-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
144 lines (133 loc) · 3.02 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
version: '3'
x-minio-common: &minio-common
image: quay.io/minio/minio:RELEASE.2022-04-12T06-55-35Z
command: server --console-address ":9001" http://minio{1...4}/data{1...2}
expose:
- "9000"
- "9001"
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
services:
minio1:
<<: *minio-common
hostname: minio1
volumes:
- data1-1:/data1
- data1-2:/data2
networks:
- default
minio2:
<<: *minio-common
hostname: minio2
volumes:
- data2-1:/data1
- data2-2:/data2
networks:
- default
minio3:
<<: *minio-common
hostname: minio3
volumes:
- data3-1:/data1
- data3-2:/data2
networks:
- default
minio4:
<<: *minio-common
hostname: minio4
volumes:
- data4-1:/data1
- data4-2:/data2
networks:
- default
nginx:
image: nginx:1.19.2-alpine
hostname: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "9000:9000"
- "9001:9001"
depends_on:
- minio1
- minio2
- minio3
- minio4
networks:
- default
postgres:
image: postgres
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
networks:
- default
keycloak:
image: quay.io/keycloak/keycloak:18.0.0
command: start-dev -Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
volumes:
- /cert/client1.csr:/opt/certs/client1.csr
- /cert/client1.key:/opt/certs/client1.key
- /cert/client1.pem:/opt/certs/client1.pem
- /cert/client2.csr:/opt/certs/client2.csr
- /cert/client2.key:/opt/certs/client2.key
- /cert/client2.pem:/opt/certs/client2.pem
- /cert/rootCA.key:/opt/certs/rootCA.key
- /cert/rootCA.pem:/opt/certs/rootCA.pem
- /cert/serial:/opt/certs/serial
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: Pa55w0rd
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KEYCLOAK_HTTPS_CERTIFICATE_FILE: /opt/certs/client2.pem
KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE: /opt/certs/client2.key
ports:
- 8080:8080
depends_on:
- postgres
networks:
- default
proxy:
build: .
restart: always
command: python proxy_server.py
volumes:
- 'logs:/opt/logs:rw'
ports:
- "5000:5000"
networks:
- default
networks:
# bridge:
# external: true
default:
external:
name: sber_net
volumes:
logs:
data1-1:
data1-2:
data2-1:
data2-2:
data3-1:
data3-2:
data4-1:
data4-2:
postgres_data:
driver: local