-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathdocker-compose.yml
160 lines (156 loc) · 4.54 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
version: "2.4"
services:
mobile-config:
image: mobile-config:latest
build:
context: .
dockerfile: mobile_config.Dockerfile
depends_on:
- postgres
ports:
- 8090:8090
environment:
CFG__DATABASE__URL: postgres://postgres:postgres@postgres:5432/mobile_config_db
CFG__DATABASE__MAX_CONNECTIONS: 50
CFG__METADATA__URL: postgres://postgres:postgres@postgres:5432/mobile_metadata_db
CFG__METADATA__MAX_CONNECTIONS: 50
CFG__LISTEN: 0.0.0.0:8090
CFG__METRICS__ENDPOINT: 0.0.0.0:19010
CFG__ADMIN_PUBKEY: ${CONFIG_ADMIN_PUBKEY}
CFG__SIGNING_KEYPAIR: /config-signing-key.bin
CFG__LOG: debug
volumes:
- ${CONFIG_SIGNING_KEY}:/config-signing-key.bin:ro
iot-config:
image: iot-config:latest
build:
context: .
dockerfile: iot_config.Dockerfile
depends_on:
- postgres
ports:
- "8080:8080"
environment:
CFG__DATABASE__URL: postgres://postgres:postgres@postgres:5432/iot_config_db
CFG__DATABASE__MAX_CONNECTIONS: 50
CFG__METADATA__URL: postgres://postgres:postgres@postgres:5432/iot_metadata_db
CFG__METADATA__MAX_CONNECTIONS: 50
CFG__LISTEN: 0.0.0.0:8080
CFG__METRICS__ENDPOINT: 0.0.0.0:19000
CFG__ADMIN: ${CONFIG_ADMIN_PUBKEY}
CFG__KEYPAIR: /config-signing-key.bin
CFG__LOG: info
volumes:
- ${CONFIG_SIGNING_KEY}:/config-signing-key.bin:ro
postgres:
image: postgres:latest
environment:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
POSTGRES_DBS: >
iot_config_db
iot_metadata_db
mobile_index_db
iot_index_db
mobile_verifier_db
iot_verifier_db
mobile_config_db
mobile_metadata_db
iot_packet_verifier_db
mobile_packet_verifier_db
PGDATA: /data
ports:
- "5432:5432"
entrypoint:
- /bin/bash
- -c
- |
for db in $${POSTGRES_DBS[@]}
do
cat > /docker-entrypoint-initdb.d/$${db}-setup.sql <<EOF
create database $$db
with
owner = $$POSTGRES_USER
encoding = 'UTF8'
lc_collate = 'en_US.utf8'
lc_ctype = 'en_US.utf8'
tablespace = pg_default
connection limit = -1;
EOF
done
docker-entrypoint.sh postgres -c log_statement=all
volumes:
- db-data:/data
minio:
image: minio/minio:latest
environment:
MINIO_ROOT_USER: oracleadmin
MINIO_ROOT_PASSWORD: oracleadmin
ports:
- "9000:9000"
- "9090:9090"
volumes:
- bucket-data:/data
command: server /data --console-address ":9090"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
minio-setup:
image: minio/mc:latest
depends_on:
- minio
environment:
MINIO_ROOT_USER: oracleadmin
MINIO_ROOT_PASSWORD: oracleadmin
MINIO_BUCKETS: >
mobile-ingest
iot-ingest
iot-entropy
mobile-verifier
iot-verifier
mobile-packet-verifier
iot-packet-verifier
iot-price
mobile-price
ORACLE_ID: oraclesecretid
ORACLE_KEY: oraclesecretkey
entrypoint:
- /bin/bash
- -c
- |
cat > /bucket-policy.json <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListObjectsInBucket",
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": ["arn:aws:s3:::*"]
},
{
"Sid": "AllObjectActions",
"Effect": "Allow",
"Action": "s3:*Object",
"Resource": ["arn:aws:s3:::*"]
}
]
}
EOF
sleep 2
/usr/bin/mc alias set localminio http://minio:9000 $${MINIO_ROOT_USER} $${MINIO_ROOT_PASSWORD}
for bucket in $${MINIO_BUCKETS[@]}
do
if ! /usr/bin/mc ls localminio/$${bucket} > /dev/null 2>&1 ; then
echo "creating bucket $${bucket}"
/usr/bin/mc mb localminio/$${bucket}
fi
done
/usr/bin/mc admin policy add localminio fullaccess /bucket-policy.json
/usr/bin/mc admin user add localminio $${ORACLE_ID} $${ORACLE_KEY}
/usr/bin/mc admin policy set localminio fullaccess user=$${ORACLE_ID}
volumes:
bucket-data:
db-data: