ESiuH4zn

· 7 years ago · Mar 28, 2018, 09:30 AM
1version: '2'
2services:
3  etcd:
4    restart: always
5    volumes:
6      - /mnt/storage/kqueen/etcd/:/0.etcd/
7  api:
8    image: kqueen/api:v0.18
9    restart: always
10    environment:
11      KQUEEN_CONFIG_FILE: config/prod.py
12      KQUEEN_DEBUG: 'False'
13      KQUEEN_ETCD_HOST: etcd
14      KQUEEN_PROMETHEUS_WHITELIST: '172.16.238.0/24'
15      # TODO: set SECRET_KEY
16      KQUEEN_SECRET_KEY: 'SecretSecretSecret123'
17      BOOTSTRAP_ADMIN: 'True'
18      BOOTSTRAP_ADMIN_USERNAME: admin
19      # TODO: set admin password
20      BOOTSTRAP_ADMIN_PASSWORD:
21      BOOTSTRAP_ADMIN_ORGANIZATION: DemoOrg
22      BOOTSTRAP_ADMIN_NAMESPACE: demoorg
23    volumes:
24      - ./kqueen/config/prod.py:/code/kqueen/config/prod.py
25      - /tmp/log/kqueen-api:/var/log/kqueen-api
26    depends_on:
27      - etcd
28  proxy:
29    env_file:
30      - .env
31    build:
32      context: ./prod/nginx/
33      # TODO: check that NGINX_VHOSTNAME from .env file  is equal with generated ssl-cert
34      args:
35        - DEBUG=${NGINX_DEBUG}
36        - VHOSTNAME=${NGINX_VHOSTNAME}
37        - SSL_CERTIFICATE_DIR=${NGINX_SSL_CERTIFICATE_DIR}/${NGINX_VHOSTNAME}
38        - SSL_CERTIFICATE_PATH=${NGINX_SSL_CERTIFICATE_DIR}/${NGINX_VHOSTNAME}/fullchain.cer
39        - SSL_CERTIFICATE_KEY_PATH=${NGINX_SSL_CERTIFICATE_DIR}/${NGINX_VHOSTNAME}/${NGINX_VHOSTNAME}.key
40        - SSL_TRUSTED_CERTIFICATE_PATH=${NGINX_SSL_CERTIFICATE_DIR}/${NGINX_VHOSTNAME}/ca.cer
41    restart: always
42    ports:
43      - 443:443
44      - 80:80
45    volumes:
46      - /mnt/storage/kqueen/certs/:${NGINX_SSL_CERTIFICATE_DIR}/${NGINX_VHOSTNAME}/:ro
47    volumes_from:
48      - ui:ro
49    depends_on:
50      - ui
51  ui:
52    image: kqueen/ui:v0.8
53    environment:
54      KQUEENUI_PREFERRED_URL_SCHEME: https
55      KQUEEN_UI_CONFIG_FILE: config/prod.py
56      KQUEENUI_DEBUG: 'False'
57      # TODO: set SECRET_KEY
58      KQUEENUI_SECRET_KEY: 'SecretSecretSecret123'
59      KQUEENUI_KQUEEN_API_URL: http://api:5000/api/v1/
60      KQUEENUI_KQUEEN_AUTH_URL: http://api:5000/api/v1/auth
61      KQUEENUI_KQUEEN_SERVICE_USER_USERNAME: admin
62      # TODO: set same password as in api BOOTSTRAP_ADMIN_PASSWORD
63      KQUEENUI_KQUEEN_SERVICE_USER_PASSWORD:
64      KQUEENUI_MAIL_SERVER: mail
65      KQUEENUI_MAIL_PORT: 10025
66      KQUEENUI_ENABLE_PUBLIC_REGISTRATION: 'True'
67      STATIC_DIR: /mnt/static/
68    volumes:
69      - /mnt/static/
70      - /tmp/log/kqueen-ui:/var/log/kqueen-ui
71    restart: always
72    depends_on:
73      - api
74  mail:
75    image: modularitycontainers/postfix
76    restart: always
77    environment:
78      MYHOSTNAME: 'mail'
79  prometheus:
80    image: prom/prometheus
81    restart: always
82    ports:
83      - 127.0.0.1:9090:9090
84    volumes:
85      - ./prod/prometheus/:/etc/prometheus/:Z
86      - /mnt/storage/kqueen/prometheus/:/prometheus/
87    links:
88      - api
89      - etcd