147 lines
5.2 KiB
YAML
147 lines
5.2 KiB
YAML
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- pg_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${REDIS_PORT:-6379}:6379"
|
|
volumes:
|
|
- redis_data:/data
|
|
|
|
broker_db:
|
|
image: postgres:16-alpine
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${BROKER_DB_NAME:-qortal_broker}
|
|
POSTGRES_USER: ${BROKER_DB_USER:-qortal_broker}
|
|
POSTGRES_PASSWORD: ${BROKER_DB_PASSWORD:-qortal_brokerpass}
|
|
volumes:
|
|
- broker_db_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${BROKER_DB_USER:-qortal_broker} -d ${BROKER_DB_NAME:-qortal_broker}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
qortal_node:
|
|
build:
|
|
context: ${QORTAL_NODE_CONTEXT:-../qortal}
|
|
dockerfile: ${QORTAL_NODE_DOCKERFILE:-Dockerfile}
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${QORTAL_NODE_GATEWAY_BIND_HOST:-127.0.0.1}:${QORTAL_NODE_GATEWAY_HOST_PORT:-12390}:8080"
|
|
- "${QORTAL_NODE_API_BIND_HOST:-127.0.0.1}:${QORTAL_NODE_API_HOST_PORT:-12391}:12391"
|
|
- "${QORTAL_NODE_P2P_BIND_HOST:-0.0.0.0}:${QORTAL_NODE_P2P_HOST_PORT:-12392}:12392"
|
|
- "${QORTAL_NODE_QDN_BIND_HOST:-0.0.0.0}:${QORTAL_NODE_QDN_HOST_PORT:-12394}:12394"
|
|
volumes:
|
|
- ./qortal/data:/qortal
|
|
|
|
app:
|
|
image: nextcloud:32-apache
|
|
restart: unless-stopped
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
ports:
|
|
- "${NEXTCLOUD_PORT:-8080}:80"
|
|
environment:
|
|
POSTGRES_HOST: db
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
REDIS_HOST: redis
|
|
NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER}
|
|
NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD}
|
|
NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_TRUSTED_DOMAINS}
|
|
NEXTCLOUD_UPDATE: 1
|
|
QORTAL_BROKER_INTERNAL_API_TOKEN: ${BROKER_INTERNAL_API_TOKEN}
|
|
volumes:
|
|
- ./nextcloud/html:/var/www/html
|
|
- ./nextcloud/data:/var/www/html/data
|
|
- ./nextcloud/custom_apps:/var/www/html/custom_apps
|
|
|
|
broker:
|
|
build:
|
|
context: ./services/qortal-oidc-broker
|
|
dockerfile: Dockerfile
|
|
restart: unless-stopped
|
|
depends_on:
|
|
app:
|
|
condition: service_started
|
|
broker_db:
|
|
condition: service_healthy
|
|
ports:
|
|
- "${BROKER_PORT:-3000}:3000"
|
|
environment:
|
|
PORT: 3000
|
|
NEXTCLOUD_BASE_URL: ${NEXTCLOUD_BASE_URL}
|
|
NEXTCLOUD_PUBLIC_URL: ${NEXTCLOUD_PUBLIC_URL:-}
|
|
NEXTCLOUD_SERVICE_USER: ${NEXTCLOUD_SERVICE_USER}
|
|
NEXTCLOUD_SERVICE_PASSWORD: ${NEXTCLOUD_SERVICE_PASSWORD}
|
|
BROKER_DATABASE_URL: ${BROKER_DATABASE_URL:-postgresql://qortal_broker:qortal_brokerpass@broker_db:5432/qortal_broker}
|
|
QORTAL_EXTERNAL_AUTH_BASE_URL: ${QORTAL_EXTERNAL_AUTH_BASE_URL:-http://external_auth:3191}
|
|
QORTAL_EXTERNAL_AUTH_APP_ID: ${QORTAL_EXTERNAL_AUTH_APP_ID}
|
|
QORTAL_EXTERNAL_AUTH_APP_SECRET: ${QORTAL_EXTERNAL_AUTH_APP_SECRET}
|
|
BROKER_INTERNAL_API_TOKEN: ${BROKER_INTERNAL_API_TOKEN}
|
|
BROKER_CORS_ALLOWED_ORIGINS: ${BROKER_CORS_ALLOWED_ORIGINS}
|
|
OIDC_ISSUER: ${OIDC_ISSUER}
|
|
OIDC_CLIENT_ID: ${OIDC_CLIENT_ID:-nextcloud-local}
|
|
OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET:-dev-secret}
|
|
OIDC_REDIRECT_URI_ALLOWLIST: ${OIDC_REDIRECT_URI_ALLOWLIST:-}
|
|
OIDC_POLICY_MODE: ${OIDC_POLICY_MODE:-link_only}
|
|
OIDC_AUTO_PROVISION_GUARD: ${OIDC_AUTO_PROVISION_GUARD:-invite_or_allowlist}
|
|
OIDC_INVITE_TTL_SECONDS: ${OIDC_INVITE_TTL_SECONDS:-604800}
|
|
OIDC_AUTH_REQUEST_TTL_SECONDS: ${OIDC_AUTH_REQUEST_TTL_SECONDS:-600}
|
|
OIDC_AUTH_CODE_TTL_SECONDS: ${OIDC_AUTH_CODE_TTL_SECONDS:-120}
|
|
OIDC_ACCESS_TOKEN_TTL_SECONDS: ${OIDC_ACCESS_TOKEN_TTL_SECONDS:-600}
|
|
OIDC_ID_TOKEN_TTL_SECONDS: ${OIDC_ID_TOKEN_TTL_SECONDS:-600}
|
|
OIDC_LOGIN_LOGO_URL: ${OIDC_LOGIN_LOGO_URL:-}
|
|
OIDC_PRIVATE_KEY_PEM: ${OIDC_PRIVATE_KEY_PEM:-}
|
|
OIDC_KEY_ID: ${OIDC_KEY_ID:-}
|
|
volumes:
|
|
- ./services/qortal-oidc-broker/src:/app/src
|
|
- ./services/qortal-oidc-broker/tsconfig.json:/app/tsconfig.json
|
|
|
|
external_auth:
|
|
profiles: ["external-auth"]
|
|
build:
|
|
context: ${EXTERNAL_AUTH_CONTEXT:-../Qortal-External-Auth}
|
|
dockerfile: ${EXTERNAL_AUTH_DOCKERFILE:-Dockerfile}
|
|
restart: unless-stopped
|
|
depends_on:
|
|
qortal_node:
|
|
condition: service_started
|
|
environment:
|
|
QORTAL_AUTH_PORT: ${EXTERNAL_AUTH_PORT:-3191}
|
|
QORTAL_AUTH_HOST: 0.0.0.0
|
|
QORTAL_AUTH_NODE_URL: ${QORTAL_AUTH_NODE_URL:-http://qortal_node:12391}
|
|
QORTAL_AUTH_NODE_API_KEY: ${QORTAL_AUTH_NODE_API_KEY:-}
|
|
QORTAL_AUTH_NODE_API_KEY_MODE: ${QORTAL_AUTH_NODE_API_KEY_MODE:-paths}
|
|
QORTAL_AUTH_NODE_API_KEY_PATHS: ${QORTAL_AUTH_NODE_API_KEY_PATHS:-/}
|
|
QORTAL_AUTH_DATA_DIR: /data
|
|
ports:
|
|
- "127.0.0.1:${EXTERNAL_AUTH_PORT:-3191}:3191"
|
|
volumes:
|
|
- ./external-auth/data:/data
|
|
|
|
volumes:
|
|
pg_data:
|
|
redis_data:
|
|
broker_db_data:
|