-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdocker-compose.yml
93 lines (86 loc) · 3.41 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
version: '3'
services:
postgres:
image: postgres:14-alpine
container_name: postgres
restart: unless-stopped
volumes:
- ./data/postgres/14/database_data:/var/lib/postgresql/data
environment:
- PGUSER=postgres
- PGPASSWORD=password
- POSTGRES_DB=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=password
- POSTGRES_HOST_AUTH_METHOD=trust
redis:
image: redis:6.2-alpine
container_name: redis
restart: unless-stopped
volumes:
- ./data/redis/database_data:/data
- ./data/redis/conf/redis.conf.template:/usr/local/etc/redis/redis.conf.template
- ./data/certbot/conf/:/etc/letsencrypt
command: /bin/sh -c "sed -e 's/$$HOSTNAME/redis.${DOMAIN_NAME:-xlab.blindside-dev.com}/' /usr/local/etc/redis/redis.conf.template > /usr/local/etc/redis/redis.conf && exec redis-server --appendonly yes"
nginx:
image: nginx:1.23
container_name: nginx
restart: unless-stopped
volumes:
- ./log/nginx/:/var/log/nginx
- ./data/nginx/sites-common:/etc/nginx/sites-common
- ./data/nginx/sites.template-${SITES_TEMPLATE:-docker}:/etc/nginx/sites.template
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
ports:
- "80:80"
- "443:443"
environment:
- NGINX_HOSTNAME=${DOMAIN_NAME:-xlab.blindside-dev.com}
depends_on:
- greenlight
- keycloak
command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g 'daemon off;'"
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- ./log/certbot/:/var/log/letsencrypt
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
greenlight:
entrypoint: [bin/start]
image: ${GREENLIGHT_DOCKER_IMAGE:-bigbluebutton/greenlight:v3}
container_name: greenlight
restart: unless-stopped
logging:
driver: journald
env_file: ./data/greenlight/.env
volumes:
- ./data/greenlight/bin/start:/usr/src/app/bin/start
depends_on:
- postgres
- redis
keycloak:
image: jboss/keycloak:16.1.1
container_name: keycloak
restart: unless-stopped
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: adminadmin
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloakdb
DB_USER: postgres
DB_PASSWORD: password
PROXY_ADDRESS_FORWARDING: "true"
volumes:
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/conf/live/kc.${DOMAIN_NAME:-xlab.blindside-dev.com}/cert.pem:/etc/x509/https/tls.crt
- ./data/certbot/conf/live/kc.${DOMAIN_NAME:-xlab.blindside-dev.com}/privkey.pem:/etc/x509/https/tls.key
depends_on:
- postgres
# docker run --name keycloak --net greenlight-run_default -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=adminadmin -e DB_VENDOR=POSTGRES -e DB_ADDR=postgres -e DB_DATABASE=keycloak -e DB_USER=postgres -e DB_PASSWORD=password jboss/keycloak:16.1.1
# https://www.keycloak.org/docs/latest/server_installation/index.html#_setting-up-a-load-balancer-or-proxy
# https://stackoverflow.com/questions/47181821/using-keycloak-behind-a-reverse-proxy-could-not-open-admin-loginpage-because-mi