-
Notifications
You must be signed in to change notification settings - Fork 9
/
compose.yaml
89 lines (89 loc) · 5.02 KB
/
compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
---
version: '3.7'
x-environment: &environment
# REQUIRED
SUPERBLOCKS_ORCHESTRATOR_SUPERBLOCKS_KEY: ${SUPERBLOCKS_AGENT_KEY}
SUPERBLOCKS_AGENT_KEY: ${SUPERBLOCKS_AGENT_KEY}
# OPTIONAL
SUPERBLOCKS_ORCHESTRATOR_AGENT_TAGS: ${SUPERBLOCKS_AGENT_TAGS}
SUPERBLOCKS_ORCHESTRATOR_AGENT_HOST_URL: ${SUPERBLOCKS_AGENT_HOST_URL:-http://localhost:8080}
SUPERBLOCKS_ORCHESTRATOR_HTTP_PORT: ${SUPERBLOCKS_AGENT_PORT:-8080}
SUPERBLOCKS_ORCHESTRATOR_GRPC_PORT: ${SB_GRPC_PORT:-8081}
SUPERBLOCKS_ORCHESTRATOR_DATA_DOMAIN: ${SUPERBLOCKS_AGENT_DATA_DOMAIN:-app.superblocks.com}
SUPERBLOCKS_ORCHESTRATOR_HANDLE_CORS: "true"
NODE_OPTIONS: --max-old-space-size=${SUPERBLOCKS_AGENT_MEMORY_LIMIT:-3000}
SUPERBLOCKS_ORCHESTRATOR_SUPERBLOCKS_URL: ${__SUPERBLOCKS_AGENT_SERVER_URL:-https://api.superblocks.com}
SUPERBLOCKS_ORCHESTRATOR_OTEL_COLLECTOR_HTTP_URL: "${SUPERBLOCKS_ORCHESTRATOR_OTEL_COLLECTOR_HTTP_URL:-https://traces.intake.superblocks.com/v1/traces}"
SUPERBLOCKS_ORCHESTRATOR_EMITTER_REMOTE_INTAKE: "${SUPERBLOCKS_ORCHESTRATOR_EMITTER_REMOTE_INTAKE:-https://logs.intake.superblocks.com}"
SUPERBLOCKS_ORCHESTRATOR_INTAKE_METADATA_URL: "${SUPERBLOCKS_ORCHESTRATOR_INTAKE_METADATA_URL:-https://metadata.intake.superblocks.com}"
SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_SIGNING_KEY_ID: "${SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_SIGNING_KEY_ID:-}"
SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_VERIFICATION_KEY_IDS: "${SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_VERIFICATION_KEY_IDS:-}"
SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_KEYS: "${SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_KEYS:-}"
SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_ENABLED: "${SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_ENABLED:-false}"
SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_VERIFICATION_ENABLED: "${SUPERBLOCKS_ORCHESTRATOR_SIGNATURE_VERIFICATION_ENABLED:-false}"
SUPERBLOCKS_ORCHESTRATOR_RESIGNER_ENABLED: "${SUPERBLOCKS_ORCHESTRATOR_RESIGNER_ENABLED:-false}"
SUPERBLOCKS_ORCHESTRATOR_EVENTS_CLOUD_ENABLED: "${SUPERBLOCKS_ORCHESTRATOR_EVENTS_CLOUD_ENABLED:-false}"
SUPERBLOCKS_ORCHESTRATOR_EVENTS_CLOUD_URL: "${SUPERBLOCKS_ORCHESTRATOR_EVENTS_CLOUD_URL:-queue.intake.superblocks.com:8443}"
SUPERBLOCKS_ORCHESTRATOR_FILE_SERVER_URL: http://127.0.0.1:${SUPERBLOCKS_AGENT_PORT:-8080}/v2/files
services:
proxy:
# Configurable variables for traefik to set up https
# SUPERBLOCKS_LETSENCRYPT_EMAIL, default ''
# SUPERBLOCKS_PROXY_REPLICA_COUNT, default 0
# SUPERBLOCKS_LETSENCRYPT_DIR, default letsencrypt
# SUPERBLOCKS_AGENT_CUSTOM_DOMAIN, default .+
image: traefik:v2.8
deploy:
replicas: ${SUPERBLOCKS_PROXY_REPLICA_COUNT:-0}
ports:
- '80:80'
- '443:443'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './${SUPERBLOCKS_LETSENCRYPT_DIR:-letsencrypt}:/${SUPERBLOCKS_LETSENCRYPT_DIR:-letsencrypt}'
command:
- '--log.level=${SUPERBLOCKS_PROXY_LOG_LEVEL:-INFO}'
- '--providers.docker=true'
- '--entrypoints.web.address=:80'
- '--entrypoints.websecure.address=:443'
- '--certificatesresolvers.letsencrypt.acme.email=${SUPERBLOCKS_LETSENCRYPT_EMAIL:-}'
- '--certificatesresolvers.letsencrypt.acme.storage=/${SUPERBLOCKS_LETSENCRYPT_DIR:-letsencrypt}/acme.json'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge=true'
- '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web'
labels:
### core config
- 'traefik.enable=true'
### http to https redirect
- 'traefik.http.routers.http-catchall.entrypoints=web'
- 'traefik.http.routers.http-catchall.rule=Host(`${SUPERBLOCKS_AGENT_CUSTOM_DOMAIN:-}`)'
- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
restart: unless-stopped
agent:
image: ${SUPERBLOCKS_DOCKER_AGENT_REPOSITORY:-ghcr.io/superblocksteam/agent}:${SUPERBLOCKS_DOCKER_AGENT_TAG:-latest}
pull_policy: ${SUPERBLOCKS_DOCKER_IMAGE_PULL_POLICY:-always}
environment:
!!merge <<: *environment
__SUPERBLOCKS_WORKER_LOCAL_ENABLED: 'true'
SUPERBLOCKS_WORKER_TLS_INSECURE: 'true'
SUPERBLOCKS_CONTROLLER_DISCOVERY_ENABLED: 'false'
ports:
- '${SUPERBLOCKS_AGENT_PORT:-8080}:${SUPERBLOCKS_AGENT_PORT:-8080}'
- '${SB_GRPC_PORT:-8081}:${SB_GRPC_PORT:-8081}'
- '${SUPERBLOCKS_ORCHESTRATOR_METRICS_PORT:-9090}'
labels:
- 'traefik.http.routers.controller.rule=Host(`${SUPERBLOCKS_AGENT_CUSTOM_DOMAIN:-}`)'
- 'traefik.http.routers.controller.entrypoints=websecure'
- 'traefik.http.routers.controller.tls=true'
- 'traefik.http.routers.controller.tls.certresolver=letsencrypt'
- 'traefik.http.services.controller.loadbalancer.server.port=${SUPERBLOCKS_AGENT_PORT:-8080}'
restart: unless-stopped
logging:
options:
# Follows this format:
#
# https://docs.docker.com/compose/compose-file/#specifying-byte-values
#
max-size: ${SUPERBLOCKS_AGENT_LOGGING_MAX_SIZE:-12m}
max-file: ${SUPERBLOCKS_AGENT_LOGGING_MAX_FILES:-5}
driver: ${SUPERBLOCKS_AGENT_LOGGING_DRIVER:-json-file}