-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy pathdocker-compose-keycloak.yml
152 lines (143 loc) · 4.22 KB
/
docker-compose-keycloak.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
version: '2.3'
services:
sormas:
extends:
file: services-base.yml
service: base-sormas
labels:
- autoheal=true
# override for stop timeout seconds during restart
- autoheal.stop.timeout=30
links:
- postgres
environment:
- DB_JDBC_MAXPOOLSIZE=${DB_JDBC_MAXPOOLSIZE}
- AUTHENTICATION_PROVIDER=KEYCLOAK
- KEYCLOAK_SORMAS_UI_SECRET=${KEYCLOAK_SORMAS_UI_SECRET}
- KEYCLOAK_SORMAS_REST_SECRET=${KEYCLOAK_SORMAS_REST_SECRET}
- KEYCLOAK_SORMAS_BACKEND_SECRET=${KEYCLOAK_SORMAS_BACKEND_SECRET}
- CACERTS_PASS=${CACERTS_PASS}
- KEYSTORE_PASS=${KEYSTORE_PASS}
- SORMAS2SORMAS_ENABLED=${SORMAS2SORMAS_ENABLED}
- SORMAS2SORMAS_KEYALIAS=
- SORMAS2SORMAS_KEYSTORENAME=
- SORMAS2SORMAS_KEYPASSWORD=
- SORMAS2SORMAS_TRUSTSTORENAME=
- SORMAS2SORMAS_TRUSTSTOREPASSWORD=
- SORMAS2SORMAS_DIR=${SORMAS2SORMAS_DIR}
- SORMAS_ORG_ID=${SORMAS_ORG_ID}
- SORMAS_ORG_NAME=${SORMAS_ORG_NAME}
- SORMAS_HOST_NAME=${SORMAS_SERVER_URL}
- SORMAS_HTTPS_PORT=443
- NAMESIMILARITYTHRESHOLD=${NAMESIMILARITYTHRESHOLD}
volumes:
- ${SORMAS_PATH}/documents:/opt/sormas/documents
- ${SORMAS_PATH}/custom:/opt/sormas/custom
- ${SORMAS_PATH}/sormas-logs:/opt/domains/sormas/logs
- ./apache2/certs:/tmp/certs
healthcheck:
test: ["CMD", "curl", "-f", "-I", "http://localhost:6048"]
interval: 30s
timeout: 7s
retries: 3
start_period: 300s
# In case you run this deployment locally where "sormas-docker-test.com" cannot be resolved via normal DNS,
# add the following lines
# extra_hosts:
# - "sormas-docker-test.com:YOUR_LOCAL_IP"
depends_on:
postgres:
condition: service_healthy
keycloak:
condition: service_healthy
keycloak:
links:
- keycloak-postgres
extends:
file: services-base.yml
service: base-keycloak
depends_on:
keycloak-postgres:
condition: service_healthy
postgres:
extends:
file: services-base.yml
service: base-postgres
volumes:
- ${SORMAS_PATH}/psqldata:/var/lib/postgresql/data
ports:
- "5432:5432"
keycloak-postgres:
extends:
file: services-base.yml
service: base-keycloak-postgres
volumes:
- ${SORMAS_PATH}/keycloak/psqldata:/var/lib/postgresql/data
ports:
- 5433:5432
expose:
- 5432
pg_dump:
extends:
file: services-base.yml
service: base-pg_dump
environment:
- DB_HOST=${DB_HOST}
- PGPASSWORD=${SORMAS_POSTGRES_PASSWORD}
- POSTGRES_USER=${SORMAS_POSTGRES_USER}
- BACKUP_FILES=${BACKUP_FILES}
- BACKUP_PATH=${SORMAS_PATH}
- MIN=15,45 # Twice the hour on 15 and 45 (use crontab notation)
- HOUR= # Keep empty for every hour. Use crontab notation otherwise
- KEEP=1 # keep db dumps for one day in backup folder
volumes:
- /backup:/var/opt/db_dumps
- ${SORMAS_PATH}:${SORMAS_PATH}
depends_on:
postgres:
condition: service_healthy
pg_dump_keycloak:
extends:
file: services-base.yml
service: base-pg_dump
environment:
- DB_HOST=${KEYCLOAK_DB_HOST}
- PGPASSWORD=${KEYCLOAK_DB_PASSWORD}
- POSTGRES_USER=${KEYCLOAK_DB_USER}
- MIN=0 # At 0 Minutes
- HOUR=*/4 # Every 4 hours
- KEEP=1 # keep db dumps for one day in backup folder
- BACKUP_FILES=
volumes:
- /backup-keycloak:/var/opt/db_dumps
depends_on:
keycloak-postgres:
condition: service_healthy
apache2:
extends:
file: services-base.yml
service: base-apache2
links:
- sormas
- keycloak
environment:
- PROMETHEUS_SERVERS=${PROMETHEUS_SERVERS}
- HTTP_TIMEOUT=${HTTP_TIMEOUT}
volumes:
- ./apache2/certs:/usr/local/apache2/certs
- ${SORMAS_PATH}/apache2_log:/var/log/apache2
ports:
- 443:443
- 80:80
depends_on:
sormas:
condition: service_healthy
autoheal:
extends:
file: services-base.yml
service: base-autoheal
environment:
# wait 0 seconds before first health check
- AUTOHEAL_START_PERIOD=0
volumes:
- /var/run/docker.sock:/var/run/docker.sock