compose.yaml

services:

  api:
    image: registry.gitlab.com/tibhannover/orkg/orkg-backend
    environment:
      ORKG_KEYCLOAK_HOST: "http://keycloak:8080"
      ORKG_OAUTH_TOKEN_ENDPOINT: "http://keycloak:8080/realms/orkg/protocol/openid-connect/token"
      ORKG_OAUTH_REGISTRATION_ENDPOINT: "http://keycloak:8080/realms/orkg/clients-registrations/openid-connect"
      SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUERURI: "http://keycloak:8080/realms/orkg"
      SPRING_DATASOURCE_URL: 'jdbc:postgresql://postgres/postgres'
      SPRING_NEO4J_URI: 'bolt://neo4j:7687'
      SPRING_PROFILES_ACTIVE: development
      #ORKG_SIMCOMP_HOST: 'http://simcomp:4321' # defaults to https://orkg.org/simcomp
      JDK_JAVA_OPTIONS: >-
        -Dcom.sun.management.jmxremote
        -Dcom.sun.management.jmxremote.port=9090
        -Dcom.sun.management.jmxremote.rmi.port=9090
        -Dcom.sun.management.jmxremote.authenticate=false
        -Dcom.sun.management.jmxremote.ssl=false
      JAVA_TOOL_OPTIONS: >-
        -agentlib:jdwp=transport=dt_socket,address=*:9999,server=y,suspend=n
    ports:
      - '127.0.0.1:8080:8080'
      #- '::1:8080:8080'
      - '127.0.0.1:9090:9090' # JMX
      - '127.0.0.1:9999:9999' # Remote debugging
    networks:
      - auth
      - mail
      - database
      - rest-api
      - simcomp
    depends_on:
      neo4j:
        condition: service_healthy
      postgres:
        condition: service_healthy

  neo4j:
    image: neo4j:4.4-community
    ports:
      - '127.0.0.1:7474:7474' # HTTP
      #- '::1:7474:7474'
      - '127.0.0.1:7687:7687' # BOLT
      #- '::1:7687:7687'
    environment:
      NEO4JLABS_PLUGINS: '["apoc"]'
      NEO4J_AUTH: none
      NEO4J_dbms_mode: SINGLE
      NEO4J_dbms_default__database: orkg
      NEO4J_dbms_memory_heap_max__size: 4G
      NEO4J_dbms_transaction_timeout: 30s
    healthcheck:
      test: [ "CMD", "/var/lib/neo4j/bin/cypher-shell", "-u", "$${NEO4J_USERNAME}", "-p", "$${NEO4J_PASSWORD}", "MATCH () RETURN count(*) as count" ]
      interval: 5s
      timeout: 10s
      retries: 10
    networks:
      - database
    volumes:
      - 'neo4j-data:/data'

  postgres:
    image: postgres:11
    expose:
      - '5432'
    ports:
      - '127.0.0.1:5432:5432'
      #- '::1:5432:5432'
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      PGDATA: /var/lib/postgresql/data/pgdata
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready", "-U", "$$POSTGRES_USER" ]
      interval: 5s
      timeout: 10s
      retries: 10
    networks:
      - database
    volumes:
      - 'postgres-data:/var/lib/postgresql/data/pgdata'

  keycloak:
    image: registry.gitlab.com/tibhannover/orkg/keycloak-docker-image:26
    command:
      - start
      - --optimized
      - --import-realm
    ports:
      - '127.0.0.1:8888:8080' # Port re-mapped to prevent conflict with API
    environment:
      KC_BOOTSTRAP_ADMIN_USERNAME: admin
      KC_BOOTSTRAP_ADMIN_PASSWORD: admin
      # KC_HOSTNAME: http://localhost:8888
      KC_HOSTNAME_STRICT: false
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/postgres
      KC_DB_USERNAME: postgres
      KC_DB_PASSWORD: postgres
      KC_HTTP_ENABLED: true
      TZ: Europe/Berlin
    volumes:
      - ./keycloak/src/main/resources/import:/opt/keycloak/data/import:ro
    depends_on:
      keycloak-postgres:
        condition:
          service_healthy
    networks:
      - auth
      - mail

  keycloak-postgres:
    image: postgres:17
    expose:
      - '5433'
    ports:
      - '127.0.0.1:5433:5432'
      #- '::1:5432:5432'
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: postgres
      PGDATA: /var/lib/postgresql/data/pgdata
      TZ: Europe/Berlin
    volumes:
      - 'keycloak-data:/var/lib/postgresql/data/pgdata'
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}" ]
      interval: 5s
      timeout: 10s
      retries: 10
    networks:
      - auth

  # Mail server. Can be used in Keycloak to test mail flows.
  mailserver:
    image: axllent/mailpit:v1.21
    restart: unless-stopped
    ports:
      - 1025:1025  # SMTP
      - 8025:8025  # User interface
    environment:
      # MP_MAX_MESSAGES: 5000
      MP_DATABASE: /data/mailpit.db
      MP_SMTP_AUTH_ACCEPT_ANY: 1
      MP_SMTP_AUTH_ALLOW_INSECURE: 1
    volumes:
      - mailpit-data:/data
    networks:
      - mail

  debughost:
    profiles:
      - debug
    image: buildpack-deps:curl
    stdin_open: true
    tty: true
    networks:
      - auth
      - database
      - mail
      - rest-api
      - simcomp

networks:
  auth:
  database:
  mail:
  rest-api:
  simcomp:
    # Uncomment the following lines if you want to test against a local SimComp instance:
    #name: orkg-simcomp-api_orkg_simcomp_api
    #external: true

volumes:
  neo4j-data:
  postgres-data:
  keycloak-data:
  mailpit-data: