gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd912762383'
${ noResults }
hetzner-ansible/templates/connect-compact/docker-compose.yml.j2

154 lines
6.0 KiB
Django/Jinja
Raw Blame History

version: '3.7'
networks:
back-tier:
external: True
front-tier:
external: True
volumes:
{{ connect_id }}-postgres-data: {}
{{ connect_id }}-elastic-data: {}
services:
{{ connect_id }}:
image: "{{ connect_image_name }}:{{ connect_version }}"
container_name: "{{ connect_id }}"
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ connect_id }}.service={{ connect_id }}"
- "traefik.http.routers.{{ connect_id }}.rule=Host(`{{ connect_id }}.{{ domain }}`)"
- "traefik.http.routers.{{ connect_id }}.entrypoints=websecure"
- "traefik.http.routers.{{ connect_id }}.tls=true"
- "traefik.http.routers.{{ connect_id }}.tls.certresolver=letsencrypt-http"
- "traefik.http.services.{{ connect_id }}.loadbalancer.server.port=8080"
{% if
connect_external_subdomain is defined
%}
- "traefik.http.routers.{{ connect_id }}-extern.service={{ connect_id }}-extern"
- "traefik.http.routers.{{ connect_id }}-extern.rule=Host(`{{ connect_external_subdomain }}.{{ domain }}`)"
- "traefik.http.routers.{{ connect_id }}-extern.entrypoints=websecure"
- "traefik.http.routers.{{ connect_id }}-extern.tls=true"
- "traefik.http.routers.{{ connect_id }}-extern.tls.certresolver=letsencrypt-http"
- "traefik.http.services.{{ connect_id }}-extern.loadbalancer.server.port=8080"
{% endif %}
environment:
NAME: "MPM eXecution 2.0"
TENANT_ID: "{{ connect_id }}"
ADMIN_LOGIN: "{{ connect_admin_username }}"
ADMIN_PASSWORD: "{{ connect_admin_password }}"
DATASOURCE_URL: "jdbc:postgresql://{{ connect_id }}-postgres:5432/connect-postgres"
DATASOURCE_USERNAME: "{{ connect_postgres_username }}"
DATASOURCE_PASSWORD: "{{ connect_postgres_password }}"
MAIL_PROTOCOL: "smtp"
MAIL_HOST: "smtp.web.de"
MAIL_PORT: "587"
MAIL_USER: "{{ connect_email_username }}"
MAIL_PASSWORD: "{{ connect_email_password }}"
MAIL_PROPERTIES_SIMULATION: "false"
MAIL_PROPERTIES_BASE_URL: "https://{{ connect_id }}.{{ domain }}"
MAIL_PROPERTIES_BASE_URL_EXTERN: "https://{{ connect_id }}.{{ domain }}"
MAIL_PROPERTIES_SENDER: "smardigo.email@web.de"
MAIL_PROPERTIES_SENDER_ALIAS: "noreply-connect"
MAIL_PROPERTIES_SMTP_AUTH: "true"
MAIL_PROPERTIES_SMTP_STARTTLS_ENABLE: "true"
MAIL_PROPERTIES_SMTP_STARTTLS_REQUIRED: "true"
AUTH_MODULE: "oidc"
OIDC_CLIENT_ID: "{{ connect_id }}"
OIDC_CLIENT_SECRET: "{{ connect_id }}"
OIDC_REGISTRATION_ID: "{{ connect_id }}"
OIDC_ISSUER_URI: "https://{{ keycloak_external_subdomain }}.{{ domain }}/auth/realms/{{ current_realm_name }}"
PASSWORD_CHANGE_URL: "https://{{ keycloak_external_subdomain }}.{{ domain }}/auth/realms/{{ current_realm_name }}/account/password"
USER_MANAGEMENT_URL: "https://{{ keycloak_external_subdomain }}.{{ domain }}/auth/admin/{{ current_realm_name }}/console"
IAM_MODULE: "external"
IAM_CLIENT_ENABLED: "true"
EXTERNAL_IAM_SERVER_URL: "http://{{ connect_id }}-iam:8080"
PROCESS_SEARCH_MODULE: "embedded"
ELASTIC_HOST: "{{ connect_id }}-elastic"
ELASTIC_PREFIX: "{{ connect_id }}"
ELASTIC_USERNAME: "{{ elasticsearch_username }}"
ELASTIC_PASSWORD: "{{ elasticsearch_password }}"
ELASTIC_SEARCH_INDEX: "search"
ELASTIC_MESSAGE_INDEX: "message"
ELASTIC_ANALYSIS_INDEX: "analysis"
SPRING_PROFILES_INCLUDE: "linked-applications, swagger, elastic"
PROCESS_SEARCH_MODULE: "external"
SPRINGDOC_SERVER_URL: "https://{{ connect_id }}.{{ domain }}"
SMA_CORS_ORIGINS: "https://{{ connect_id }}.{{ domain }}"
SMA_CORS_ALLOWED_METHODS: "*"
SMA_CORS_ALLOWED_HEADERS: "*"
SMA_CORS_PATH_PATTERN: "/**"
SMA_LANGUAGE_CODE: "en"
SMA_JWT_ENABLED: "True"
SMA_JWT_SECRET: "{{ sma_jwt_secret }}"
RESUBMISSION_ENABLED: "true"
ELEMENT_TEMPLATE_ENABLED: "true"
CONFIG_DELETE_SCOPE_ENABLED: "true"
EXTERNAL_TASK_SCRIPT_WORKER_ENABLED: "false"
CONFIG_DELETE_SCOPE_ENABLED: "true"
CONFIG_LOCAL_IMPORT_ENABLED: "true"
SMA_WORKFLOW_HEATMAP_ENABLED: "true"
LOG_LEVEL_CAMUNDA: "OFF"
LOG_LEVEL_JASYPT: "ERROR"
LOG_LEVEL_MESSAGE_QUEUE: "INFO"
LOG_LEVEL_DOCUMENT_INDEX: "INFO"
LOG_LEVEL_WORKFLOW_INDEX: "INFO"
LOG_LEVEL_WORKFLOW_ANALYSIS: "INFO"
volumes:
- "./config/application-linked-applications.yml:/config/application-linked-applications.yml"
networks:
- "back-tier"
- "front-tier"
{{ connect_id }}-postgres:
image: "postgres:12"
container_name: "{{ connect_id }}-postgres"
restart: always
environment:
POSTGRES_DB: "connect-postgres"
POSTGRES_USER: "{{ connect_postgres_username }}"
POSTGRES_PASSWORD: "{{ connect_postgres_password }}"
volumes:
- "{{ connect_id }}-postgres-data:/var/lib/postgresql/data"
networks:
- "back-tier"
{{ connect_id }}-elastic:
image: "docker.elastic.co/elasticsearch/elasticsearch:7.16.3"
container_name: "{{ connect_id }}-elastic"
restart: always
environment:
ES_JAVA_OPTS: "-Xmx2G -Xms2G"
ELASTIC_PASSWORD: "{{ elasticsearch_password }}"
volumes:
- "./config/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro"
- "{{ connect_id }}-elastic-data:/usr/share/elasticsearch/data"
networks:
- "back-tier"
{{ connect_id }}-iam:
image: "{{ iam_image_name }}:{{ iam_version }}"
container_name: "{{ connect_id }}-iam"
restart: always
environment:
SERVER_ERROR_INCLUDE_MESSAGE: "always"
IAM_KEYCLOAK_AUTH_SERVER_URL: "https://{{ keycloak_external_subdomain }}.{{ domain }}/auth"
IAM_KEYCLOAK_ADMIN_USER: "{{ keycloak_admin_username }}"
IAM_KEYCLOAK_ADMIN_PASSWORD: "{{ keycloak_admin_password }}"
IAM_JWT_CONFIG_READ_TIMEOUT: 3000
IAM_CACHE_TENANTS_TTL: "3600"
IAM_CACHE_ROLES_TTL: "60"
IAM_CACHE_USERS_TTL: "60"
IAM_CACHE_JWKS_TTL: "3600"
networks:
- "back-tier"
Reference in New Issue View Git Blame Copy Permalink