-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
169 lines (162 loc) · 5.09 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
# TODO:
# 1. Remove passwords and other sensitive data
# 2. Push into git repository
# 3. Implement deployment routine -- pull latest dotnet application from git, then build and run it (check for changes and automatically build?)
# 4. Add dataimporter to update scan data with latest scan
services:
# NGINX webserver to serve ODNS-API
web:
# Stable release!
image: nginx:1.26.3
container_name: nginx_web
ports:
- "80:80"
- "443:443"
volumes:
# Static html page goes in here
- ./html:/usr/share/nginx/html:ro
# Mount folder for SSL certificates
# Mounting point is in .env (variable replacement does not work with the env_file option)
# (also moving .env_file up did not do the trick)
- ${CERTIFICATE_DIR}:/etc/letsencrypt:ro
# NGINX config to serve the ODNS-API
# use odnsapi.prod.conf for ssl and domain name
- ./nginx/odnsapi.dev.conf:/etc/nginx/conf.d/odnsapi.conf:ro
restart: always
networks:
- frontend_network
- odnsapi_network
- postgresdb_network
healthcheck:
test: ["CMD", "nginx", "-t"]
interval: 30s
retries: 3
start_period: 10s
develop:
watch:
- path: ./html
action: restart
- path: ./nginx
action: restart
# Dotnet ODNS-API application
dotnet_app:
build: "https://github.com/netd-tud/odns-api.git"
container_name: dotnet_app
restart: always
environment:
- Database:ConnectionString=Host=postgres_db;Port=5432;Username=${POSTGRES_USER};Password=${POSTGRES_PASSWORD};Database=${POSTGRES_DB};Search Path=${POSTGRES_DB};Pooling=true;MinPoolSize=1;MaxPoolSize=10;Connection Idle Lifetime=20;ApplicationName=odnsapi;Timeout=500;CommandTimeout=500;Include Error Detail=true;
networks:
- odnsapi_network
- postgresdb_network
depends_on:
postgres_db:
condition: service_healthy
develop:
watch:
- path: ./odns-api
action: rebuild
# Postgresql database used by the API
# All the ODNS data goes here
postgres_db:
image: postgres:16
container_name: postgres_db
volumes:
- postgres_data:/var/lib/postgresql/data
- ./postgres-init:/docker-entrypoint-initdb.d:ro
#- ./postgresql.conf:/etc/postgresql/postgresql.conf
environment:
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
restart: always
networks:
- postgresdb_network
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
interval: 30s
retries: 5
start_period: 20s
# PGAdmin to configure database -- runs on localhost to allow access via sshtunnel
pgadmin:
image: dpage/pgadmin4
container_name: pgadmin
ports:
- "5050:80"
environment:
- PGADMIN_DEFAULT_EMAIL=${PGADMIN_DEFAULT_EMAIL}
- PGADMIN_DEFAULT_PASSWORD=${PGADMIN_DEFAULT_PASSWORD}
restart: always
networks:
- local_network
- postgresdb_network
# Container for importing odns data into postgrs db
data_importer:
build:
context: ./odns-dataimporter
dockerfile: Dockerfile
container_name: data_importer
restart: "no"
volumes:
- odns_data:/data:rw # Mount Samba share
- data_importer_tmp:/tmp
- ./logs:/logs
networks:
- postgresdb_network
healthcheck:
test: ["CMD", "python", "dataimporter.py", "--check-health"]
interval: 1m
retries: 3
start_period: 20s
develop:
watch:
- path: ./odns-dataimporter
action: rebuild
depends_on:
postgres_db:
condition: service_healthy
# Ofelia scheduler that runs the data importer in the given interval
scheduler:
image: mcuadros/ofelia:0.3
container_name: ofelia_scheduler
restart: always
depends_on:
- data_importer
networks:
- postgresdb_network
command: daemon --docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
ofelia.job-run.data_importer.schedule: "0 0 * * 2"
ofelia.job-run.data_importer.container: "data_importer"
ofelia.job-run.data_importer.command: "python dataimporter.py"
networks:
# Exposed to the public -- in use by nginx
frontend_network:
driver: bridge
# Internal backend network for ODNS-API and nginx
# nginx serves as entrypoint to the ODNS-API
odnsapi_network:
driver: bridge
internal: true
# Network used to isolate database from the public, nginx cannot connect to it
# This network is only used to connect the ODNS-API, and pgadmin with Postgres DB
postgresdb_network:
driver: bridge
internal: true
# Network for pgadmin -- only exposed to localhost
local_network:
driver: bridge
driver_opts:
com.docker.network.bridge.host_binding_ipv4: "127.0.0.1"
volumes:
# Mount shared drive for data importer
odns_data:
driver: local
driver_opts:
type: cifs
o: "username=${SAMBA_USER},password=${SAMBA_PASSWORD},vers=3.0"
device: "//${SAMBA_SHARE}"
# Volume for postgres db
postgres_data:
data_importer_tmp: