generated from jonastahl/templates-Quarkus-Vue
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
150 lines (133 loc) · 4.79 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
services:
turnierplaner:
build:
context: .
dockerfile: src/main/docker/Dockerfile.jvm
container_name: turnierplaner-app
environment:
# title uses the default Turnierplaner text
TURNIERPLANER_TITLE: title
TURNIERPLANER_LANGUAGE: de
TURNIERPLANER_REGISTRATION_EXPIRE: 30
TURNIERPLANER_ADMIN_VERIFICATION_NEEDED: true
TURNIERPLANER_FRONTEND_URL: https://localhost:8080
TURNIERPLANER_REALM: Quarkus # used by user query for admin
TURNIERPLANER_OIDC_FRONTEND: http://localhost:7777/realms/Quarkus # address used by frontend
# remove next to line for a clean setup without testdata
TURNIERPLANER_TESTDATA: true
QUARKUS_HIBERNATE_ORM_DATABASE_GENERATION: drop-and-create
QUARKUS_DATASOURCE_USERNAME: turnierplaner
QUARKUS_DATASOURCE_PASSWORD: turnierplaner
QUARKUS_DATASOURCE_JDBC_URL: jdbc:postgresql://turnierplaner_db/turnierplaner
QUARKUS_HTTP_CORS: true
# QUARKUS_HTTP_HOST: "https://your.domain"
QUARKUS_HTTP_CORS_ORIGINS: "*" # set domain for prod
# QUARKUS_HTTP_CORS_ORIGINS: "https://your.domain"
QUARKUS_HTTP_PORT: 8080
QUARKUS_KEYCLOAK_ADMIN_CLIENT_SERVER_URL: http://keycloak:8080 # use for user management, can be container address
QUARKUS_OIDC_AUTH_SERVER_URL: http://keycloak:8080/realms/Quarkus # used by backend, can be container address
QUARKUS_OIDC_CLIENT_ID: backend-quarkus
QUARKUS_OIDC_CREDENTIALS_SECRET: '**********'
QUARKUS_OIDC_TLS_VERIFICATION: none # only for use behind reverse proxy!
QUARKUS_MAILER_FROM: ${MAIL_FROM}
QUARKUS_MAILER_HOST: ${MAIL_HOST}
QUARKUS_MAILER_PORT: 465
QUARKUS_MAILER_TLS: true
QUARKUS_MAILER_USERNAME: ${MAIL_USER}
QUARKUS_MAILER_PASSWORD: ${MAIL_PASS}
QUARKUS_LOG_LEVEL: DEBUG
ports:
- "8080:8080"
depends_on:
turnierplaner_db:
condition: service_healthy
keycloak:
condition: service_healthy
networks:
- turnierplaner_network
- keycloak_network
turnierplaner_db:
image: postgres:latest
container_name: turnierplaner-db
environment:
POSTGRES_USER: turnierplaner
POSTGRES_PASSWORD: turnierplaner
POSTGRES_DB: turnierplaner
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d turnierplaner -U turnierplaner" ]
interval: 10s
timeout: 5s
retries: 5
volumes:
- turnierplaner_db:/var/lib/postgresql/data
networks:
- turnierplaner_network
# example keycloak configuration
# no tls configured
# -> only use for local testing or behind an edge reverse proxy
keycloak:
restart: on-failure:5
container_name: keycloak-app
image: quay.io/keycloak/keycloak:26.0
environment:
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://keycloak_db/keycloak
KC_DB_USERNAME: ${POSTGRES_USER:-keycloak}
KC_DB_PASSWORD: ${POSTGRES_PASSWORD:-eX4mP13p455w0Rd}
# use only for local tests
KC_HOSTNAME_STRICT: false
# use for prod system
# KC_HOSTNAME: ${KC_HOSTNAME:-your.domain}
# KC_HOSTNAME_BACKCHANNEL_DYNAMIC: true
KC_HTTP_ENABLED: true
# enable for usage behind reverse proxy, xforward headers need to be set!
# KC_PROXY_HEADERS: xforwarded
# use this to check if headers are set correctly
# https://your-domain/realms/master/hostname-debug
# KC_HOSTNAME_DEBUG: true
# always set a new admin account after the first start!
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
# used to determine healthiness of container
KC_HEALTH_ENABLED: true
KC_METRICS_ENABLED: true
command: start
ports:
- 7777:8080 # remove this behind a reverse proxy
depends_on:
keycloak_db:
condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/9000;echo -e 'GET /health/ready HTTP/1.1\r\nhost: http://localhost\r\nConnection: close\r\n\r\n' >&3;if [ $? -eq 0 ]; then echo 'Healthcheck Successful';exit 0;else echo 'Healthcheck Failed';exit 1;fi;"]
interval: 10s
timeout: 5s
retries: 3
networks:
- keycloak_network
keycloak_db:
image: postgres:latest
container_name: keycloak-db
restart: always
volumes:
- keycloak_db:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: ${POSTGRES_USER:-keycloak}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-eX4mP13p455w0Rd}
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d keycloak -U keycloak" ]
interval: 10s
timeout: 5s
retries: 5
networks:
- keycloak_network
volumes:
keycloak_db:
driver: local
turnierplaner_db:
driver: local
networks:
keycloak_network:
driver: bridge
turnierplaner_network:
driver: bridge