250 lines
5.7 KiB
YAML
250 lines
5.7 KiB
YAML
services:
|
|
certbot:
|
|
build:
|
|
context: ./certbot
|
|
dockerfile: Dockerfile
|
|
container_name: certbot
|
|
volumes:
|
|
- ./certbot/config:/etc/letsencrypt/config
|
|
- certbot_data:/etc/letsencrypt
|
|
- certbot_www:/var/www/certbot
|
|
env_file:
|
|
- .env
|
|
environment:
|
|
- EMAIL=${EMAIL}
|
|
- DOMAINS=${ALL_DOMAINS}
|
|
- STAGING=0
|
|
restart: unless-stopped
|
|
|
|
nginx:
|
|
build:
|
|
context: ./nginx
|
|
dockerfile: Dockerfile
|
|
env_file: .env
|
|
container_name: nginx
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- certbot_data:/etc/letsencrypt
|
|
- certbot_www:/var/www/certbot
|
|
- ./stubSite:/usr/share/nginx/stub/html
|
|
- ../yalarba/serv_spa/spa/vue/dist:/usr/share/nginx/yalarba/html
|
|
- ../valitovgaziz/html:/usr/share/nginx/valitovgaziz/html
|
|
- ../yalarba/easySite/easy-site/prod:/usr/share/nginx/easysite102/html
|
|
- ./bbvue/dist:/usr/share/nginx/begushiybashkir/html
|
|
networks:
|
|
- web-network
|
|
- internal
|
|
- app-network
|
|
- bb-network
|
|
- keycloak-network
|
|
depends_on:
|
|
- certbot
|
|
- api
|
|
- api_bb
|
|
- keycloak
|
|
|
|
api:
|
|
build:
|
|
context: ./serv_golang_rest_api
|
|
dockerfile: Dockerfile
|
|
ports:
|
|
- "8888:8080"
|
|
container_name: serv_golang_rest_api
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
environment:
|
|
# Database connection settings
|
|
DB_HOST: db
|
|
DB_PORT: 5432
|
|
DB_USER: postgres
|
|
DB_PASSWORD: postgres
|
|
DB_NAME: mydb
|
|
APP_PORT: 8080
|
|
networks:
|
|
- app-network
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD",
|
|
"wget",
|
|
"--no-verbose",
|
|
"--tries=1",
|
|
"--spider",
|
|
"http://localhost:8080/health",
|
|
]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
db:
|
|
image: postgres:15-alpine
|
|
ports:
|
|
- "5432:5432"
|
|
environment:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
POSTGRES_DB: mydb
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
- ./migrations:/docker-entrypoint-initdb.d
|
|
networks:
|
|
- app-network
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
interval: 5s
|
|
timeout: 10s
|
|
retries: 5
|
|
|
|
api_bb:
|
|
build:
|
|
context: ./api_bb
|
|
dockerfile: Dockerfile
|
|
ports:
|
|
- "7777:8080"
|
|
container_name: api_bb
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db_bb:
|
|
condition: service_healthy
|
|
env_file:
|
|
- ./api_bb/.env
|
|
volumes:
|
|
- uploads_data:/app/uploads
|
|
environment:
|
|
# Database connection settings
|
|
DB_HOST: db_bb
|
|
DB_PORT: 5432
|
|
DB_USER: postgres
|
|
DB_PASSWORD: postgres
|
|
DB_NAME: bb_db
|
|
APP_PORT: 8080
|
|
networks:
|
|
- bb-network
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD",
|
|
"wget",
|
|
"--no-verbose",
|
|
"--tries=1",
|
|
"--spider",
|
|
"http://localhost:8080/api/health",
|
|
]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
db_bb:
|
|
image: postgres:15-alpine
|
|
ports:
|
|
- "5433:5432"
|
|
environment:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
POSTGRES_DB: bb_db
|
|
volumes:
|
|
- bb_data:/var/lib/postgresql/data
|
|
networks:
|
|
- bb-network
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
interval: 5s
|
|
timeout: 10s
|
|
retries: 5
|
|
|
|
keycloak:
|
|
image: quay.io/keycloak/keycloak:22.0.0
|
|
container_name: keycloak
|
|
restart: unless-stopped
|
|
environment:
|
|
# Админ аккаунт
|
|
KEYCLOAK_ADMIN: admin
|
|
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
|
|
|
|
# БАЗА ДАННЫХ - КРИТИЧЕСКИ ВАЖНЫЕ ПЕРЕМЕННЫЕ
|
|
KC_DB: postgres
|
|
KC_DB_URL: jdbc:postgresql://keycloak-db:5432/keycloak
|
|
KC_DB_USERNAME: keycloak
|
|
KC_DB_PASSWORD: ${KEYCLOAK_DB_PASSWORD:-keycloak}
|
|
|
|
# Хост настройки
|
|
KC_HOSTNAME: auth.yalarba.ru
|
|
KC_HOSTNAME_STRICT: true
|
|
KC_HOSTNAME_STRICT_HTTPS: true
|
|
KC_HTTP_ENABLED: false
|
|
KC_PROXY: edge
|
|
|
|
# Дополнительные настройки
|
|
KC_LOG_LEVEL: INFO
|
|
KC_METRICS_ENABLED: true
|
|
KC_HEALTH_ENABLED: true
|
|
|
|
# Явно указываем использовать переменные окружения
|
|
KC_FEATURES: scripting
|
|
command:
|
|
- start
|
|
- --optimized
|
|
- --db=postgres
|
|
- --db-url=jdbc:postgresql://keycloak-db:5432/keycloak
|
|
- --db-username=keycloak
|
|
- --db-password=${KEYCLOAK_DB_PASSWORD:-keycloak}
|
|
volumes:
|
|
- keycloak_data:/opt/keycloak/data
|
|
networks:
|
|
- keycloak-network
|
|
- internal
|
|
depends_on:
|
|
keycloak-db:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8080/health/ready"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
keycloak-db:
|
|
image: postgres:15-alpine
|
|
container_name: keycloak-db
|
|
restart: unless-stopped
|
|
ports:
|
|
- "5434:5432"
|
|
environment:
|
|
POSTGRES_DB: keycloak
|
|
POSTGRES_USER: keycloak
|
|
POSTGRES_PASSWORD: ${KEYCLOAK_DB_PASSWORD:-keycloak}
|
|
volumes:
|
|
- keycloak_db_data:/var/lib/postgresql/data
|
|
networks:
|
|
- keycloak-network
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U keycloak"]
|
|
interval: 5s
|
|
timeout: 10s
|
|
retries: 5
|
|
|
|
volumes:
|
|
certbot_data:
|
|
certbot_www:
|
|
postgres_data:
|
|
bb_data:
|
|
uploads_data:
|
|
keycloak_data:
|
|
keycloak_db_data:
|
|
|
|
networks:
|
|
web-network:
|
|
driver: bridge
|
|
internal:
|
|
driver: bridge
|
|
app-network:
|
|
driver: bridge
|
|
bb-network:
|
|
driver: bridge
|
|
keycloak-network:
|
|
driver: bridge
|