mirror of https://github.com/samply/bridgehead.git
85 lines
3.0 KiB
YAML
85 lines
3.0 KiB
YAML
version: "3.7"
|
|
|
|
services:
|
|
blaze:
|
|
image: docker.verbis.dkfz.de/cache/samply/blaze:latest
|
|
container_name: bridgehead-ccp-blaze
|
|
environment:
|
|
BASE_URL: "http://bridgehead-ccp-blaze:8080"
|
|
JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m"
|
|
DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000}
|
|
DB_BLOCK_CACHE_SIZE: $BLAZE_MEMORY_CAP
|
|
ENFORCE_REFERENTIAL_INTEGRITY: "false"
|
|
volumes:
|
|
- "blaze-data:/app/data"
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)"
|
|
- "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement"
|
|
- "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080"
|
|
- "traefik.http.routers.blaze_ccp.middlewares=ccp_b_strip,auth"
|
|
- "traefik.http.routers.blaze_ccp.tls=true"
|
|
|
|
frontend:
|
|
image: "samply/blaze-frontend:latest"
|
|
environment:
|
|
ORIGIN: "https://${HOST}/ccp-blaze-frontend"
|
|
BACKEND_BASE_URL: "https://${HOST}/ccp-localdatamanagement"
|
|
AUTH_CLIENT_ID: "${OIDC_PRIVATE_CLIENT_ID}"
|
|
AUTH_CLIENT_SECRET: "${OIDC_CLIENT_SECRET}"
|
|
AUTH_ISSUER: "${OIDC_URL}"
|
|
AUTH_SECRET: "666df42c74ce1f4728fe2ffe99b146e0f2e4b4f9810594fcf68c0330495bca0f" # TODO: Generate
|
|
PROTOCOL_HEADER: "x-forwarded-proto"
|
|
HOST_HEADER: "x-forwarded-host"
|
|
depends_on:
|
|
- blaze
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.blaze_frontend.rule=PathPrefix(`/ccp-blaze-frontend`)"
|
|
- "traefik.http.middlewares.ccp_blaze_frontend_strip.stripprefix.prefixes=/ccp-blaze-frontend"
|
|
- "traefik.http.routers.blaze_ccp.middlewares=ccp_blaze_frontend_strip"
|
|
- "traefik.http.services.blaze_frontend.loadbalancer.server.port=3000"
|
|
- "traefik.http.routers.blaze_frontend.tls=true"
|
|
|
|
focus:
|
|
image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
|
|
container_name: bridgehead-focus
|
|
environment:
|
|
API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
|
|
BEAM_APP_ID_LONG: focus.${PROXY_ID}
|
|
PROXY_ID: ${PROXY_ID}
|
|
BLAZE_URL: "http://bridgehead-ccp-blaze:8080/fhir/"
|
|
BEAM_PROXY_URL: http://beam-proxy:8081
|
|
RETRY_COUNT: ${FOCUS_RETRY_COUNT}
|
|
EPSILON: 0.28
|
|
depends_on:
|
|
- "beam-proxy"
|
|
- "blaze"
|
|
|
|
beam-proxy:
|
|
image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
|
|
container_name: bridgehead-beam-proxy
|
|
environment:
|
|
BROKER_URL: ${BROKER_URL}
|
|
PROXY_ID: ${PROXY_ID}
|
|
APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
|
|
PRIVKEY_FILE: /run/secrets/proxy.pem
|
|
ALL_PROXY: http://forward_proxy:3128
|
|
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
|
|
ROOTCERT_FILE: /conf/root.crt.pem
|
|
secrets:
|
|
- proxy.pem
|
|
depends_on:
|
|
- "forward_proxy"
|
|
volumes:
|
|
- /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
|
|
- /srv/docker/bridgehead/ccp/root.crt.pem:/conf/root.crt.pem:ro
|
|
|
|
|
|
volumes:
|
|
blaze-data:
|
|
|
|
secrets:
|
|
proxy.pem:
|
|
file: /etc/bridgehead/pki/${SITE_ID}.priv.pem
|