-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
114 lines (107 loc) · 4.48 KB
/
docker-compose.yml
File metadata and controls
114 lines (107 loc) · 4.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# docker-compose.yml
name: ${COMPOSE_PROJECT_NAME:-rocketgraph}
services:
frontend:
image: ${MC_FRONTEND_IMAGE:-docker.io/rocketgraph/mission-control-frontend:latest}
ports:
- "${MC_PORT:-80}:80"
- "${MC_SSL_PORT:-443}:443"
networks:
- external-network
volumes:
- ${MC_SSL_PUBLIC_CERT:-~/.rocketgraph/.fallback_mount/certs/xgt-public.pem}:/etc/ssl/certs/td.pem:ro,Z
- ${MC_SSL_PRIVATE_KEY:-~/.rocketgraph/.fallback_mount/certs/xgt-private.pem}:/etc/ssl/private/td.pem:ro,Z
- ${MC_SSL_CERT_CHAIN:-~/.rocketgraph/.fallback_mount/certs/xgt-chain.pem}:/etc/ssl/certs/ca-chain.pem:ro,Z
depends_on:
backend:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "-q", "--spider", "http://localhost/health"]
interval: 30s
timeout: 5s
retries: 3
start_period: 10s
restart: on-failure
backend:
image: ${MC_BACKEND_IMAGE:-docker.io/rocketgraph/mission-control-backend:latest}
environment:
MC_MONGO_URI: mongodb://mongodb:27017
MC_PORT: ${MC_PORT:-80}
MC_SSL_PORT: ${MC_SSL_PORT:-443}
MC_DEFAULT_XGT_HOST: ${MC_DEFAULT_XGT_HOST:-}
MC_DEFAULT_XGT_PORT: ${MC_DEFAULT_XGT_PORT:-}
MC_SESSION_TTL: ${MC_SESSION_TTL:-}
MC_SSL_PUBLIC_CERT: ${MC_SSL_PUBLIC_CERT:-}
MC_SSL_PRIVATE_KEY: ${MC_SSL_PRIVATE_KEY:-}
MC_SSL_PROXY_PUBLIC_CERT: ${MC_SSL_PROXY_PUBLIC_CERT:-}
MC_SSL_PROXY_PRIVATE_KEY: ${MC_SSL_PROXY_PRIVATE_KEY:-}
XGT_SERVER_CN: ${XGT_SERVER_CN:-}
XGT_AUTH_TYPES: ${XGT_AUTH_TYPES:-}
MC_OIDC_ISSUER: ${MC_OIDC_ISSUER:-}
MC_OIDC_CLIENT_ID: ${MC_OIDC_CLIENT_ID:-}
MC_OIDC_CLIENT_SECRET: ${MC_OIDC_CLIENT_SECRET:-}
MC_OIDC_SCOPES: ${MC_OIDC_SCOPES:-}
MC_OIDC_FRONTEND_URL: ${MC_OIDC_FRONTEND_URL:-}
MC_OIDC_REDIRECT_URI: ${MC_OIDC_REDIRECT_URI:-}
MC_OIDC_ALLOWED_ORIGINS: ${MC_OIDC_ALLOWED_ORIGINS:-}
MC_OIDC_TLS_VERIFY: ${MC_OIDC_TLS_VERIFY:-}
MC_XGT_ALLOWED_HOSTS: ${MC_XGT_ALLOWED_HOSTS:-}
LD_LIBRARY_PATH: "/odbc:${MC_ODBC_LIBRARY_PATH-}"
networks:
- database-network
- external-network
volumes:
- ${XGT_SSL_SERVER_CERT:-~/.rocketgraph/.fallback_mount/certs/xgt-server.pem}:/etc/ssl/certs/xgt-server.pem:ro,Z
- ${MC_SSL_PROXY_PUBLIC_CERT:-~/.rocketgraph/.fallback_mount/certs/proxy-client-cert.pem}:/etc/ssl/certs/proxy-client-cert.pem:ro,Z
- ${MC_SSL_PROXY_PRIVATE_KEY:-~/.rocketgraph/.fallback_mount/certs/proxy-client-key.pem}:/etc/ssl/private/proxy-client-key.pem:ro,Z
- ${MC_ODBC_PATH:-~/.rocketgraph/.fallback_mount/odbc}:/odbc:Z
- ${MC_IBM_IACCESS_PATH:-~/.rocketgraph/.fallback_mount/iaccess}:/opt/ibm/iaccess:Z
- ${MC_SITE_CONFIG_YML:-~/.rocketgraph/.fallback_mount/site_config.yml}:/app/site_config/site_config.yml:ro,Z
- ${MC_SITE_CONFIG_PY:-~/.rocketgraph/.fallback_mount/site_config.py}:/app/site_config/site_config.py:ro,Z
- ${MC_OIDC_CA_CERT:-~/.rocketgraph/.fallback_mount/oidc-ca.pem}:/etc/ssl/certs/oidc-ca.pem:ro,z
depends_on:
mongodb:
condition: service_healthy
healthcheck:
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:5000/api/health', timeout=5)"]
interval: 60s
timeout: 5s
retries: 5
start_period: 15s
xgt:
image: ${XGT_IMAGE:-docker.io/rocketgraph/xgt:latest}
ports:
- "${XGT_PORT:-4367}:4367"
volumes:
- ${XGT_CONF_PATH:-~/.rocketgraph/conf}:/conf:Z
- ${XGT_DATA_PATH:-~/.rocketgraph/data}:/data:Z
- ${XGT_LOG_PATH:-~/.rocketgraph/log}:/log:Z
- ${XGT_LICENSE_FILE:-~/.rocketgraph/.fallback_mount/license/xgtd.lic}:/license/xgtd.lic:Z
- ${MC_OIDC_CA_CERT:-~/.rocketgraph/.fallback_mount/oidc-ca.pem}:/etc/ssl/certs/oidc-ca.pem:ro,z
healthcheck:
test: ["CMD-SHELL", "if [ -x /bin/grpc_health_probe ]; then /bin/grpc_health_probe -addr=:4366; else bash -c 'echo > /dev/tcp/localhost/4367'; fi"]
interval: 30s
timeout: 5s
retries: 3
start_period: 30s
networks:
- external-network
mongodb:
image: ${MC_MONGODB_IMAGE:-docker.io/library/mongo:latest}
restart: always
networks:
- database-network
volumes:
- mongodb-data:/data/db
healthcheck:
test: "mongosh --eval \"db.adminCommand('ping')\" || mongo --eval \"db.adminCommand('ping')\""
interval: 30s
timeout: 5s
retries: 3
start_period: 10s
volumes:
mongodb-data:
networks:
database-network:
internal: true
external-network: