mirror of https://github.com/samply/bridgehead.git
Refactor Docker Compose
- Replaced GUI_HOST with HOST - Removed NODE_ENV - Combine init_onco and backend service - removed node_modules and .svelte-kit volumes - removed mongodb volumes - adjusted http_proxy and https_proxy - adjusted path prefix from oaut2 to oauth2-ovis - removed network-mode "host" in fhir-transformer service
This commit is contained in:
tm16-medma
parent
86a2b78d8f
commit
e3f7f5d32b
|
|
@ -5,20 +5,20 @@ services:
|
||||||
ovis-traefik-forward-auth:
|
ovis-traefik-forward-auth:
|
||||||
image: quay.io/oauth2-proxy/oauth2-proxy:latest
|
image: quay.io/oauth2-proxy/oauth2-proxy:latest
|
||||||
environment:
|
environment:
|
||||||
- http_proxy=${http_proxy}
|
- http_proxy=${http_proxy:-http://forward_proxy:3128}
|
||||||
- https_proxy=${https_proxy}
|
- https_proxy=${https_proxy:-http://forward_proxy:3128}
|
||||||
- OAUTH2_PROXY_PROVIDER=oidc
|
- OAUTH2_PROXY_PROVIDER=oidc
|
||||||
- OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true
|
- OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true
|
||||||
- OAUTH2_PROXY_OIDC_ISSUER_URL=${OAUTH_ISSUER_URL}
|
- OAUTH2_PROXY_OIDC_ISSUER_URL=${OAUTH_ISSUER_URL}
|
||||||
- OAUTH2_PROXY_CLIENT_ID=${OAUTH_CLIENT_ID}
|
- OAUTH2_PROXY_CLIENT_ID=${OAUTH_CLIENT_ID}
|
||||||
- OAUTH2_PROXY_CLIENT_SECRET=${OAUTH_CLIENT_SECRET}
|
- OAUTH2_PROXY_CLIENT_SECRET=${OAUTH_CLIENT_SECRET}
|
||||||
- OAUTH2_PROXY_COOKIE_SECRET=${AUTHENTICATION_SECRET}
|
- OAUTH2_PROXY_COOKIE_SECRET=${AUTHENTICATION_SECRET}
|
||||||
- OAUTH2_PROXY_COOKIE_DOMAINS=.${GUI_HOST:-localhost}
|
- OAUTH2_PROXY_COOKIE_DOMAINS=.${HOST:-localhost}
|
||||||
- OAUTH2_PROXY_COOKIE_REFRESH=4m
|
- OAUTH2_PROXY_COOKIE_REFRESH=4m
|
||||||
- OAUTH2_PROXY_COOKIE_EXPIRE=24h
|
- OAUTH2_PROXY_COOKIE_EXPIRE=24h
|
||||||
- OAUTH2_PROXY_HTTP_ADDRESS=:4180
|
- OAUTH2_PROXY_HTTP_ADDRESS=:4180
|
||||||
- OAUTH2_PROXY_REVERSE_PROXY=true
|
- OAUTH2_PROXY_REVERSE_PROXY=true
|
||||||
- OAUTH2_PROXY_WHITELIST_DOMAINS=.${GUI_HOST:-localhost}
|
- OAUTH2_PROXY_WHITELIST_DOMAINS=.${HOST:-localhost}
|
||||||
- OAUTH2_PROXY_UPSTREAMS=static://202
|
- OAUTH2_PROXY_UPSTREAMS=static://202
|
||||||
- OAUTH2_PROXY_EMAIL_DOMAINS=*
|
- OAUTH2_PROXY_EMAIL_DOMAINS=*
|
||||||
- OAUTH2_PROXY_ALLOWED_GROUPS=app-ovis
|
- OAUTH2_PROXY_ALLOWED_GROUPS=app-ovis
|
||||||
|
|
@ -35,13 +35,12 @@ services:
|
||||||
- "traefik.http.middlewares.ovis-traefik-forward-auth.forwardauth.address=http://ovis-traefik-forward-auth:4180"
|
- "traefik.http.middlewares.ovis-traefik-forward-auth.forwardauth.address=http://ovis-traefik-forward-auth:4180"
|
||||||
- "traefik.http.middlewares.ovis-traefik-forward-auth.forwardauth.authResponseHeaders=Authorization, X-Forwarded-User, X-Auth-Request-User, X-Auth-Request-Email"
|
- "traefik.http.middlewares.ovis-traefik-forward-auth.forwardauth.authResponseHeaders=Authorization, X-Forwarded-User, X-Auth-Request-User, X-Auth-Request-Email"
|
||||||
- "traefik.http.services.ovis-traefik-forward-auth.loadbalancer.server.port=4180"
|
- "traefik.http.services.ovis-traefik-forward-auth.loadbalancer.server.port=4180"
|
||||||
- "traefik.http.routers.oauth2.rule=Host(`${GUI_HOST:-localhost}`) && PathPrefix(`/oauth2/`)"
|
- "traefik.http.routers.oauth2.rule=Host(`${HOST:-localhost}`) && PathPrefix(`/oauth2-ovis/`)"
|
||||||
- "traefik.http.routers.oauth2.tls=true"
|
- "traefik.http.routers.oauth2.tls=true"
|
||||||
|
|
||||||
fhir-transformer:
|
fhir-transformer:
|
||||||
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-fhir-transformer:latest
|
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-fhir-transformer:latest
|
||||||
restart: on-failure
|
restart: on-failure
|
||||||
network_mode: "host"
|
|
||||||
environment:
|
environment:
|
||||||
- FHIR_SERVER_URL=${FHIR_SERVER_URL:-http://bridgehead-ccp-blaze:8080/fhir}
|
- FHIR_SERVER_URL=${FHIR_SERVER_URL:-http://bridgehead-ccp-blaze:8080/fhir}
|
||||||
- FHIR_USERNAME=${FHIR_USERNAME}
|
- FHIR_USERNAME=${FHIR_USERNAME}
|
||||||
|
|
@ -53,72 +52,54 @@ services:
|
||||||
image: mongo:${MONGO_VER:-latest}
|
image: mongo:${MONGO_VER:-latest}
|
||||||
restart: always
|
restart: always
|
||||||
command: mongod
|
command: mongod
|
||||||
volumes:
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/mongo/mongo_db:/data/db
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/mongo/mongo_conf:/data/configdb
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/mongo/init/init.js:/docker-entrypoint-initdb.d/init.js
|
- /var/cache/bridgehead/ccp/ovis/mongo/init/init.js:/docker-entrypoint-initdb.d/init.js
|
||||||
|
|
||||||
init_onco:
|
|
||||||
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-backend:latest
|
|
||||||
restart: on-failure
|
|
||||||
working_dir: /app
|
|
||||||
user: root
|
|
||||||
entrypoint: >
|
|
||||||
sh -c "
|
|
||||||
while [ ! -f /shared/omock.json ]; do
|
|
||||||
echo 'Waiting for omock.json...'
|
|
||||||
sleep 5
|
|
||||||
done;
|
|
||||||
mkdir -p ./prep &&
|
|
||||||
cp /shared/omock.json ./prep/omock.json &&
|
|
||||||
node ./mgDB/prep/preprocessor.mjs;
|
|
||||||
echo 'Processing complete';"
|
|
||||||
depends_on:
|
|
||||||
- mongo
|
|
||||||
- fhir-transformer
|
|
||||||
environment:
|
|
||||||
- APOLLO_PORT=${APOLLO_PORT:-4001}
|
|
||||||
- CREDOS_PORT=${CREDOS_PORT:-4000}
|
|
||||||
- MONGO_VER=latest
|
|
||||||
- DB=${DB:-onc_test}
|
|
||||||
- ADRESS=${ADRESS:-mongodb://mongo:27017}
|
|
||||||
volumes:
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/shared_data:/shared
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/init_onco/node_modules:/app/node_modules
|
|
||||||
|
|
||||||
backend:
|
backend:
|
||||||
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-backend:latest
|
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-backend:latest
|
||||||
restart: always
|
restart: always
|
||||||
|
user: root
|
||||||
working_dir: /app
|
working_dir: /app
|
||||||
environment:
|
environment:
|
||||||
- APOLLO_PORT=${APOLLO_PORT:-4001}
|
- APOLLO_PORT=${APOLLO_PORT:-4001}
|
||||||
- CREDOS_PORT=${CREDOS_PORT:-4000}
|
- CREDOS_PORT=${CREDOS_PORT:-4000}
|
||||||
- MONGO_VER=latest
|
- MONGO_VER=latest
|
||||||
- NODE_ENV=development
|
|
||||||
- CORS_ORIGIN=*
|
- CORS_ORIGIN=*
|
||||||
- DB=${DB:-onc_test}
|
- DB=${DB:-onc_test}
|
||||||
- ADRESS=${ADRESS:-mongodb://mongo:27017}
|
- ADRESS=${ADRESS:-mongodb://mongo:27017}
|
||||||
depends_on:
|
depends_on:
|
||||||
- mongo
|
- mongo
|
||||||
- init_onco
|
- fhir-transformer
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "curl", "-f", "http://localhost:${APOLLO_PORT:-4001}/health"]
|
test: ["CMD", "curl", "-f", "http://localhost:${APOLLO_PORT:-4001}/health"]
|
||||||
interval: 5s
|
interval: 5s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
retries: 5
|
retries: 5
|
||||||
start_period: 10s
|
start_period: 10s
|
||||||
entrypoint: ["node", "--watch", "index.js"]
|
entrypoint: >
|
||||||
|
sh -c "
|
||||||
|
# First run the initialization process
|
||||||
|
while [ ! -f /shared/omock.json ]; do
|
||||||
|
echo 'Waiting for omock.json...'
|
||||||
|
sleep 5
|
||||||
|
done;
|
||||||
|
mkdir -p ./prep &&
|
||||||
|
cp /shared/omock.json ./prep/omock.json &&
|
||||||
|
node ./mgDB/prep/preprocessor.mjs &&
|
||||||
|
echo 'Processing complete' &&
|
||||||
|
exec node --watch index.js"
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.ovis-backend.tls=true"
|
- "traefik.http.routers.backend-gql.rule=Host(`${HOST:-localhost}`) && PathPrefix(`/graphql`)"
|
||||||
- "traefik.http.services.ovis-backend.loadbalancer.server.port=4001"
|
- "traefik.http.routers.backend-gql.tls=true"
|
||||||
|
- "traefik.http.services.backend-gql.loadbalancer.server.port=${APOLLO_PORT:-4001}"
|
||||||
|
volumes:
|
||||||
|
- /var/cache/bridgehead/ccp/ovis/shared_data:/shared
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-frontend:latest
|
image: docker.verbis.dkfz.de/ovis/adt-mon-gql-frontend:latest
|
||||||
restart: always
|
restart: always
|
||||||
environment:
|
environment:
|
||||||
- NODE_ENV=development
|
- PUBLIC_GRAPHQL_URL=https://${HOST:-localhost}/graphql
|
||||||
- VITE_GRAPHQL_URL=http://localhost:${APOLLO_PORT:-4001}/graphql
|
|
||||||
depends_on:
|
depends_on:
|
||||||
backend:
|
backend:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
|
|
@ -126,8 +107,6 @@ services:
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.ovis-frontend.tls=true"
|
- "traefik.http.routers.ovis-frontend.tls=true"
|
||||||
- "traefik.http.routers.ovis-frontend.rule=Host(`${GUI_HOST:-localhost}`)"
|
- "traefik.http.routers.ovis-frontend.rule=Host(`${HOST:-localhost}`)"
|
||||||
# - "traefik.http.routers.lens.middlewares=traefik-forward-auth"
|
- "traefik.http.routers.lens.middlewares=traefik-forward-auth"
|
||||||
- "traefik.http.services.ovis-frontend.loadbalancer.server.port=5173"
|
- "traefik.http.services.ovis-frontend.loadbalancer.server.port=5173"
|
||||||
volumes:
|
|
||||||
- /var/cache/bridgehead/ccp/ovis/frontend/.svelte-kit:/app/.svelte-kit
|
|
||||||
Loading…
Reference in New Issue