# WARNING: Do not deploy this tutorial configuration directly to a production environment # # The tutorial docker-compose files have not been written for production deployment and will not # scale. A proper architecture has been sacrificed to keep the narrative focused on the learning # goals, they are just used to deploy everything onto a single Docker machine. All FIWARE components # are running at full debug and extra ports have been exposed to allow for direct calls to services. # They also contain various obvious security flaws - passwords in plain text, no load balancing, # no use of HTTPS and so on. # # This is all to avoid the need of multiple machines, generating certificates, encrypting secrets # and so on, purely so that a single docker-compose file can be read as an example to build on, # not use directly. # # When deploying to a production environment, please refer to the Helm Repository # for FIWARE Components in order to scale up to a proper architecture: # # see: https://github.com/FIWARE/helm-charts/ # version: "3.8" services: # Orion is an NGSI-v2 context broker orion-v2: labels: org.fiware: 'tutorial' image: quay.io/fiware/orion:${ORION_VERSION} container_name: fiware-orion depends_on: - mongo-db networks: - default expose: - "${ORION_PORT}" ports: - "${ORION_PORT}:${ORION_PORT}" # localhost:1026 command: -dbhost mongo-db -logLevel DEBUG healthcheck: test: curl --fail -s http://orion:${ORION_PORT}/version || exit 1 interval: 5s # Keyrock is an Identity Management Front-End keyrock: labels: org.fiware: 'tutorial' image: quay.io/fiware/idm:${KEYROCK_VERSION} container_name: fiware-keyrock hostname: keyrock networks: default: ipv4_address: 172.18.1.5 depends_on: - mysql-db ports: - "${KEYROCK_PORT}:${KEYROCK_PORT}" # localhost:3005 - "${KEYROCK_HTTPS_PORT}:${KEYROCK_HTTPS_PORT}" # localhost:3443 environment: - DEBUG=idm:* - IDM_DB_HOST=mysql-db - IDM_DB_PASS_FILE=/run/secrets/my_secret_data - IDM_DB_USER=root - IDM_HOST=http://localhost:${KEYROCK_PORT} - IDM_PORT=${KEYROCK_PORT} - IDM_HTTPS_ENABLED=${IDM_HTTPS_ENABLED} - IDM_HTTPS_PORT=${KEYROCK_HTTPS_PORT} - IDM_ADMIN_USER=alice - IDM_ADMIN_EMAIL=alice-the-admin@test.com - IDM_ADMIN_PASS=test - IDM_CSP_FORM_ACTION=* secrets: - my_secret_data volumes: - ./certs:/opt/fiware-idm/certs/applications:ro # Preload Keyrock Certs healthcheck: interval: 5s # Tutorial acts as a series of dummy IoT Sensors over HTTP tutorial: labels: org.fiware: 'tutorial' image: quay.io/fiware/tutorials.context-provider hostname: iot-sensors container_name: fiware-tutorial depends_on: - keyrock - orion-v2 networks: default: ipv4_address: 172.18.1.7 aliases: - tutorial - context-provider expose: - "${TUTORIAL_APP_PORT}" - "${TUTORIAL_DUMMY_DEVICE_PORT}" ports: - "${TUTORIAL_APP_PORT}:${TUTORIAL_APP_PORT}" # localhost:3000 - "${TUTORIAL_DUMMY_DEVICE_PORT}:${TUTORIAL_DUMMY_DEVICE_PORT}" # localhost:3001 environment: - "MONGO_URL=mongodb://mongo-db:27017" - "DEBUG=tutorial:*" - "WEB_APP_PORT=${TUTORIAL_APP_PORT}" # Port used by the content provider proxy and web-app for viewing data - "IOTA_HTTP_HOST=iot-agent" - "IOTA_HTTP_PORT=${IOTA_SOUTH_PORT}" - "IOTA_DEFAULT_RESOURCE=/iot/d" - "DUMMY_DEVICES_PORT=${TUTORIAL_DUMMY_DEVICE_PORT}" # Port used by the dummy IOT devices to receive commands - "DUMMY_DEVICES_TRANSPORT=HTTP" # Default transport used by dummy Io devices - "CONTEXT_BROKER=http://orion:${ORION_PORT}/v2" # URL of the context broker to update context - "OPENWEATHERMAP_KEY_ID=" - "TWITTER_CONSUMER_KEY=" - "TWITTER_CONSUMER_SECRET=" - "NGSI_LD_PREFIX=" - "SECURE_ENDPOINTS=true" - "OIDC_ENABLED=true" - "KEYROCK_URL=http://localhost" - "KEYROCK_IP_ADDRESS=http://172.18.1.5" - "KEYROCK_PORT=${KEYROCK_PORT}" - "KEYROCK_CLIENT_ID=tutorial-dckr-site-0000-xpresswebapp" - "KEYROCK_CLIENT_SECRET=tutorial-dckr-site-0000-clientsecret" - "KEYROCK_JWT_SECRET=59de900a973fa2e0" - "CALLBACK_URL=http://localhost:${TUTORIAL_APP_PORT}/login" # Databases mongo-db: labels: org.fiware: 'tutorial' image: mongo:${MONGO_DB_VERSION} hostname: mongo-db container_name: db-mongo expose: - "${MONGO_DB_PORT}" ports: - "${MONGO_DB_PORT}:${MONGO_DB_PORT}" # localhost:27017 networks: - default volumes: - mongo-db:/data healthcheck: test: ["CMD","mongosh", "--eval", "db.adminCommand('ping')"] interval: 5s timeout: 5s retries: 3 start_period: 5s mysql-db: restart: always labels: org.fiware: 'tutorial' image: mysql:${MYSQL_DB_VERSION} hostname: mysql-db container_name: db-mysql expose: - "${MYSQL_DB_PORT}" ports: - "${MYSQL_DB_PORT}:${MYSQL_DB_PORT}" # localhost:3306 networks: default: ipv4_address: 172.18.1.6 environment: - "MYSQL_ROOT_PASSWORD_FILE=/run/secrets/my_secret_data" - "MYSQL_ROOT_HOST=172.18.1.5" # Allow Keyrock to access this database volumes: - mysql-db:/var/lib/mysql - ./mysql-data:/docker-entrypoint-initdb.d/:ro # Preload Keyrock Users secrets: - my_secret_data networks: default: labels: org.fiware: 'tutorial' ipam: config: - subnet: 172.18.1.0/24 volumes: mysql-db: ~ mongo-db: ~ secrets: my_secret_data: file: ./secrets.txt