycloak/keycloak:23.0
container_name: keycloak
#command: start-dev
command: start-dev --http-relative-path /keycloak
env_file:
- ../.env
environment:
KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://postgres:${DB_PORT:-5432}/${KEYCLOAK_DB_NAME}
KC_DB_USERNAME: ${DB_USER}
KC_DB_PASSWORD: ${DB_PASSWORD}
KC_HOSTNAME_STRICT: "false"
KC_HTTP_ENABLED: "true"
KC_PROXY: edge
# passthrough
KC_HTTP_RELATIVE_PATH: "/keycloak"
KC_HOSTNAME_PATH: "/keycloak"
KC_HOSTNAME_STRICT_HTTPS: "true"
ports:
- "8085:8080"
networks:
- shared_data_network
restart: unless-stopped
depends_on:
- postgres
<<: *common-config
postgres:
image: postgres:15-alpine
container_name: postgres
env_file:
- ../.env
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USER}
POSTGRES_DB: ${DB_NAME}
TZ: ${TZ:-Asia/Bangkok}
volumes:
- ./data/postgres:/var/lib/postgresql/data
- ./init:/docker-entrypoint-initdb.d
networks:
- shared_data_network
restart: unless-stopped
ports:
- "0.0.0.0:${DB_PORT_EXPOSE:-5435}:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DB_USER}"]
interval: 10s
timeout: 5s
retries: 5
redis:
# Redis is limited to 7.2-bookworm due to licencing change
# https://redis.io/blog/redis-adopts-dual-source-available-licensing/
image: redis:7.2-bookworm
expose:
- 6379
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 30s
retries: 50
start_period: 30s
restart: always
networks:
- shared_data_network
dozzle:
image: amir20/dozzle:latest
container_name: dozzle
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/dozzle:/data
ports:
- "${DOZZLE_PORT:-9999}:8080"
environment:
DOZZLE_LEVEL: ${DOZZLE_LEVEL:-info}
DOZZLE_BASE: ${DOZZLE_BASE:-/dozzle}
DOZZLE_HOSTNAME: ${DOZZLE_HOSTNAME:-Sriphat Main Server}
DOZZLE_NO_ANALYTICS: "true"
DOZZLE_ENABLE_ACTIONS: "true"
DOZZLE_AUTH_PROVIDER: ${DOZZLE_AUTH_PROVIDER:-none}
DOZZLE_REMOTE_AGENT: ${DOZZLE_REMOTE_AGENT:-}
TZ: ${TZ:-Asia/Bangkok}
networks:
- shared_data_network
restart: ${DOZZLE_RESTART_POLICY:-unless-stopped}
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/dozzle/healthcheck"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
<<: *common-config
networks:
shared_data_network:
external: true