Newer
Older
image: sharing-codeability.uibk.ac.at:5051/development/sharing/codeability-sharing-platform/gitsearch/$GITBRANCH
environment:
- _JAVA_OPTIONS=-Xmx512m -Xms256m
- SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE}
- MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED=true
- SPRING_DATASOURCE_URL=jdbc:mysql://sharing_mysql:3306/gitsearch?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true
- JHIPSTER_SLEEP=5 # gives a small time for other services to boot before the application
- SPRING_DATA_JEST_URI=http://sharing_elasticsearch:9200
- SPRING_ELASTICSEARCH_REST_URIS=http://sharing_elasticsearch:9200
# see https://stackoverflow.com/questions/62676762/how-can-a-variable-set-in-the-docker-env-file-be-used-in-application-yml
- JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64SECRET=${JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64SECRET}
- SECURITY_OAUTH2_CLIENT_PROVIDER_GITLABOIDC_ISSUERURI=${SECURITY_OAUTH2_CLIENT_PROVIDER_GITLABOIDC_ISSUERURI}
- SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTID=${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTID}
- SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTSECRET=${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTSECRET}
- APPLICATION_GITLAB_GENERALACCESSTOKEN=${APPLICATION_GITLAB_GENERALACCESSTOKEN}
- APPLICATION_GITLAB_ADMINACCESSTOKEN=${APPLICATION_GITLAB_ADMINACCESSTOKEN}
- CONNECTOR_ARTEMIS_TOKEN=${CONNECTOR_ARTEMIS_TOKEN}
- GITSEARCH_PATH=/home/contDeploy/gitsearch2/gitsearch
- MAIL_USERNAME=${MAIL_USERNAME}
- MAIL_PASSWORD=${MAIL_PASSWORD}
# - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/auth/realms/jhipster
# - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=web_app
# - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=web_app
networks:
- backend
- frontend
sharing_mysql:
image: mysql:8.0.20
environment:
- MYSQL_USER=root
- MYSQL_ALLOW_EMPTY_PASSWORD=yes
- MYSQL_DATABASE=gitsearch
command: mysqld --lower_case_table_names=1 --skip-ssl --character_set_server=utf8mb4 --explicit_defaults_for_timestamp
- POSTGRES_DB=keycloak
- POSTGRES_USER=${POSTGRES_USER_KEYCLOAK}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- backend
- frontend
depends_on:
- sharing_mysql
keycloak:
image: quay.io/keycloak/keycloak:18.0.2-legacy
environment:
- DB_VENDOR=POSTGRES
- DB_ADDR=postgres
- DB_DATABASE=keycloak
- DB_USER=${POSTGRES_USER_KEYCLOAK}
- DB_SCHEMA=public
- DB_PASSWORD=${POSTGRES_PASSWORD}
- KEYCLOAK_USER=${KEYCLOAK_USER}
- KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD}
- PROXY_ADDRESS_FORWARDING=true
- GITSEARCH_PATH=$GITSEARCH_PATH
# Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
#JDBC_PARAMS: "ssl=true"
ports:
- 8082:8080
- $GITSEARCH_PATH/src/main/resources/keycloak-theme/themes/gitsearch:/opt/jboss/keycloak/themes/gitsearch
#- /home/contDeploy/gitsearch2/gitsearch/src/main/resources/keycloak-theme/themes/gitsearch:/opt/jboss/keycloak/themes/gitsearch
# - ../resources/keycloak-theme/configuration:/opt/jboss/keycloak/standalone/configuration
depends_on:
- postgres
networks:
- backend
- frontend
docker-hoster:
image: dvdarias/docker-hoster
volumes:
- /etc/hosts:/tmp/hosts
- /var/run/docker.sock:/tmp/docker.sock
restart: always
networks:
- backend
- frontend
gitlab:
build: gitlab-setup/sendmail
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
container_name: sharing_gitlab
restart: always
hostname: $GITLAB_HOSTNAME
networks:
- frontend
- backend
environment:
GITLAB_HOME: $GITLAB_HOME
EXTERNAL_URL: $EXTERNAL_URL
GITLAB_HOSTNAME: $GITLAB_HOSTNAME
GITLAB_API_ROOT_ACCESS_TOKEN: $GITLAB_API_ROOT_ACCESS_TOKEN
INDEXING_SERVICE_URL: $INDEXING_SERVICE_URL
MAIL_USERNAME: $MAIL_USERNAME
MAIL_PASSWORD: $MAIL_PASSWORD
GITLAB_OMNIBUS_CONFIG: |
external_url '$EXTERNAL_URL'
registry_external_url '$EXTERNAL_URL:5051'
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'notifications@sharing-codeability.uibk.ac.at'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@sharing-codeability.uibk.ac.at'
gitlab_rails['gitlab_email_subject_suffix'] = ''
letsencrypt['enable'] = false
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = false
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['referrer_policy'] = 'same-origin'
nginx['http2_enabled'] = true
nginx['custom_gitlab_server_config'] = "location /-/plantuml/ { \n proxy_cache off; \n proxy_pass http://plantuml:8080/; \n}\n"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.uibk.ac.at"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = '$MAIL_USERNAME'
gitlab_rails['smtp_password'] = '$MAIL_PASSWORD'
gitlab_rails['smtp_domain'] = "smtp.uibk.ac.at"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
ports:
- '10082:80'
- '10083:443'
- '5051:5051'
- '22:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
- '$GITLAB_HOME/file_hooks:/opt/gitlab/embedded/service/gitlab-rails/file_hooks'
- '$GITLAB_HOME/data/backups/secrets:/secret/gitlab/backups'
depends_on:
- elasticsearch
- plantuml
elasticsearch:
image: 'docker.elastic.co/elasticsearch/elasticsearch:8.8.1'
container_name: sharing_elasticsearch
restart: always
environment:
- 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
- node.name=es01
- cluster.name=sharing_elasticsearch
- discovery.type=single-node
- xpack.security.enabled=false
volumes:
- '$ES_HOME/data:/usr/share/elasticsearch/data'
ports: # add this for your local testing setup
- '9200:9200' # add this for your local testing setup
- '9300:9300' # add this for your local testing setup
networks:
- backend
# - frontend # add this for your local testing setup
plantuml:
image: 'plantuml/plantuml-server:tomcat-v1.2023.1'
container_name: sharing_plantuml
restart: always
networks:
- backend
networks:
frontend:
name: sharing_frontend
driver: bridge
ipam:
driver: default
config:
- subnet: 172.22.0.0/16
backend:
name: sharing_backend
driver: bridge
ipam:
driver: default
config:
- subnet: 172.21.0.0/16
internal: false