-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathdocker-compose.yml
225 lines (201 loc) · 7.77 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
# https://docs.docker.com/compose/
# https://docs.docker.com/compose/compose-file
version: "3.5"
# Production:
# # https://docs.docker.com/compose/production/
# # adds to all services "restart: always"
# docker-compose -f docker-compose.yml -f production.yml up -d
# Development:
# # Mounts the local code for easy debugging with reloading
# docker-compose -f docker-compose.yml -f development.yml up
# At SIRC
# -f sirc.yml # volumes..
# Push:
# docker-compose -f docker-compose.yml build
# docker-compose -f docker-compose.yml push
# Worth a read:
# https://medium.com/softonic-eng/docker-compose-from-development-to-production-88000124a57c
# https://runnable.com/docker/advanced-docker-compose-configuration
# Container names will be prefixed with "qaboard-"
# Usage:
# - The application is served on port 8000
# - Your responsability to setup another reverse proxy on top for SSL
# - Just allow large bodies (TODO example with own ssl / cert-acme-bot-letsencrypt)
# General docker-compose usage:
# docker-compose up # start the whole stack
# docker-compose up -d # ...as a daemon
# docker-compose stop # stop the stack's containers
# docker-compose down --volumes # [dangerous] remove the data too
# docker-compose build web # build a single service
# docker-compose logs -f web # logs! -t/--timestamps --tail=10
# docker-compose run web env # "docker-run" commands from a service
# docker-compose up --no-deps -d web # start a single service
volumes:
data: {} # git clones (and custom batches.yaml for now...)
db: {} # database with runs, projects, output metadata...
rabbitmq-data: {}
cache_cantaloupe: {} # cache for the iiif image server
pgadmin: {}
# all builds still available for smooth upgrades
frontend_builds: {}
website_builds: {}
services:
# For all configuration options:
# https://hub.docker.com/_/postgres
# https://stackoverflow.com/questions/30848670/how-to-customize-the-configuration-file-of-the-official-postgresql-docker-image
db:
image: postgres:12-alpine
expose:
- "5432"
volumes:
- db:/var/lib/postgresql/data
- ./services/db:/opt
# - db-config:/etc/postgresql
# - db-log:/var/log/postgresql
environment:
- POSTGRES_USER=qaboard
- POSTGRES_PASSWORD=password
- POSTGRES_DB=qaboard
backend:
image: arthurflam/qaboard:backend
build:
cache_from: ["arthurflam/qaboard:backend"]
context: .
dockerfile: backend/Dockerfile
# Wait for the database to be ready - https://docs.docker.com/compose/startup-order/
command: ["./wait-for-it.sh", "${QABOARD_DB_HOST-db}:${QABOARD_DB_PORT-5432}", "--", "/qaboard/backend/init.sh"]
depends_on:
- db
expose:
- "3000"
volumes:
- data:/var/qaboard
- /mnt/qaboard:/mnt/qaboard
environment:
- SECRET_KEY
- UWSGI_PROCESSES=2
- UWSGI_LISTEN_QUEUE_SIZE=100
- QABOARD_DB_HOST
- QABOARD_DB_PORT
- JENKINS_AUTH
- GITLAB_AUTH
- GITLAB_ACCESS_TOKEN
frontend:
image: "arthurflam/qaboard:frontend"
build:
cache_from: ["arthurflam/qaboard:frontend"]
context: webapp
shm_size: 6gb
args:
REACT_APP_QABOARD_DOCS_ROOT: "/"
volumes:
- frontend_builds:/builds
# by default we assume you run the QA-Board on localhost, but will want to change this
environment:
- REACT_APP_QABOARD_HOST=http://localhost:5151
# Message broker used by the celery task scheduler
# https://hub.docker.com/_/rabbitmq
rabbitmq:
image: rabbitmq:3-management
# To store the data at a non-random location
hostname: rabbitmq-qaboard
volumes:
- rabbitmq-data:/var/lib/rabbitmq
ports:
- ${QABOARD_PORT_RABBITMQ:-5672}:5672
- ${QABOARD_PORT_RABBITMQ_MNGT:-15672}:15672
# https://flower.readthedocs.io/en/latest/config.html#options
flower:
image: mher/flower
environment:
- CELERY_BROKER_URL=pyamqp://guest@rabbitmq//
- CELERY_BROKER_API=http://guest:guest@rabbitmq:15672/api/
- FLOWER_PORT=8888
- FLOWER_URL_PREFIX=flower
ports:
- "8888:8888"
depends_on:
- rabbitmq
website:
image: "arthurflam/qaboard:website"
build:
cache_from: ["arthurflam/qaboard:website"]
context: website
shm_size: 4gb
# by default we assume you run the QA-Board on localhost, but will want to change this
args:
- QABOARD_URL=${QABOARD_URL:-http://localhost:5151}
volumes:
- website_builds:/builds
# nginx as reverse-proxy
# https://hub.docker.com/_/nginx
# FIXME: We're missing a webDAV module for dav_ext_methods... in the past we used nginx-extras on debian
# - https://askubuntu.com/questions/553937/what-is-the-difference-between-the-core-full-extras-and-light-packages-for-ngi
# - https://github.com/nginxinc/docker-nginx/issues/14
# It's not a heavily used feature though, and in case of urgent need there is
# build:
# context: .
# dockerfile: services/nginx/Dockerfile
proxy:
image: nginx:1.18
# https://github.com/docker-library/docs/tree/master/nginx#using-environment-variables-in-nginx-configuration
# TODO: template locations blocks for the mount, or find something... maybe include an optionnal file in the config?
command: /bin/bash -c "rm -rf /etc/nginx && cp -r /tmp/etc/nginx /etc && envsubst < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf && exec ${NGINX_BIN-nginx} -g 'daemon off;'"
environment:
- NGINX_USER=nginx
ports:
- ${QABOARD_PORT_HTTP:-5151}:80
volumes:
- /mnt/qaboard:/mnt/qaboard
- ./services/nginx:/tmp/etc/nginx:ro
- frontend_builds:/builds:ro
- website_builds:/docs:ro
depends_on:
- backend
- cantaloupe
- flower
# IIIF image server to serve images as tiles
cantaloupe:
image: "arthurflam/qaboard:cantaloupe"
build:
cache_from: ["arthurflam/qaboard:cantaloupe"]
context: ./services/cantaloupe
expose:
- "8182"
volumes:
- cache_cantaloupe:/var/cache/cantaloupe
- /mnt/qaboard:/repository/mnt/qaboard
- /srv/cantaloupe
environment:
CANTALOUPE_MEM_START: 1g
CANTALOUPE_MEM_MAX: 2g
command: sh -c 'java -Dcantaloupe.config=/etc/cantaloupe.properties -Dcom.sun.media.jai.disableMediaLib=true -Xms$${CANTALOUPE_MEM_START} -Xmx$${CANTALOUPE_MEM_MAX} -jar /usr/local/cantaloupe/cantaloupe-$${VERSION}.war'
# cron jobs
# https://github.com/getsentry/onpremise/blob/master/docker-compose.yml#L126-L133
# https://github.com/getsentry/onpremise/blob/master/cron/Dockerfile
# https://github.com/getsentry/onpremise/blob/master/cron/entrypoint.sh
# For convenience, we also bundle pgadmin
# Login at localhost:5050, and use "password" as password
# Note: pgadmin ships with utilities at e.g. /usr/local/pgsql-12
# More more configuration options, e.g. reverse proxying with nginx:
# https://www.pgadmin.org/docs/pgadmin4/development/container_deployment.html
pgadmin:
image: dpage/pgadmin4
environment:
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL:[email protected]}
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD:-SuperSecret}
# if you want to host it under a subdirectory, add a location.proxy_pass to the nginx conf
# SCRIPT_NAME: /pgadmin
volumes:
- pgadmin:/root/.pgadmin
# https://www.pgadmin.org/docs/pgadmin4/development/import_export_servers.html
- ./services/pgadmin/servers.json:/pgadmin4/servers.json
- ./services/pgadmin/passfile:/pgadmin4/passfile
ports:
- "${PGADMIN_PORT:-5050}:80"
# TODO: add redis to use celery?
# redis:
# image: "redis:alpine"
# Matamo:
# - Add a service like in ~/matamo?
# - in the frontend, check for MATAMO_URL being defined