From 16bc890d7c8f8947537ec67bab5fc4e1d8b69904 Mon Sep 17 00:00:00 2001 From: Patrick Skowronek Date: Tue, 19 Jul 2022 14:17:08 +0200 Subject: [PATCH] WIP: first commit --- ccp/docker-compose.yml | 2 + lib/template | 190 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 192 insertions(+) create mode 100644 lib/template diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index e3ef2e4..da404cb 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -8,6 +8,7 @@ services: - --entrypoints.web.address=:80 - --entrypoints.websecure.address=:443 - --providers.docker=true + - --providers.file.directory=/etc/traefik/dynamic_conf - --api.dashboard=true - --accesslog=true # print access-logs - --entrypoints.web.http.redirections.entrypoint.to=websecure @@ -24,6 +25,7 @@ services: - 443:443 volumes: - ../certs:/tools/certs + - ../lib/tls/config.yml:/etc/traefik/dynamic_conf/conf.yml:ro - /var/run/docker.sock:/var/run/docker.sock:ro forward_proxy: diff --git a/lib/template b/lib/template new file mode 100644 index 0000000..8b87d60 --- /dev/null +++ b/lib/template @@ -0,0 +1,190 @@ +version: "3.7" + +services: + traefik: + container_name: bridgehead-traefik + image: traefik:latest + command: + - --entrypoints.web.address=:80 + - --entrypoints.websecure.address=:443 + - --providers.docker=true + - --api.dashboard=true + - --accesslog=true # print access-logs + - --entrypoints.web.http.redirections.entrypoint.to=websecure + - --entrypoints.web.http.redirections.entrypoint.scheme=https + labels: + - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)" + - "traefik.http.routers.dashboard.entrypoints=websecure" + - "traefik.http.routers.dashboard.service=api@internal" + - "traefik.http.routers.dashboard.tls=true" + - "traefik.http.routers.dashboard.middlewares=auth" + - "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}" + ports: + - 80:80 + - 443:443 + volumes: + - ../certs:/tools/certs + - /var/run/docker.sock:/var/run/docker.sock:ro + + forward_proxy: + container_name: bridgehead-forward-proxy + image: samply/bridgehead-forward-proxy:develop + environment: + http_proxy: ${http_proxy} + https_proxy: ${https_proxy} + volumes: + - "bridgehead-proxy:/var/log/squid" + + landing: + container_name: bridgehead-landingpage + image: samply/bridgehead-landingpage:master + labels: + - "traefik.enable=true" + - "traefik.http.routers.landing.rule=PathPrefix(`/`)" + - "traefik.http.services.landing.loadbalancer.server.port=80" + - "traefik.http.routers.landing.tls=true" + environment: + HOST: ${HOST} + PROJECT: ${PROJECT} + SITE_NAME: ${SITE_NAME} + +{% if PROJECT == 'ccp' %} + blaze: + image: "samply/blaze:0.17" + container_name: bridgehead-ccp-blaze + environment: + BASE_URL: "http://blaze:8080" + JAVA_TOOL_OPTIONS: "-Xmx4g" + LOG_LEVEL: "debug" + ENFORCE_REFERENTIAL_INTEGRITY: "false" + volumes: + - "blaze-data:/app/data" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ccp-auth.basicauth.users=${bc_auth_users}" + - "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)" + - "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement" + - "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080" + - "traefik.http.routers.blaze_ccp.middlewares=ccp_b_strip,ccp-auth" + - "traefik.http.routers.blaze_ccp.tls=true" + + ccp-search-share: + image: "samply/dktk-fed-search-share:main" + container_name: bridgehead-ccp-share + environment: + APP_BASE_URL: "http://dktk-fed-search-share:8080" + APP_BROKER_BASEURL: "https://dktk-fed-search.verbis.dkfz.de/broker/rest/searchbroker" + APP_BROKER_MAIL: ${CCP_SEARCHBROKER_USERNAME} + APP_BROKER_AUTHTOKEN: ${CCP_SEARCHBROKER_PASSWORD} + APP_STORE_BASEURL: "http://bridgehead-ccp-blaze:8080/fhir" + SPRING_DATASOURCE_URL: "jdbc:postgresql://bridgehead-ccp-share-db:5432/postgres" + JAVA_TOOL_OPTIONS: -Xmx1g -Dhttp.proxyHost=bridgehead-forward-proxy -Dhttp.proxyPort=3128 -Dhttps.proxyHost=bridgehead-forward-proxy -Dhttps.proxyPort=3128 -Dhttp.nonProxyHosts="bridgehead-*" + depends_on: + - ccp-search-share-db + - blaze + labels: + - "traefik.enable=true" + - "traefik.http.routers.dktk-fed-search.rule=PathPrefix(`/ccp-connector`)" + - "traefik.http.services.dktk-fed-search.loadbalancer.server.port=8080" + + ccp-search-share-db: + image: "postgres:14" + container_name: bridgehead-ccp-share-db + environment: + POSTGRES_USER: "postgres" + POSTGRES_PASSWORD: "postgres" + POSTGRES_DB: "dktk-fed-search-share" + volumes: + - "ccp-search-share-db-data:/var/lib/postgresql/data" +{% elif PROJECT == 'nngm' %} + nngm-connector: + container_name: bridgehead-nngm-connector + image: "samply/share-client:nngm-feature-environmentPreconfiguration" + environment: + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + NNGM_MAGICPL_APIKEY: ${NNGM_MAGICPL_APIKEY} + NNGM_MAINZELLISTE_APIKEY: ${NNGM_MAINZELLISTE_APIKEY} + NNGM_CTS_APIKEY: ${NNGM_CTS_APIKEY} + NNGM_CRYPTKEY: ${NNGM_CRYPTKEY} + volumes: + - "nngm-connector-logs:/usr/local/tomcat/logs" + labels: + - "traefik.enable=true" + - "traefik.http.routers.nngm_connector.rule=PathPrefix(`/nngm-connector`)" + - "traefik.http.services.nngm_connector.loadbalancer.server.port=8080" + - "traefik.http.routers.nngm_connector.tls=true" + + depends_on: + - "nngm-connector-db" + - "forward_proxy" + ports: + - 5005:5005 + restart: "always" + + nngm-connector-db: + container_name: bridgehead-nngm-connector-db + image: "postgres:10.17" + environment: + POSTGRES_DB: "share_v2" + POSTGRES_USER: "samplyweb" + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + volumes: + - "nngm-connector-db-data:/var/lib/postgresql/data" + restart: "always" +{% elif PROJECT == 'gbn' %} +blaze: + image: "samply/blaze:0.17" + container_name: bridgehead-gbn-blaze-store + environment: + BASE_URL: "http://blaze:8080" + JAVA_TOOL_OPTIONS: "-Xmx4g" + LOG_LEVEL: "debug" + ENFORCE_REFERENTIAL_INTEGRITY: "false" + volumes: + - "blaze-data:/app/data" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.gbn-auth.basicauth.users=${bc_auth_users}" + - "traefik.http.routers.blaze_gbn.rule=PathPrefix(`/gbn-localdatamanagement`)" + - "traefik.http.middlewares.gbn_b_strip.stripprefix.prefixes=/gbn-localdatamanagement" + - "traefik.http.services.blaze_gbn.loadbalancer.server.port=8080" + - "traefik.http.routers.blaze_gbn.middlewares=gbn_b_strip,gbn-auth" + - "traefik.http.routers.blaze_gbn.tls=true" + + gbn-connector: + container_name: bridgehead-gbn-connector + image: "samply/share-client:gbn-feature-environmentPreconfiguration" + environment: + POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} + volumes: + - "gbn-connector-logs:/usr/local/tomcat/logs" + labels: + - "traefik.enable=true" + - "traefik.http.routers.gbn_connector.rule=PathPrefix(`/gbn-connector`)" + - "traefik.http.services.gbn_connector.loadbalancer.server.port=8080" + - "traefik.http.routers.gbn_connector.tls=true" + depends_on: + - "gbn-connector-db" + restart: "always" + + gbn-connector-db: + container_name: bridgehead-gbn-connector-db + image: "postgres:10" + container_name: "bridgehead-gbn-connector-db" + environment: + POSTGRES_DB: "samply.connector" + POSTGRES_USER: "samply" + POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} + volumes: + - "gbn-connector-db-data:/var/lib/postgresql/data" + restart: "always" +{% else %} + +{% endif %} + +volumes: +{% if PROJECT == 'ccp' %} + blaze-data: + bridgehead-proxy: + ccp-search-share-db-data: +{% endif %}