2020-06-22 09:54:01 +00:00
|
|
|
version: "3.7"
|
|
|
|
|
2020-11-03 14:43:55 +00:00
|
|
|
x-logging: &default-logging
|
2020-09-30 11:18:39 +00:00
|
|
|
driver: json-file
|
|
|
|
options:
|
|
|
|
max-size: "10m"
|
|
|
|
max-file: "3"
|
|
|
|
|
2020-06-22 09:54:01 +00:00
|
|
|
networks:
|
|
|
|
shared:
|
2020-09-08 14:30:54 +00:00
|
|
|
ipam:
|
|
|
|
driver: default
|
|
|
|
config:
|
2020-10-13 11:47:31 +00:00
|
|
|
- subnet: 10.10.10.0/24
|
2020-06-22 09:54:01 +00:00
|
|
|
|
2020-07-30 12:23:49 +00:00
|
|
|
volumes:
|
|
|
|
webapp:
|
2020-12-08 15:15:31 +00:00
|
|
|
kratos-sqlite:
|
2020-07-30 12:23:49 +00:00
|
|
|
|
2020-06-22 09:54:01 +00:00
|
|
|
services:
|
2020-07-08 12:09:54 +00:00
|
|
|
sia:
|
2020-07-30 10:23:24 +00:00
|
|
|
build:
|
|
|
|
context: ./docker/sia
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
args:
|
2020-11-12 10:08:06 +00:00
|
|
|
branch: v1.5.3
|
2020-07-08 12:09:54 +00:00
|
|
|
container_name: sia
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-07-08 12:09:54 +00:00
|
|
|
environment:
|
|
|
|
- SIA_MODULES=gctwr
|
|
|
|
env_file:
|
|
|
|
- .env
|
|
|
|
volumes:
|
2020-07-30 21:21:00 +00:00
|
|
|
- ./docker/data/sia:/sia-data
|
2020-06-22 09:54:01 +00:00
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.10
|
2020-07-08 12:09:54 +00:00
|
|
|
expose:
|
|
|
|
- 9980
|
|
|
|
|
2020-06-22 09:54:01 +00:00
|
|
|
caddy:
|
|
|
|
build:
|
2020-07-27 13:40:26 +00:00
|
|
|
context: ./docker/caddy
|
|
|
|
dockerfile: Dockerfile
|
2020-06-22 09:54:01 +00:00
|
|
|
container_name: caddy
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-06-22 09:54:01 +00:00
|
|
|
env_file:
|
|
|
|
- .env
|
|
|
|
volumes:
|
|
|
|
- ./docker/data/caddy/data:/data
|
|
|
|
- ./docker/data/caddy/config:/config
|
|
|
|
- ./docker/caddy/Caddyfile:/etc/caddy/Caddyfile
|
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.20
|
2020-06-22 09:54:01 +00:00
|
|
|
ports:
|
|
|
|
- "80:80"
|
|
|
|
- "443:443"
|
|
|
|
depends_on:
|
|
|
|
- nginx
|
|
|
|
|
|
|
|
nginx:
|
2020-07-30 12:23:49 +00:00
|
|
|
image: openresty/openresty:1.15.8.3-2-xenial
|
2020-06-22 09:54:01 +00:00
|
|
|
container_name: nginx
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-07-27 13:40:26 +00:00
|
|
|
env_file:
|
|
|
|
- .env
|
2020-06-22 09:54:01 +00:00
|
|
|
volumes:
|
2020-07-30 12:57:34 +00:00
|
|
|
- ./docker/nginx/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf:ro
|
2020-06-22 09:54:01 +00:00
|
|
|
- ./docker/nginx/conf.d:/etc/nginx/conf.d:ro
|
|
|
|
- ./docker/data/nginx/cache:/data/nginx/cache
|
|
|
|
- ./docker/data/nginx/logs:/usr/local/openresty/nginx/logs
|
2020-07-08 12:09:54 +00:00
|
|
|
- ./docker/data/sia/apipassword:/data/sia/apipassword:ro
|
2020-07-30 12:23:49 +00:00
|
|
|
- webapp:/var/www/webportal:ro
|
2020-06-22 09:54:01 +00:00
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.30
|
2020-06-22 09:54:01 +00:00
|
|
|
expose:
|
|
|
|
- 80
|
|
|
|
depends_on:
|
2020-07-08 12:09:54 +00:00
|
|
|
- sia
|
2020-08-26 13:59:47 +00:00
|
|
|
- health-check
|
2020-07-08 12:09:54 +00:00
|
|
|
- handshake-api
|
2020-06-22 09:54:01 +00:00
|
|
|
|
2020-07-30 12:23:49 +00:00
|
|
|
webapp:
|
|
|
|
build:
|
|
|
|
context: ./packages/webapp
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
container_name: webapp
|
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-07-30 12:23:49 +00:00
|
|
|
tty: true
|
|
|
|
volumes:
|
|
|
|
- webapp:/usr/app/public
|
|
|
|
|
2020-07-27 09:30:55 +00:00
|
|
|
handshake:
|
|
|
|
build:
|
|
|
|
context: ./docker/handshake
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
container_name: handshake
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-07-27 09:30:55 +00:00
|
|
|
environment:
|
2020-07-30 10:00:58 +00:00
|
|
|
- HSD_LOG_CONSOLE=false
|
2020-07-27 09:30:55 +00:00
|
|
|
- HSD_HTTP_HOST=0.0.0.0
|
|
|
|
- HSD_NETWORK=main
|
|
|
|
- HSD_PORT=12037
|
|
|
|
env_file:
|
|
|
|
- .env
|
|
|
|
volumes:
|
|
|
|
- ./docker/data/handshake/.hsd:/root/.hsd
|
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.40
|
2020-07-27 09:30:55 +00:00
|
|
|
expose:
|
|
|
|
- 12037
|
|
|
|
|
|
|
|
handshake-api:
|
|
|
|
build:
|
2020-07-30 12:23:49 +00:00
|
|
|
context: ./packages/handshake-api
|
2020-07-30 10:56:18 +00:00
|
|
|
dockerfile: Dockerfile
|
2020-07-27 09:30:55 +00:00
|
|
|
container_name: handshake-api
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-07-27 09:30:55 +00:00
|
|
|
environment:
|
2020-08-01 15:04:23 +00:00
|
|
|
- HOSTNAME=0.0.0.0
|
2020-07-27 09:30:55 +00:00
|
|
|
- HSD_HOST=handshake
|
|
|
|
- HSD_NETWORK=main
|
|
|
|
- HSD_PORT=12037
|
|
|
|
env_file:
|
|
|
|
- .env
|
2020-07-30 10:00:58 +00:00
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.50
|
2020-07-27 09:30:55 +00:00
|
|
|
expose:
|
|
|
|
- 3100
|
|
|
|
depends_on:
|
|
|
|
- handshake
|
|
|
|
|
2020-06-22 09:54:01 +00:00
|
|
|
health-check:
|
|
|
|
build:
|
2020-07-30 12:23:49 +00:00
|
|
|
context: ./packages/health-check
|
2020-07-30 10:56:18 +00:00
|
|
|
dockerfile: Dockerfile
|
2020-06-22 09:54:01 +00:00
|
|
|
container_name: health-check
|
2020-07-30 10:00:58 +00:00
|
|
|
restart: unless-stopped
|
2020-09-30 11:18:39 +00:00
|
|
|
logging: *default-logging
|
2020-06-22 09:54:01 +00:00
|
|
|
volumes:
|
|
|
|
- ./docker/data/health-check/state:/usr/app/state
|
|
|
|
networks:
|
2020-09-08 14:30:54 +00:00
|
|
|
shared:
|
2020-10-13 11:47:31 +00:00
|
|
|
ipv4_address: 10.10.10.60
|
2020-06-22 09:54:01 +00:00
|
|
|
environment:
|
2020-08-01 15:04:23 +00:00
|
|
|
- HOSTNAME=0.0.0.0
|
2020-07-27 13:40:26 +00:00
|
|
|
- PORTAL_URL=nginx
|
2020-06-22 09:54:01 +00:00
|
|
|
expose:
|
|
|
|
- 3100
|
|
|
|
depends_on:
|
2020-08-05 08:27:25 +00:00
|
|
|
- handshake
|
|
|
|
- handshake-api
|
2020-10-30 18:00:58 +00:00
|
|
|
|
2020-12-10 17:52:50 +00:00
|
|
|
accounts:
|
|
|
|
build:
|
|
|
|
context: ./
|
|
|
|
dockerfile: ./docker/accounts/Dockerfile
|
|
|
|
container_name: accounts
|
|
|
|
restart: unless-stopped
|
|
|
|
logging: *default-logging
|
|
|
|
environment:
|
|
|
|
- SKYNET_DB_HOST="mongo"
|
|
|
|
- SKYNET_DB_PORT="27017"
|
|
|
|
- SKYNET_DB_USER=${SKYNET_DB_USER}
|
|
|
|
- SKYNET_DB_PASS=${SKYNET_DB_PASS}
|
|
|
|
expose:
|
|
|
|
- 3000
|
|
|
|
networks:
|
|
|
|
shared:
|
|
|
|
- ipv4_address: 10.10.10.70
|
|
|
|
depends_on:
|
|
|
|
- mongo
|
|
|
|
- oathkeeper
|
|
|
|
|
2020-10-30 18:00:58 +00:00
|
|
|
mongo:
|
|
|
|
image: mongo:4.4.1
|
|
|
|
command: --keyFile=/data/mgkey --replSet=skynet
|
|
|
|
container_name: mongo
|
|
|
|
restart: unless-stopped
|
|
|
|
logging: *default-logging
|
|
|
|
volumes:
|
|
|
|
- ./docker/data/mongo/db:/data/db
|
|
|
|
- ./docker/data/mongo/mgkey:/data/mgkey:rw
|
|
|
|
networks:
|
|
|
|
shared:
|
2020-12-10 17:52:50 +00:00
|
|
|
ipv4_address: 10.10.10.71
|
2020-10-30 18:00:58 +00:00
|
|
|
ports:
|
|
|
|
- "27017:27017"
|
2020-12-04 16:09:47 +00:00
|
|
|
|
|
|
|
kratos-migrate:
|
|
|
|
image: oryd/kratos:v0.5.4-alpha.1
|
|
|
|
container_name: kratos-migrate
|
2020-12-08 15:15:31 +00:00
|
|
|
restart: on-failure
|
2020-12-04 16:09:47 +00:00
|
|
|
logging: *default-logging
|
|
|
|
environment:
|
2020-12-08 15:15:31 +00:00
|
|
|
- DSN=cockroach://root@cockroachd:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4
|
2020-12-09 14:58:31 +00:00
|
|
|
- SQA_OPT_OUT=true
|
2020-12-04 16:09:47 +00:00
|
|
|
volumes:
|
|
|
|
- ./docker/kratos/config:/etc/config/kratos
|
2020-12-10 17:52:50 +00:00
|
|
|
- type: volume
|
2020-12-08 15:31:34 +00:00
|
|
|
source: kratos-sqlite
|
|
|
|
target: /var/lib/sqlite
|
|
|
|
read_only: false
|
2020-12-04 16:09:47 +00:00
|
|
|
command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
|
|
|
|
networks:
|
|
|
|
shared:
|
|
|
|
ipv4_address: 10.10.10.80
|
|
|
|
|
|
|
|
kratos:
|
|
|
|
image: oryd/kratos:v0.5.4-alpha.1
|
|
|
|
container_name: kratos
|
|
|
|
restart: unless-stopped
|
|
|
|
logging: *default-logging
|
2020-12-08 15:31:34 +00:00
|
|
|
ports:
|
|
|
|
- "4433:4433" # public
|
|
|
|
- "4434:4434" # admin
|
2020-12-04 16:09:47 +00:00
|
|
|
expose:
|
|
|
|
- 4433 # public
|
|
|
|
- 4434 # admin
|
|
|
|
environment:
|
2020-12-08 15:15:31 +00:00
|
|
|
- DSN=cockroach://root@cockroachd:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4
|
2020-12-04 16:09:47 +00:00
|
|
|
- LOG_LEVEL=trace
|
2020-12-09 14:18:22 +00:00
|
|
|
- SERVE_PUBLIC_BASE_URL=https://siasky.xyz/secure/.ory/kratos/public/
|
2020-12-09 14:58:31 +00:00
|
|
|
- SQA_OPT_OUT=true
|
2020-12-04 16:09:47 +00:00
|
|
|
command: serve -c /etc/config/kratos/kratos.yml
|
|
|
|
volumes:
|
|
|
|
- ./docker/kratos/config:/etc/config/kratos
|
2020-12-10 17:52:50 +00:00
|
|
|
- type: volume
|
2020-12-08 15:31:34 +00:00
|
|
|
source: kratos-sqlite
|
|
|
|
target: /var/lib/sqlite
|
|
|
|
read_only: false
|
2020-12-10 17:52:50 +00:00
|
|
|
- type: bind
|
2020-12-08 15:31:34 +00:00
|
|
|
source: ./.kratos.yml
|
|
|
|
target: /etc/config/kratos/kratos.yml
|
2020-12-04 16:09:47 +00:00
|
|
|
networks:
|
|
|
|
shared:
|
|
|
|
ipv4_address: 10.10.10.81
|
|
|
|
depends_on:
|
|
|
|
- kratos-migrate
|
|
|
|
|
|
|
|
kratos-selfservice-ui-node:
|
|
|
|
image: oryd/kratos-selfservice-ui-node:v0.5.0-alpha.1
|
|
|
|
container_name: kratos-selfservice-ui-node
|
2020-12-08 15:31:34 +00:00
|
|
|
restart: on-failure
|
2020-12-04 16:09:47 +00:00
|
|
|
logging: *default-logging
|
|
|
|
environment:
|
2020-12-09 12:50:17 +00:00
|
|
|
- PORT=4435
|
|
|
|
- SECURITY_MODE=jwks
|
2020-12-08 15:41:45 +00:00
|
|
|
- BASE_URL=https://siasky.xyz/secure/
|
2020-12-09 12:50:17 +00:00
|
|
|
- KRATOS_BROWSER_URL=https://siasky.xyz/secure/.ory/kratos/public
|
|
|
|
- JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json
|
2020-12-04 16:09:47 +00:00
|
|
|
- KRATOS_PUBLIC_URL=http://kratos:4433/
|
|
|
|
- KRATOS_ADMIN_URL=http://kratos:4434/
|
2020-12-09 14:58:31 +00:00
|
|
|
- SQA_OPT_OUT=true
|
2020-12-04 16:09:47 +00:00
|
|
|
networks:
|
|
|
|
shared:
|
|
|
|
ipv4_address: 10.10.10.82
|
|
|
|
|
2020-12-09 12:50:17 +00:00
|
|
|
oathkeeper:
|
|
|
|
image: oryd/oathkeeper:v0.38
|
|
|
|
depends_on:
|
|
|
|
- kratos
|
|
|
|
expose:
|
|
|
|
- 4455
|
|
|
|
- 4456
|
|
|
|
command:
|
|
|
|
serve proxy -c "/etc/config/oathkeeper/oathkeeper.yml"
|
|
|
|
environment:
|
|
|
|
- LOG_LEVEL=debug
|
|
|
|
volumes:
|
|
|
|
- ./docker/kratos/oathkeeper:/etc/config/oathkeeper
|
|
|
|
restart: on-failure
|
|
|
|
networks:
|
|
|
|
shared:
|
|
|
|
ipv4_address: 10.10.10.83
|
|
|
|
|
2020-12-08 15:15:31 +00:00
|
|
|
cockroachd:
|
|
|
|
image: cockroachdb/cockroach:v20.1.0
|
|
|
|
container_name: cockroachd
|
|
|
|
command: start --insecure
|
2020-12-08 15:50:27 +00:00
|
|
|
volumes:
|
|
|
|
- kratos-sqlite:/cockroach/cockroach-data
|
2020-12-04 16:09:47 +00:00
|
|
|
expose:
|
2020-12-08 15:15:31 +00:00
|
|
|
- 26257
|
2020-12-04 16:09:47 +00:00
|
|
|
networks:
|
|
|
|
shared:
|
2020-12-10 17:52:50 +00:00
|
|
|
ipv4_address: 10.10.10.84
|