Skip to content
Snippets Groups Projects
Commit bbd0cb28 authored by Bert Palm's avatar Bert Palm :bug:
Browse files

rm defaults on ENV in base

parent e2687022
No related branches found
No related tags found
1 merge request!131No env defaults
Hide whitespace changes
Inline Side-by-side
.env.example
+ 3
0
View file @ bbd0cb28
......@@ -31,6 +31,7 @@ POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_PORT=127.0.0.1:5432
POSTGRES_HEALTHCHECK_INTERVAL=10s
POSTGRES_EXTRA_PARAMS=
# POSTGRES_EXTRA_PARAMS=-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
POSTGRES_TLS_CERT_PATH=/tmp/c8cf2d92-73cd-11ec-b035-54e1ad7c5c19
POSTGRES_TLS_KEY_PATH=/tmp/c8cf2d92-73cd-11ec-b035-54e1ad7c5c19
......@@ -157,6 +158,7 @@ DJANGO_DEBUG=0
DJANGO_HELMHOLTZ_CLIENT_ID=ufz-tsm
DJANGO_HELMHOLTZ_CLIENT_SECRET=00000000000000000000
DJANGO_HELMHOLTZ_AAI_CONF_URL=https://login-dev.helmholtz.de/oauth2/.well-known/openid-configuration
# VOS: Virtual Organisations
ALLOWED_VOS=UFZ-Timeseries-Management
############################################################
......@@ -167,6 +169,7 @@ ALLOWED_VOS=UFZ-Timeseries-Management
# tsmdl (python, fastapi)
############################################################
TSM_DL_IMAGE_TAG=latest
UVICORN_ARGS=
############################################################
# mqtt-cat (mosquitto)
......
docker-compose-base.yml
+ 102
151
View file @ bbd0cb28
......@@ -51,52 +51,34 @@ services:
# To see how and where the creation of each db is defined see in the volumes section
# for the scripts, which gets mounted and executed on startup.
database:
restart: "${RESTART:-on-failure}"
# image: timescale/timescaledb:${DATABASE_IMAGE_TAG:-latest-pg14}
restart: "${RESTART}"
# image: timescale/timescaledb:${DATABASE_IMAGE_TAG-pg14}
build:
context: "data/postgres"
args:
UID: "${UID}"
ports:
- "${POSTGRES_PORT:-127.0.0.1:5432}:5432"
- "${POSTGRES_PORT}:5432"
environment:
POSTGRES_USER: "${POSTGRES_USER:\
?Please define an postgres user!}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:\
?Please define an postgres password!}"
POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
PGDATA: "/var/lib/postgresql/data/pgdata"
MQTT_AUTH_POSTGRES_USER: "${MQTT_AUTH_POSTGRES_USER:?\
Please define a mqtt auth database user!}"
MQTT_AUTH_POSTGRES_PASS: "${MQTT_AUTH_POSTGRES_PASS:?\
Please define a mqtt auth database password!}"
S3MAP_POSTGRES_USER: "${S3MAP_POSTGRES_USER:?\
Please define a s3-map database user!}"
S3MAP_POSTGRES_PASS: "${S3MAP_POSTGRES_PASS:?\
Please define a s3-map database password!}"
FRONTEND_POSTGRES_USER: "${FRONTEND_POSTGRES_USER:?\
Please define a frontend database user!}"
FRONTEND_POSTGRES_PASS: "${FRONTEND_POSTGRES_PASS:?\
Please define a frontend database password!}"
SMS_DB_USER: "${SMS_DB_USER:\
?Please define a SMS postgres user!}"
SMS_DB_PASSWORD: "${SMS_DB_PASSWORD:\
?Please define a SMS postgres password!}"
SMS_DB_PORT: "${SMS_DB_PORT:\
?Please define a SMS postgres port!}"
SMS_DB_DB: "${SMS_DB_DB:\
?Please define a SMS postgres DB name!}"
SMS_DB_HOST: "${SMS_DB_HOST:\
?Please define a SMS postgres host!}"
CV_DB_USER: "${CV_DB_USER:\
?Please define a SMS_CV postgres user!}"
CV_DB_PASSWORD: "${CV_DB_PASSWORD:\
?Please define a SMS_CV postgres password!}"
CV_DB_PORT: "${CV_DB_PORT:\
?Please define a SMS_CV postgres port!}"
CV_DB_DB: "${CV_DB_DB:\
?Please define a SMS_CV postgres DB name!}"
CV_DB_HOST: "${CV_DB_HOST:\
?Please define a SMS_CV postgres host!}"
MQTT_AUTH_POSTGRES_USER: "${MQTT_AUTH_POSTGRES_USER}"
MQTT_AUTH_POSTGRES_PASS: "${MQTT_AUTH_POSTGRES_PASS}"
S3MAP_POSTGRES_USER: "${S3MAP_POSTGRES_USER}"
S3MAP_POSTGRES_PASS: "${S3MAP_POSTGRES_PASS}"
FRONTEND_POSTGRES_USER: "${FRONTEND_POSTGRES_USER}"
FRONTEND_POSTGRES_PASS: "${FRONTEND_POSTGRES_PASS}"
SMS_DB_USER: "${SMS_DB_USER}"
SMS_DB_PASSWORD: "${SMS_DB_PASSWORD}"
SMS_DB_PORT: "${SMS_DB_PORT}"
SMS_DB_DB: "${SMS_DB_DB}"
SMS_DB_HOST: "${SMS_DB_HOST}"
CV_DB_USER: "${CV_DB_USER}"
CV_DB_PASSWORD: "${CV_DB_PASSWORD}"
CV_DB_PORT: "${CV_DB_PORT}"
CV_DB_DB: "${CV_DB_DB}"
CV_DB_HOST: "${CV_DB_HOST}"
volumes:
- "./data/postgres/sms_db/sms_ddl.sql:/docker-entrypoint-initdb.d/01_sms_ddl.sql"
- "./data/postgres/sms_db/sms_fdw.sh:/docker-entrypoint-initdb.d/02_sms_fdw.sh"
......@@ -109,14 +91,11 @@ services:
- "./frontend/frontend-database.sh:/docker-entrypoint-initdb.d/frontend-database.sh:ro"
- "./dispatcher/s3_to_db.sh:/docker-entrypoint-initdb.d/s3_to_db.sh:ro"
- "./data/postgres/data:/var/lib/postgresql/data"
- "./data/postgres/postgres-force-ssl.sh:\
/docker-entrypoint-initdb.d/postgres-force-ssl.sh"
- "${POSTGRES_TLS_CERT_PATH:-/tmp/c8cf2d92-\
73cd-11ec-b035-54e1ad7c5c19}:/var/lib/postgresql/server.crt"
- "${POSTGRES_TLS_KEY_PATH:-/tmp/c8cf2d92-\
73cd-11ec-b035-54e1ad7c5c19}:/var/lib/postgresql/server.key"
- "./data/postgres/postgres-force-ssl.sh:/docker-entrypoint-initdb.d/postgres-force-ssl.sh"
- "${POSTGRES_TLS_CERT_PATH}:/var/lib/postgresql/server.crt"
- "${POSTGRES_TLS_KEY_PATH}:/var/lib/postgresql/server.key"
user: "${UID}:${GID}"
command: "${POSTGRES_EXTRA_PARAMS:-}"
command: "${POSTGRES_EXTRA_PARAMS}"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $POSTGRES_USER"]
interval: "${POSTGRES_HEALTHCHECK_INTERVAL:-10s}"
......@@ -141,43 +120,40 @@ services:
# The upload can be done via (S)FTP or via a client or via a web frontend. The storage
# sends mqtt messages to the broker on file upload (and other events).
object-storage:
image: "minio/minio:${OBJECT_STORAGE_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "minio/minio:${OBJECT_STORAGE_IMAGE_TAG}"
restart: "${RESTART}"
ports:
- "${MINIO_SFTP_PORT:-127.0.0.1:40022}:22"
- "${MINIO_FTP_PORT:-127.0.0.1:40021}:21"
- "${MINIO_FTP_PASV_PORTS:-127.0.0.1:30000-30010:30000-30010}"
- "${MINIO_SFTP_PORT}:22"
- "${MINIO_FTP_PORT}:21"
- "${MINIO_FTP_PASV_PORTS}"
depends_on:
mqtt-broker:
condition: "service_started"
init:
condition: "service_completed_successfully"
environment:
MINIO_ROOT_USER: "${MINIO_ROOT_USER:?Please define an minio root user!}"
MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:?\
Please define an minio root user password!}"
MINIO_ROOT_USER: "${MINIO_ROOT_USER}"
MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD}"
MINIO_BROWSER_REDIRECT_URL: "${MINIO_BROWSER_REDIRECT_URL}"
MINIO_NOTIFY_MQTT_ENABLE_LOCAL_BROKER: "on"
MINIO_NOTIFY_MQTT_BROKER_LOCAL_BROKER: "tcp://mqtt-broker:1883"
MINIO_NOTIFY_MQTT_TOPIC_LOCAL_BROKER: "object_storage_notification"
MINIO_NOTIFY_MQTT_USERNAME_LOCAL_BROKER: "${MQTT_USER:\
?Please define a mqtt user!}"
MINIO_NOTIFY_MQTT_PASSWORD_LOCAL_BROKER: "${MQTT_PASSWORD:\
?Please define a mqtt password!}"
MINIO_NOTIFY_MQTT_USERNAME_LOCAL_BROKER: "${MQTT_USER}"
MINIO_NOTIFY_MQTT_PASSWORD_LOCAL_BROKER: "${MQTT_PASSWORD}"
MINIO_NOTIFY_MQTT_KEEP_ALIVE_INTERVAL_LOCAL_BROKER: "60s"
# MINIO_NOTIFY_MQTT_QOS_LOCAL_BROKER: "<string>"
MINIO_NOTIFY_MQTT_RECONNECT_INTERVAL_LOCAL_BROKER: "60s"
# MINIO_NOTIFY_MQTT_QUEUE_DIR_LOCAL_BROKER: "<string>"
# MINIO_NOTIFY_MQTT_QUEUE_LIMIT_LOCAL_BROKER: "<string>"
# MINIO_NOTIFY_MQTT_COMMENT_LOCAL_BROKER: "<string>"
MINIO_SERVER_URL: "${MINIO_SERVER_URL:-}"
MINIO_SERVER_URL: "${MINIO_SERVER_URL}"
volumes:
- "./data/minio/vol0:/vol0"
# FTP server tls key and cert
- "${MINIO_FTP_TLS_CRT:-./data/minio/certs/minio-ftp.crt}:/certs/minio-ftp.crt:ro"
- "${MINIO_FTP_TLS_KEY:-./data/minio/certs/minio-ftp.key}:/certs/minio-ftp.key:ro"
- "${MINIO_FTP_TLS_CRT}:/certs/minio-ftp.crt:ro"
- "${MINIO_FTP_TLS_KEY}:/certs/minio-ftp.key:ro"
# SSH Server key to provide constant ssh host key
- "${MINIO_SFTP_HOSTKEY:-./data/minio/certs/id_ed25519}:/certs/id_ed25519:ro"
- "${MINIO_SFTP_HOSTKEY}:/certs/id_ed25519:ro"
user: "${UID}:${GID}"
command:
- "server"
......@@ -199,7 +175,7 @@ services:
- "/vol0"
healthcheck:
test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1
interval: "${MINIO_HEALTHCHECK_INTERVAL:-2s}"
interval: "${MINIO_HEALTHCHECK_INTERVAL}"
timeout: 5s
retries: 15
......@@ -215,8 +191,8 @@ services:
# This is the main message bus, all mqtt messages are send here. Services can
# subscribe to topics and will receive messages that was sent to them.
mqtt-broker:
restart: "${RESTART:-on-failure}"
image: "iegomez/mosquitto-go-auth:${MQTT_BROKER_IMAGE_TAG:-latest}"
restart: "${RESTART}"
image: "iegomez/mosquitto-go-auth:${MQTT_BROKER_IMAGE_TAG}"
depends_on:
database:
condition: "service_healthy"
......@@ -228,59 +204,40 @@ services:
- "/docker-entrypoint.sh"
user: "${UID}:${GID}"
environment:
MQTT_USER: "${MQTT_USER:?Please define a mqtt user!}"
MQTT_PASSWORD: "${MQTT_PASSWORD:?Please define a mqtt password!}"
MQTT_INGEST_USER: "${MQTT_INGEST_USER:?Please define a mqtt user!}"
MQTT_INGEST_PASSWORD: "${MQTT_INGEST_PASSWORD:?\
Please define a mqtt password!}"
MQTT_AUTH_POSTGRES_HOST: "${MQTT_AUTH_POSTGRES_HOST:?\
Please define a mqtt auth database host!}"
MQTT_AUTH_POSTGRES_PORT: "${MQTT_AUTH_POSTGRES_PORT:?\
Please define a mqtt auth database portt!}"
MQTT_AUTH_POSTGRES_USER: "${MQTT_AUTH_POSTGRES_USER:?\
Please define a mqtt auth database user!}"
MQTT_AUTH_POSTGRES_PASS: "${MQTT_AUTH_POSTGRES_PASS:?\
Please define a mqtt auth database password!}"
MQTT_AUTH_POSTGRES_DB: "${MQTT_AUTH_POSTGRES_DB\
:?Please define a mqtt auth database name!}"
MQTT_AUTH_PG_TLSMODE: "${MQTT_AUTH_PG_TLSMODE\
:?Please define a mqtt auth database connection\
tls mode!}"
FRONTEND_MQTT_USER: "${FRONTEND_MQTT_USER\
:?Please define a frontend mqtt user!}"
FRONTEND_MQTT_PASS: "${FRONTEND_MQTT_PASS\
:?Please define a frontend mqtt password!}"
MQTT_USER: "${MQTT_USER}"
MQTT_PASSWORD: "${MQTT_PASSWORD}"
MQTT_INGEST_USER: "${MQTT_INGEST_USER}"
MQTT_INGEST_PASSWORD: "${MQTT_INGEST_PASSWORD}"
MQTT_AUTH_POSTGRES_HOST: "${MQTT_AUTH_POSTGRES_HOST}"
MQTT_AUTH_POSTGRES_PORT: "${MQTT_AUTH_POSTGRES_PORT}"
MQTT_AUTH_POSTGRES_USER: "${MQTT_AUTH_POSTGRES_USER}"
MQTT_AUTH_POSTGRES_PASS: "${MQTT_AUTH_POSTGRES_PASS}"
MQTT_AUTH_POSTGRES_DB: "${MQTT_AUTH_POSTGRES_DB}"
MQTT_AUTH_PG_TLSMODE: "${MQTT_AUTH_PG_TLSMODE}"
FRONTEND_MQTT_USER: "${FRONTEND_MQTT_USER}"
FRONTEND_MQTT_PASS: "${FRONTEND_MQTT_PASS}"
ports:
- "${MOSQUITTO_PORT:-127.0.0.1:1883}:1883"
- "${MOSQUITTO_PORT_SECURE:-127.0.0.1:8883}:8883"
- "${MOSQUITTO_PORT}:1883"
- "${MOSQUITTO_PORT_SECURE}:8883"
volumes:
- "${MOSQUITTO_CONFIG:-./mosquitto/mosquitto.dev.conf}\
:/etc/mosquitto/config/mosquitto.conf:ro"
- "${MOSQUITTO_TLS_CONFIG:-./mosquitto/mosquitto.tls.conf}\
:/etc/mosquitto/config/tls/mosquitto.tls.conf:ro"
- "${MOSQUITTO_CONFIG}:/etc/mosquitto/config/mosquitto.conf:ro"
- "${MOSQUITTO_TLS_CONFIG}:/etc/mosquitto/config/tls/mosquitto.tls.conf:ro"
- "./data/mosquitto/auth:/mosquitto-auth/"
- "${MOSQUITTO_TLS_CERT_PATH:-/tmp/c8cf2d92\
-73cd-11ec-b035-54e1ad7c5c19}:\
/mosquitto/config/certs/server.crt:ro"
- "${MOSQUITTO_TLS_KEY_PATH:-/tmp/c8cf2d92\
-73cd-11ec-b035-54e1ad7c5c19}:\
/mosquitto/config/certs/server.key:ro"
- "${MOSQUITTO_TLS_CA_PATH:-/tmp/c8cf2d92\
-73cd-11ec-b035-54e1ad7c5c19}:/mosquitto/config/certs/ca.crt:ro"
- "${MOSQUITTO_TLS_CERT_PATH}:/mosquitto/config/certs/server.crt:ro"
- "${MOSQUITTO_TLS_KEY_PATH}:/mosquitto/config/certs/server.key:ro"
- "${MOSQUITTO_TLS_CA_PATH}:/mosquitto/config/certs/ca.crt:ro"
- "./mosquitto/docker-entrypoint.sh:/docker-entrypoint.sh"
tmpfs:
- "/var/lib/mosquitto/:uid=${UID}"
healthcheck:
test: ["CMD-SHELL", "mosquitto_sub -t \
'$$SYS/broker/version' -C 1 -u $${MQTT_USER} \
-P $${MQTT_PASSWORD} --id docker-compose-healthcheck"]
interval: "${MQTT_BROKER_HEALTHCHECK_INTERVAL:-10s}"
test: ["CMD-SHELL", "mosquitto_sub -t \ '$$SYS/broker/version' -C 1 -u $${MQTT_USER} \ -P $${MQTT_PASSWORD} --id docker-compose-healthcheck"]
interval: "${MQTT_BROKER_HEALTHCHECK_INTERVAL}"
timeout: 10s
retries: 6
logging:
options:
max-size: "${MQTT_BROKER_LOG_SIZE:-100K}"
max-file: "${MQTT_BROKER_FILE_COUNT:-10}"
max-size: "${MQTT_BROKER_LOG_SIZE}"
max-file: "${MQTT_BROKER_FILE_COUNT}"
......@@ -297,15 +254,13 @@ services:
# ===========
# This visualize observations of a group or project that are stored in the database.
visualization:
restart: "${RESTART:-on-failure}"
image: "grafana/grafana:${GRAFANA_IMAGE_TAG:-latest}"
restart: "${RESTART}"
image: "grafana/grafana:${GRAFANA_IMAGE_TAG}"
user: "${UID}:${GID}"
environment:
- "GF_SECURITY_ADMIN_USER=\
${GRAFANA_USER:?Please define a grafana user}"
- "GF_SECURITY_ADMIN_PASSWORD=\
${GRAFANA_PASSWORD:?Please define a grafana password}"
- "GF_SERVER_ROOT_URL=${GRAFANA_PROXY_URL:-http://localhost/visualization/}"
- "GF_SECURITY_ADMIN_USER=${GRAFANA_USER}"
- "GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}"
- "GF_SERVER_ROOT_URL=${GRAFANA_PROXY_URL}"
- "GF_SERVER_SERVE_FROM_SUB_PATH=true"
- "GF_AUTH_GENERIC_OAUTH_ENABLED=true"
- "GF_AUTH_GENERIC_OAUTH_NAME=Helmholtz AAI"
......@@ -333,17 +288,15 @@ services:
# ===========
# TODO
tsmdl:
image: "registry.hzdr.de/ufz-tsm/tsm-ufz-tsmdl/tsm-ufz-tsmdl:${TSM_DL_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-ufz-tsmdl/tsm-ufz-tsmdl:${TSM_DL_IMAGE_TAG}"
restart: "${RESTART}"
entrypoint: "/app/start.sh"
environment:
DB_URL: "postgresql://\
${CREATEDB_POSTGRES_USER:?Please define an postgres user!}:\
${CREATEDB_POSTGRES_PASSWORD:?Please define an postgres password!}@\
${CREATEDB_POSTGRES_HOST:-database}/\
${CREATEDB_POSTGRES_DATABASE:-postgres}"
${CREATEDB_POSTGRES_USER}:${CREATEDB_POSTGRES_PASSWORD}@\
${CREATEDB_POSTGRES_HOST}/${CREATEDB_POSTGRES_DATABASE}"
WEB_CONCURRENCY: 10
UVICORN_ARGS: "${UVICORN_ARGS:-} --root-path /tsmdl"
UVICORN_ARGS: "${UVICORN_ARGS} --root-path /tsmdl"
depends_on:
database:
condition: service_healthy
......@@ -362,9 +315,9 @@ services:
build:
context: "data/tomcat"
args:
UID: "${UID:-1000}"
GID: "${GID:-1000}"
restart: "${RESTART:-on-failure}"
UID: "${UID}"
GID: "${GID}"
restart: "${RESTART}"
volumes:
- "./data/tomcat/context:/usr/local/tomcat/conf/Catalina/localhost:ro"
- "./data/tomcat/index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp"
......@@ -379,8 +332,8 @@ services:
# ===========
# TODO
frontend:
image: "registry.hzdr.de/ufz-tsm/tsm-frontend/tsm-frontend:${FRONTEND_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-frontend/tsm-frontend:${FRONTEND_IMAGE_TAG}"
restart: "${RESTART}"
command: >
bash -c "python3 manage.py migrate
&& python3 manage.py loaddata admin_interface_theme_foundation.json
......@@ -399,7 +352,7 @@ services:
# - "127.0.0.1:8000:8000"
environment:
- "POSTGRES_HOST=${FRONTEND_POSTGRES_HOST}"
- "POSTGRES_NAME=${FRONTEND_POSTGRES_DB:-postgres}"
- "POSTGRES_NAME=${FRONTEND_POSTGRES_DB}"
- "POSTGRES_USER=${FRONTEND_POSTGRES_USER}"
- "POSTGRES_PASSWORD=${FRONTEND_POSTGRES_PASS}"
- "PUBLISH_THING_TO_BROKER=True"
......@@ -410,22 +363,20 @@ services:
- "MQTT_PASSWORD=${FRONTEND_MQTT_PASS}"
- "DJANGO_SUPERUSER_USERNAME=${DJANGO_SUPERUSER_USERNAME}"
- "DJANGO_SUPERUSER_PASSWORD=${DJANGO_SUPERUSER_PASSWORD}"
- "DJANGO_SUPERUSER_EMAIL=${DJANGO_SUPERUSER_EMAIL:-example@example.com}"
- "DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY:?Please define a unique and\
secure Django secret key!}"
- "DJANGO_DEBUG=${DJANGO_DEBUG:-0}"
- "DJANGO_TRUSTED_ORIGINS=${DJANGO_TRUSTED_ORIGINS:-http://localhost:80}"
- "DJANGO_BASE_PATH=${DJANGO_BASE_PATH:-/frontend/}"
- "DJANGO_ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS:-}"
- "POSTGRES_SSLMODE=${DJANGO_POSTGRES_SSLMODE:-verify-full}"
- "DJANGO_HELMHOLTZ_CLIENT_ID=${DJANGO_HELMHOLTZ_CLIENT_ID:-ufz-tsm}"
- "DJANGO_HELMHOLTZ_CLIENT_SECRET=${DJANGO_HELMHOLTZ_CLIENT_SECRET:-00000000000000000000}"
- "DJANGO_HELMHOLTZ_AAI_CONF_URL=${DJANGO_HELMHOLTZ_AAI_CONF_URL:\
-https://login-dev.helmholtz.de/oauth2/.well-known/openid-configuration}"
- "MINIO_FTP_PORT=${MINIO_FTP_PORT:-127.0.0.1:40021}"
- "MINIO_SFTP_PORT=${MINIO_SFTP_PORT:-127.0.0.1:40022}"
- "PROXY_URL=${PROXY_URL:-http://localhost:80}"
- "ALLOWED_VOS=${ALLOWED_VOS:-}"
- "DJANGO_SUPERUSER_EMAIL=${DJANGO_SUPERUSER_EMAIL}"
- "DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY}"
- "DJANGO_DEBUG=${DJANGO_DEBUG}"
- "DJANGO_TRUSTED_ORIGINS=${DJANGO_TRUSTED_ORIGINS}"
- "DJANGO_BASE_PATH=${DJANGO_BASE_PATH}"
- "DJANGO_ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS}"
- "POSTGRES_SSLMODE=${DJANGO_POSTGRES_SSLMODE}"
- "DJANGO_HELMHOLTZ_CLIENT_ID=${DJANGO_HELMHOLTZ_CLIENT_ID}"
- "DJANGO_HELMHOLTZ_CLIENT_SECRET=${DJANGO_HELMHOLTZ_CLIENT_SECRET}"
- "DJANGO_HELMHOLTZ_AAI_CONF_URL=${DJANGO_HELMHOLTZ_AAI_CONF_URL}"
- "MINIO_FTP_PORT=${MINIO_FTP_PORT}"
- "MINIO_SFTP_PORT=${MINIO_SFTP_PORT}"
- "PROXY_URL=${PROXY_URL}"
- "ALLOWED_VOS=${ALLOWED_VOS}"
depends_on:
database:
......@@ -449,19 +400,19 @@ services:
# - the service frost to URL/sta
# - the service tsmdl to URL/tsmdl
proxy:
image: "nginx:${NGINX_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "nginx:${NGINX_IMAGE_TAG}"
restart: "${RESTART}"
ports:
- "${PROXY_PLAIN_PORT:-127.0.0.1:80:80}"
- "${PROXY_TLS_PORT:-127.0.0.1:443:443}"
- "${PROXY_MINIO_PORT:-127.0.0.1:9000:9000}"
- "${PROXY_PLAIN_PORT}"
- "${PROXY_TLS_PORT}"
- "${PROXY_MINIO_PORT}"
volumes:
- "frontend-statics:/home/appuser/app/static"
- "./nginx/html:/usr/share/nginx/html"
- "./nginx/${PROXY_SITE_CONFIG_FILE:-tsm.dev.conf}:/etc/nginx/conf.d/default.conf:ro"
- "./nginx/${PROXY_SITE_CONFIG_FILE}:/etc/nginx/conf.d/default.conf:ro"
- "./nginx/locations:/etc/nginx/locations:ro"
- "${PROXY_TLS_CERT_PATH:-/tmp/c8cf2d92-73cd-11ec-b035-54e1ad7c5c19}:/etc/ssl/public.crt:ro"
- "${PROXY_TLS_KEY_PATH:-/tmp/c8cf2d92-73cd-11ec-b035-54e1ad7c5c19}:/etc/ssl/private.key:ro"
- "${PROXY_TLS_CERT_PATH}:/etc/ssl/public.crt:ro"
- "${PROXY_TLS_KEY_PATH}:/etc/ssl/private.key:ro"
depends_on:
frontend:
condition: "service_started"
......
docker-compose-worker.yml
+ 16
16
View file @ bbd0cb28
......@@ -7,8 +7,8 @@ services:
# =================================================================
worker-object-storage-setup:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "${RESTART}"
depends_on:
mqtt-broker:
condition: "service_healthy"
......@@ -34,8 +34,8 @@ services:
worker-db-setup:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "${RESTART}"
depends_on:
mqtt-broker:
condition: "service_healthy"
......@@ -59,8 +59,8 @@ services:
worker-frost-setup:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "${RESTART}"
depends_on:
mqtt-broker:
condition: "service_healthy"
......@@ -80,7 +80,7 @@ services:
worker-mqtt-user-creation:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: on-failure
depends_on:
mqtt-broker:
......@@ -103,8 +103,8 @@ services:
worker-grafana-dashboard:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "${RESTART}"
depends_on:
mqtt-broker:
condition: "service_healthy"
......@@ -129,7 +129,7 @@ services:
# =================================================================
worker-file-ingest:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "on-failure"
depends_on:
mqtt-broker:
......@@ -169,7 +169,7 @@ services:
worker-run-qaqc:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "on-failure"
depends_on:
mqtt-broker:
......@@ -198,7 +198,7 @@ services:
worker-mqtt-ingest:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: on-failure
depends_on:
mqtt-broker:
......@@ -226,8 +226,8 @@ services:
# =================================================================
worker-grafana-user-orgs:
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-dispatcher/dispatcher:${DISPATCHER_IMAGE_TAG}"
restart: "${RESTART}"
depends_on:
mqtt-broker:
condition: "service_healthy"
......@@ -248,8 +248,8 @@ services:
basic-demo-scheduler:
image: "registry.hzdr.de/ufz-tsm/tsm-basic-demo-scheduler/basic_demo_scheduler:${SCHEDULER_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "registry.hzdr.de/ufz-tsm/tsm-basic-demo-scheduler/basic_demo_scheduler:${SCHEDULER_IMAGE_TAG}"
restart: "${RESTART}"
# prevent blocking/slowing-down of other services
# if many scheduler jobs occur at the same time
cpu_count: ${SCHEDULER_CPU_COUNT:-1}
......
docker-compose.yml
+ 9
9
View file @ bbd0cb28
......@@ -8,34 +8,34 @@ include:
services:
mqtt-cat:
restart: "${RESTART:-on-failure}"
image: "eclipse-mosquitto:${MQTT_CAT_IMAGE_TAG:-latest}"
restart: "${RESTART}"
image: "eclipse-mosquitto:${MQTT_CAT_IMAGE_TAG}"
depends_on:
mqtt-broker:
condition: "service_started"
logging:
options:
max-size: "${MQTT_CAT_LOG_SIZE:-100K}"
max-file: "${MQTT_CAT_FILE_COUNT:-10}"
max-size: "${MQTT_CAT_LOG_SIZE}"
max-file: "${MQTT_CAT_FILE_COUNT}"
command:
- "mosquitto_sub"
- "-h"
- "mqtt-broker"
- "--pretty"
- "-u"
- "${MQTT_USER:?Please define a mqtt user!}"
- "${MQTT_USER}"
- "-P"
- "${MQTT_PASSWORD:?Please define a mqtt password!}"
- "${MQTT_PASSWORD}"
- "-t"
- "#"
- "-v"
monitoring:
image: "gcr.io/cadvisor/cadvisor:${MONITORING_IMAGE_TAG:-latest}"
restart: "${RESTART:-on-failure}"
image: "gcr.io/cadvisor/cadvisor:${MONITORING_IMAGE_TAG}"
restart: "${RESTART}"
container_name: "cadvisor"
ports:
- "${CADVISOR_PORT:-127.0.0.1:8080}:8080"
- "${CADVISOR_PORT}:8080"
volumes:
- "/:/rootfs:ro"
- "/var/run:/var/run:ro"
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

A HIFIS Service | Privacy | Imprint | Support | Documentation | Changelog