forked from SORMAS-Foundation/SORMAS-Docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-keycloak.yml
150 lines (141 loc) · 4.17 KB
/
docker-compose-keycloak.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
version: '2.3'
services:
sormas:
extends:
file: services-base.yml
service: base-sormas
labels:
- autoheal=true
# override for stop timeout seconds during restart
- autoheal.stop.timeout=30
links:
- postgres
environment:
- DB_JDBC_MAXPOOLSIZE=${DB_JDBC_MAXPOOLSIZE}
- AUTHENTICATION_PROVIDER=KEYCLOAK
- KEYCLOAK_SORMAS_UI_SECRET=${KEYCLOAK_SORMAS_UI_SECRET}
- KEYCLOAK_SORMAS_REST_SECRET=${KEYCLOAK_SORMAS_REST_SECRET}
- KEYCLOAK_SORMAS_BACKEND_SECRET=${KEYCLOAK_SORMAS_BACKEND_SECRET}
- CACERTS_PASS=${CACERTS_PASS}
- KEYSTORE_PASS=${KEYSTORE_PASS}
- SORMAS2SORMAS_ENABLED=${SORMAS2SORMAS_ENABLED}
- SORMAS2SORMAS_KEYALIAS=
- SORMAS2SORMAS_KEYSTORENAME=
- SORMAS2SORMAS_KEYPASSWORD=
- SORMAS2SORMAS_TRUSTSTORENAME=
- SORMAS2SORMAS_TRUSTSTOREPASSWORD=
- SORMAS2SORMAS_DIR=${SORMAS2SORMAS_DIR}
- SORMAS_ORG_ID=${SORMAS_ORG_ID}
- SORMAS_ORG_NAME=${SORMAS_ORG_NAME}
- SORMAS_HOST_NAME=${SORMAS_SERVER_URL}
- SORMAS_HTTPS_PORT=443
- SORMAS2SORMAS_RETAINCASEEXTERNALTOKEN=${SORMAS2SORMAS_RETAINCASEEXTERNALTOKEN}
- NAMESIMILARITYTHRESHOLD=${NAMESIMILARITYTHRESHOLD}
- DEMIS_ENABLED=${DEMIS_ENABLED}
volumes:
- ${SORMAS_PATH}/documents:/opt/sormas/documents
- ${SORMAS_PATH}/custom:/opt/sormas/custom
- ${SORMAS_PATH}/sormas-logs:/opt/domains/sormas/logs
- ./apache2/certs:/tmp/certs
- ${SORMAS_PATH}/demis:/tmp/${DOMAIN_NAME}/config/demis
healthcheck:
test: ["CMD", "curl", "-f", "-I", "http://localhost:6048"]
interval: 30s
timeout: 7s
retries: 3
start_period: 300s
depends_on:
postgres:
condition: service_healthy
keycloak:
condition: service_healthy
keycloak:
links:
- keycloak-postgres
extends:
file: services-base.yml
service: base-keycloak
depends_on:
keycloak-postgres:
condition: service_healthy
postgres:
extends:
file: services-base.yml
service: base-postgres
volumes:
- ${SORMAS_PATH}/psqldata:/var/lib/postgresql/data
ports:
- "5432:5432"
keycloak-postgres:
extends:
file: services-base.yml
service: base-keycloak-postgres
volumes:
- ${SORMAS_PATH}/keycloak/psqldata:/var/lib/postgresql/data
ports:
- 5433:5432
expose:
- 5432
pg_dump:
extends:
file: services-base.yml
service: base-pg_dump
environment:
- DB_HOST=${DB_HOST}
- PGPASSWORD=${SORMAS_POSTGRES_PASSWORD}
- POSTGRES_USER=${SORMAS_POSTGRES_USER}
- BACKUP_FILES=${BACKUP_FILES}
- BACKUP_PATH=${SORMAS_PATH}
- MIN=15,45 # Twice the hour on 15 and 45 (use crontab notation)
- HOUR= # Keep empty for every hour. Use crontab notation otherwise
- KEEP=1 # keep db dumps for one day in backup folder
volumes:
- /backup:/var/opt/db_dumps
- ${SORMAS_PATH}:${SORMAS_PATH}
depends_on:
postgres:
condition: service_healthy
pg_dump_keycloak:
extends:
file: services-base.yml
service: base-pg_dump
environment:
- DB_HOST=${KEYCLOAK_DB_HOST}
- PGPASSWORD=${KEYCLOAK_DB_PASSWORD}
- POSTGRES_USER=${KEYCLOAK_DB_USER}
- MIN=0 # At 0 Minutes
- HOUR=*/4 # Every 4 hours
- KEEP=1 # keep db dumps for one day in backup folder
- BACKUP_FILES=
volumes:
- /backup-keycloak:/var/opt/db_dumps
depends_on:
keycloak-postgres:
condition: service_healthy
apache2:
extends:
file: services-base.yml
service: base-apache2
links:
- sormas
- keycloak
environment:
- PROMETHEUS_SERVERS=${PROMETHEUS_SERVERS}
volumes:
- ./apache2/certs:/usr/local/apache2/certs
- ${SORMAS_PATH}/apache2_log:/var/log/apache2
ports:
- 443:443
- 80:80
depends_on:
sormas:
condition: service_healthy
autoheal:
extends:
file: services-base.yml
service: base-autoheal
environment:
# wait 0 seconds before first health check
- AUTOHEAL_START_PERIOD=0
volumes:
- /var/run/docker.sock:/var/run/docker.sock