-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.werf.yml
executable file
·126 lines (116 loc) · 3.67 KB
/
docker-compose.werf.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
version: "3.8"
services:
actix-react-oidc-keycloakdb:
container_name: actix-react-oidc-keycloakdb
image: postgres:12.9
labels:
kompose.controller.type: "statefulset"
volumes:
- keycloakdb:/var/lib/postgresql/data
ports:
- "5432:5432"
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
healthcheck:
test: ["CMD-SHELL", "/bin/sh", "-c", "exec pg_isready -h 127.0.0.1"]
interval: 5s
timeout: 5s
retries: 5
networks:
- actix-react-oidc-network
actix-react-oidc-keycloak:
container_name: actix-react-oidc-keycloak
image: quay.io/keycloak/keycloak:19.0.3
labels:
kompose.service.expose: "keycloak.actix-react-oidc.test"
# kompose.service.expose.tls-secret: "actix-react-oidc-keycloak-secret"
kompose.service.expose.ingress-class-name: "nginx"
# cert-manager.io/cluster-issuer: cert-manager-issuer
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080/health/ready" ]
interval: 20s
retries: 5
start_period: 20s
timeout: 10s
environment:
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://actix-react-oidc-keycloakdb:5432/postgres
KC_DB_USERNAME: postgres
KC_DB_PASSWORD: postgres
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KC_FEATURES:
token-exchange
KC_HOSTNAME_STRICT: 'false'
KC_HOSTNAME_STRICT_HTTPS: 'false'
KC_HOSTNAME_STRICT_BACKCHANNEL: 'false'
KC_HTTP_ENABLED: 'true'
PROXY_ADDRESS_FORWARDING: 'true'
KC_CACHE_STACK: tcp
KC_HEALTH_ENABLED: 'true'
configs:
- source: keycloak-realm
target: /opt/keycloak/data/import/realm-export.json
ports:
- "80:8080"
command:
- "start"
- "--http-port 8080"
- "--proxy=passthrough"
- "--import-realm"
depends_on:
- actix-react-oidc-keycloakdb
networks:
- actix-react-oidc-network
actix-react-oidc-backend:
container_name: actix-react-oidc-backend
image: "{{ .Values.werf.image.actix_react_oidc_backend }}"
labels:
kompose.service.expose: "backend.actix-react-oidc.test"
# kompose.service.expose.tls-secret: "actix-react-oidc-backend-secret"
kompose.service.expose.ingress-class-name: "nginx"
# cert-manager.io/cluster-issuer: cert-manager-issuer
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080/healthcheck" ]
interval: 20s
retries: 5
start_period: 20s
timeout: 10s
ports:
- "80:8080"
environment:
ISSUER: http://keycloak.actix-react-oidc.test/realms/actix-react-demo
depends_on:
- actix-react-oidc-keycloak
networks:
- actix-react-oidc-network
actix-react-oidc-web:
container_name: actix-react-oidc-web
image: "{{ .Values.werf.image.actix_react_oidc_web }}"
labels:
kompose.service.expose: "actix-react-oidc.test"
# kompose.service.expose.tls-secret: "actix-react-oidc-web-secret"
kompose.service.expose.ingress-class-name: "nginx"
# cert-manager.io/cluster-issuer: cert-manager-issuer
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:3000" ]
interval: 20s
retries: 5
start_period: 20s
timeout: 10s
ports:
- "80:3000"
depends_on:
- actix-react-oidc-keycloak
networks:
- actix-react-oidc-network
networks:
actix-react-oidc-network:
name: actix-react-oidc-network
configs:
keycloak-realm:
file: ./.keycloak/realm-export.json
volumes:
keycloakdb:
driver: local