-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathdocker-compose-letsencrypt.yml
123 lines (118 loc) · 4.03 KB
/
docker-compose-letsencrypt.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
services:
traefik:
image: traefik:v2.10.6
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=my@domain.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
# **Timeout settings for gRPC**
# - "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=90000s"
# - "--entrypoints.websecure.transport.respondingTimeouts.writeTimeout=90000s"
# - "--entrypoints.websecure.transport.lifeCycle.requestAcceptGraceTimeout=90000s"
ports:
- "80:80"
- "443:443"
restart: always
networks:
- traefik
volumes:
- "./letsencrypt:/letsencrypt"
- "//var/run/docker.sock:/var/run/docker.sock:ro"
mongodb:
image: mongo
restart: always
networks:
- traefik
command: "--bind_ip_all --replSet rs0"
environment:
- MONGO_REPLICA_SET_NAME=rs0
volumes:
- mongodb_data:/data/db
mongosetup:
image: mongo
depends_on:
- mongodb
restart: "no"
networks:
- traefik
command: >
mongosh --host mongodb:27017 --eval
'
db = (new Mongo("mongodb:27017")).getDB("openflow");
config = {
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "mongodb:27017"
}
]
};
rs.initiate(config);
'
rabbitmq:
image: rabbitmq:3-management
restart: always
networks:
- traefik
api:
labels:
- traefik.enable=true
- traefik.frontend.passHostHeader=true
- traefik.http.routers.http-router.entrypoints=websecure
- traefik.http.routers.http-router.tls.certresolver=myresolver
- traefik.http.routers.http-router.rule=Host(`localhost.openiap.io`)
- traefik.http.routers.http-router.service=http-service
- traefik.http.services.http-service.loadbalancer.server.port=3000
- traefik.http.routers.grpc-router.rule=Host(`grpc.localhost.openiap.io`)
- traefik.http.routers.grpc-router.service=grpc-service
- traefik.http.routers.grpc-router.entrypoints=websecure
- traefik.http.routers.grpc-router.tls.certresolver=myresolver
- traefik.http.services.grpc-service.loadbalancer.server.port=50051
- traefik.http.services.grpc-service.loadbalancer.server.scheme=h2c
image: openiap/openflow
deploy:
replicas: 1
pull_policy: always
restart: always
networks:
- traefik
volumes:
- "//var/run/docker.sock:/var/run/docker.sock"
depends_on:
- rabbitmq
- mongodb
environment:
- protocol=https
- domain=localhost.openiap.io
# uncomment below 2 lines, if you have set replicas above 1
# - enable_openflow_amqp=true
# - amqp_prefetch=25
# uncomment to add agents to the same docker compose project ( will breake running docker compose up -d if any agents running )
# - agent_docker_use_project=true
- agent_oidc_userinfo_endpoint=http://api:3000/oidc/me
- agent_oidc_issuer=https://localhost.openiap.io/oidc
- agent_oidc_authorization_endpoint=https://localhost.openiap.io/oidc/auth
- agent_oidc_token_endpoint=http://api:3000/oidc/token
- agent_docker_entrypoints=web,websecure
- agent_docker_certresolver=myresolver
- amqp_url=amqp://guest:guest@rabbitmq
- mongodb_url=mongodb://mongodb:27017/?replicaSet=rs0
- mongodb_db=openflow
- aes_secret=O1itlrmA47WzxPj95YHD2sZs7IchYaQI25mQ
volumes:
mongodb_data:
driver: local
networks:
traefik:
name: traefik