This repository was archived by the owner on Jul 19, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.stage.yml
110 lines (103 loc) · 3.58 KB
/
docker-compose.stage.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
version: '3.8'
networks:
internal:
garnet:
services:
yarn:
image: node:18.13
working_dir: /workspace
volumes:
- ./:/workspace
entrypoint: yarn
networks:
- internal
oathkeeper:
image: oryd/oathkeeper:v0.40.6
command: serve --config /config/oathkeeper/oathkeeper.yaml
volumes:
- ./config/ory/oathkeeper/stage/oathkeeper.yaml:/config/oathkeeper/oathkeeper.yaml
- ./config/ory/oathkeeper/stage/jwks.json:/config/oathkeeper/jwks.json
- ./config/ory/oathkeeper/stage/access-rules.yaml:/config/oathkeeper/access-rules.yaml
ports:
- '4455:4455'
- '4456:4456'
labels:
- 'traefik.http.routers.oathkeeper-app.entrypoints=websecure'
- 'traefik.http.routers.oathkeeper-app.rule=Host(`stage.garnet.pet-project.habr.com`)'
- 'traefik.http.routers.oathkeeper-app.tls=true'
- 'traefik.http.routers.oathkeeper-app.middlewares=cor'
- 'traefik.http.middlewares.cor.headers.accesscontrolallowmethods=POST,GET,OPTIONS'
- 'traefik.http.middlewares.cor.headers.accesscontrolallowheaders=*'
- 'traefik.http.middlewares.cor.headers.accesscontrolalloworiginlist=*'
- 'traefik.http.middlewares.cor.headers.accesscontrolmaxage=86400'
- 'traefik.http.middlewares.cor.headers.addvaryheader=true'
networks:
- garnet
- internal
identity:
restart: unless-stopped
image: node:18.13
working_dir: /workspace
entrypoint: bash -c "yarn workspace @identity/renderer-entrypoint postpack ; yarn workspace @identity/renderer-entrypoint prepack ; yarn workspace @identity/renderer-entrypoint start"
environment:
- NEXT_PUBLIC_KRATOS_URL=https://stage.garnet.pet-project.habr.com/kratos
- NEXT_PUBLIC_BACKEND_URL=https://stage.garnet.pet-project.habr.com/api/graphql
volumes:
- ./:/workspace
ports:
- '3010:3010'
depends_on:
- yarn
- kratos
networks:
- internal
app:
restart: unless-stopped
image: node:18.13
working_dir: /workspace
volumes:
- ./:/workspace
environment:
- NEXT_PUBLIC_KRATOS_URL=https://stage.garnet.pet-project.habr.com/kratos
- NEXT_PUBLIC_BACKEND_URL=https://stage.garnet.pet-project.habr.com/api/graphql
entrypoint: bash -c "yarn workspace @app/renderer-entrypoint postpack ; yarn workspace @app/renderer-entrypoint prepack ; yarn workspace @app/renderer-entrypoint start"
ports:
- '3020:3020'
depends_on:
- yarn
networks:
- internal
kratos:
depends_on:
kratos-migrate:
condition: service_completed_successfully
image: oryd/kratos:v1.0.0
ports:
- '4433:4433'
restart: no
environment:
- DSN=postgres://postgres:password@garnet-backend-kratos-db:5432/postgres?sslmode=disable&max_conns=20&max_idle_conns=4
- LOG_LEVEL=trace
- SELFSERVICE_FLOWS_REGISTRATION_AFTER_HOOKS_0_CONFIG_AUTH_CONFIG_VALUE
command: serve -c /config/kratos/kratos.yaml --dev --watch-courier
volumes:
- type: bind
source: ./config/ory/kratos/stage
target: /config/kratos
- type: bind
source: /etc/ssl/certs
target: /etc/ssl/certs
networks:
- internal
kratos-migrate:
image: docker.io/oryd/kratos:v1.0.0
environment:
- DSN=postgres://postgres:password@garnet-backend-kratos-db:5432/postgres?sslmode=disable&max_conns=20&max_idle_conns=4
volumes:
- type: bind
source: ./config/ory/kratos/stage
target: /config/kratos
command: -c /config/kratos/kratos.yaml migrate sql -e --yes
restart: on-failure
networks:
- internal