-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathdocker-compose.yml
134 lines (127 loc) · 3.85 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
services:
grants-db:
image: postgres:15-alpine
container_name: grants-db
command: postgres -c "log_lock_waits=on" -N 1000 -c "fsync=off"
env_file: ./local.env
ports:
- "5432:5432"
volumes:
- grantsdbdata:/var/lib/postgresql/data
networks:
- default
opensearch-node:
build:
context: .
dockerfile: opensearch/Dockerfile
container_name: opensearch-node
environment:
- cluster.name=opensearch-cluster # Name the cluster
- node.name=opensearch-node # Name the node that will run in this container
- discovery.type=single-node # Nodes to look for when discovering the cluster
- bootstrap.memory_lock=true # Disable JVM heap memory swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # Set min and max JVM heap sizes to at least 50% of system RAM
- DISABLE_INSTALL_DEMO_CONFIG=true # Prevents execution of bundled demo script which installs demo certificates and security configurations to OpenSearch
- DISABLE_SECURITY_PLUGIN=true # Disables Security plugin
ulimits:
memlock:
soft: -1 # Set memlock to unlimited (no soft or hard limit)
hard: -1
nofile:
soft: 65536 # Maximum number of open files for the opensearch user - set to at least 65536
hard: 65536
volumes:
- opensearch-data:/usr/share/opensearch/data # Creates volume called opensearch-data and mounts it to the container
ports:
- 9200:9200 # REST API
- 9600:9600 # Performance Analyzer
networks:
- default
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:latest
container_name: opensearch-dashboards
ports:
- 5601:5601 # Map host port 5601 to container port 5601
expose:
- "5601" # Expose port 5601 for web access to OpenSearch Dashboards
environment:
- 'OPENSEARCH_HOSTS=["http://opensearch-node:9200"]'
- DISABLE_SECURITY_DASHBOARDS_PLUGIN=true # disables security dashboards plugin in OpenSearch Dashboards
networks:
- default
localstack:
container_name: "${LOCALSTACK_DOCKER_NAME:-localstack-main}"
image: localstack/localstack
ports:
- "127.0.0.1:4566:4566" # LocalStack Gateway
- "127.0.0.1:4510-4559:4510-4559" # external services port range
environment:
# LocalStack configuration: https://docs.localstack.cloud/references/configuration/
- DEBUG=${DEBUG:-0}
# To improve startup time, only add services we use
- SERVICES=s3
- EAGER_SERVICES_LOADING=1
volumes:
- "${LOCALSTACK_VOLUME_DIR:-./volume}:/var/lib/localstack"
- "/var/run/docker.sock:/var/run/docker.sock"
networks:
- default
grants-api:
build:
context: .
target: dev
args:
- RUN_UID=${RUN_UID:-4000}
- RUN_USER=${RUN_USER:-api}
command:
[
"poetry",
"run",
"flask",
"--app",
"src.app",
"run",
"--host",
"0.0.0.0",
"--port",
"8080",
"--reload",
]
container_name: grants-api
env_file:
- path: ./local.env
required: true
- path: ./override.env
required: false
ports:
- 8080:8080
volumes:
- .:/api
depends_on:
- grants-db
- opensearch-node
- localstack
- mock-oauth2-server
networks:
- grants_backend
- default
mock-oauth2-server:
image: ghcr.io/navikt/mock-oauth2-server:2.1.10
ports:
- "5001:5001"
environment:
LOG_LEVEL: "debug"
SERVER_PORT: 5001
JSON_CONFIG_PATH: /app/config.json
networks:
- grants_backend
- default
volumes:
- ./mock-oauth/config.json:/app/config.json
- ./mock-oauth/mock-server-key.json:/app/resources/mock-oauth2-server-keys.json
volumes:
grantsdbdata:
opensearch-data:
networks:
grants_backend:
driver: bridge