version: '3.5'
volumes:
postgres_data:
driver: local
services:
gitsearch-app:
image: sharing-codeability.uibk.ac.at:5051/development/sharing/codeability-sharing-platform/gitsearch/$GITBRANCH
container_name: sharing_search
restart: always
hostname: sharing_search
environment:
- _JAVA_OPTIONS=-Xmx512m -Xms256m
- SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE}
- MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED=true
- SPRING_DATASOURCE_URL=jdbc:mysql://sharing_mysql:3306/gitsearch?useUnicode=true&allowPublicKeyRetrieval=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true
- JHIPSTER_SLEEP=5 # gives a small time for other services to boot before the application
- SPRING_DATA_JEST_URI=http://sharing_elasticsearch:9200
- SPRING_ELASTICSEARCH_REST_URIS=http://sharing_elasticsearch:9200
# see https://stackoverflow.com/questions/62676762/how-can-a-variable-set-in-the-docker-env-file-be-used-in-application-yml
- JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64SECRET=${JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64SECRET}
- SECURITY_OAUTH2_CLIENT_PROVIDER_GITLABOIDC_ISSUERURI=${SECURITY_OAUTH2_CLIENT_PROVIDER_GITLABOIDC_ISSUERURI}
- SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTID=${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTID}
- SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTSECRET=${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTSECRET}
- APPLICATION_GITLAB_GENERALACCESSTOKEN=${APPLICATION_GITLAB_GENERALACCESSTOKEN}
- APPLICATION_GITLAB_ADMINACCESSTOKEN=${APPLICATION_GITLAB_ADMINACCESSTOKEN}
- CONNECTOR_ARTEMIS_TOKEN=${CONNECTOR_ARTEMIS_TOKEN}
- gitBranch=${GITBRANCH}
- GITBRANCH=${GITBRANCH}
- gitCommitId=${COMMIT_ID}
- gitCommitDate=${COMMIT_DATE}
- GITSEARCH_PATH=/home/contDeploy/gitsearch2/gitsearch
- OIDC_KEYCLOAK_CLIENTID=${OIDC_KEYCLOAK_CLIENTID}
- MAIL_USERNAME=${MAIL_USERNAME}
- MAIL_PASSWORD=${MAIL_PASSWORD}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- EDU_SHARING_USER=${EDU_SHARING_USER}
- EDU_SHARING_PASSWORD=${EDU_SHARING_PASSWORD}
#KEYCLOAK
# - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OIDC_ISSUER_URI=http://keycloak:9080/auth/realms/jhipster
# - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_ID=web_app
# - SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OIDC_CLIENT_SECRET=web_app
ports:
- 10084:8080
logging:
options:
max-size: 50m
depends_on:
- sharing_mysql
# - sharing_elasticsearch
networks:
- backend
- frontend
sharing_mysql:
image: mysql:8.0.20
container_name: sharing_mysql
hostname: sharing_mysql
volumes:
- '$MYSQL_HOME:/var/lib/mysql/'
logging:
options:
max-size: 50m
environment:
- MYSQL_USER=root
- MYSQL_ROOT_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=gitsearch
command: mysqld --lower_case_table_names=1 --skip-ssl --character_set_server=utf8mb4 --explicit_defaults_for_timestamp
restart: always
networks:
- backend
docker-hoster:
image: dvdarias/docker-hoster
volumes:
- /etc/hosts:/tmp/hosts
- /var/run/docker.sock:/tmp/docker.sock
restart: always
networks:
- backend
- frontend
gitlab:
build: gitlab-setup/sendmail
image: 'gitlab_sendmail:16.9.2'
container_name: sharing_gitlab
restart: always
hostname: $GITLAB_HOSTNAME
networks:
- frontend
- backend
environment:
GITLAB_HOME: $GITLAB_HOME
EXTERNAL_URL: $EXTERNAL_URL
GITLAB_HOSTNAME: $GITLAB_HOSTNAME
INDEXING_SERVICE_URL: $INDEXING_SERVICE_URL
MAIL_USERNAME: $MAIL_USERNAME
MAIL_PASSWORD: $MAIL_PASSWORD
GITLAB_OMNIBUS_CONFIG: |
external_url '$EXTERNAL_URL'
registry_external_url '$EXTERNAL_URL:5051'
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'notifications@sharing-codeability.uibk.ac.at'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@sharing-codeability.uibk.ac.at'
gitlab_rails['gitlab_email_subject_suffix'] = ''
letsencrypt['enable'] = false
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = false
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['referrer_policy'] = 'same-origin'
nginx['http2_enabled'] = true
nginx['custom_gitlab_server_config'] = "location /-/plantuml/ { \n proxy_cache off; \n proxy_pass http://plantuml:8080/; \n}\n"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.uibk.ac.at"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = '$MAIL_USERNAME'
gitlab_rails['smtp_password'] = '$MAIL_PASSWORD'
gitlab_rails['smtp_domain'] = "smtp.uibk.ac.at"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
ports:
- '10082:80'
- '10083:443'
- '5051:5051'
- '22:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
- '$GITLAB_HOME/file_hooks:/opt/gitlab/embedded/service/gitlab-rails/file_hooks'
- '$GITLAB_HOME/data/backups/secrets:/secret/gitlab/backups'
depends_on:
- elasticsearch
- plantuml
elasticsearch:
image: 'docker.elastic.co/elasticsearch/elasticsearch:8.8.1'
container_name: sharing_elasticsearch
restart: always
environment:
- 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
- node.name=es01
- cluster.name=sharing_elasticsearch
- discovery.type=single-node
- xpack.security.enabled=false
volumes:
- '$ES_HOME/data:/usr/share/elasticsearch/data'
ports: # add this for your local testing setup
- '9200:9200' # add this for your local testing setup
- '9300:9300' # add this for your local testing setup
networks:
- backend
# - frontend # add this for your local testing setup
plantuml:
image: 'plantuml/plantuml-server:tomcat-v1.2023.1'
container_name: sharing_plantuml
restart: always
networks:
- backend
networks:
frontend:
name: sharing_frontend
driver: bridge
ipam:
driver: default
config:
- subnet: 172.22.0.0/16
backend:
name: sharing_backend
driver: bridge
ipam:
driver: default
config:
- subnet: 172.21.0.0/16
internal: false