services: postgres-common: image: postgres:14-alpine ports: - 5434:5432 environment: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=postgres - POSTGRES_MULTIPLE_DATABASES=keycloak,strapi,connector1,connector2,registrationservice volumes: - pgdata-common:/var/lib/postgresql/data - ./resources/postgres/init-multi-postgres-databases.sh:/docker-entrypoint-initdb.d/init-multi-postgres-databases.sh - ./resources/db-init/connector/:/docker-entrypoint-initdb.d/connector1 - ./resources/db-init/connector/:/docker-entrypoint-initdb.d/connector2 - ./resources/db-init/registrationservice/:/docker-entrypoint-initdb.d/registrationservice healthcheck: test: [ "CMD-SHELL", "pg_isready -U postgres" ] interval: 5s timeout: 30s retries: 10 minio-c1: image: minio/minio ports: - '9000:9000' - '9001:9001' volumes: - mdata-c1:/data environment: - MINIO_ROOT_USER=inesdata - MINIO_ROOT_PASSWORD=inesdata - MINIO_DEFAULT_BUCKETS=bucket-connector-1 command: server --console-address ":9001" /data healthcheck: test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1 interval: 30s timeout: 20s retries: 3 minio-c2: image: minio/minio ports: - '9010:9000' - '9011:9011' volumes: - mdata-c2:/data environment: - MINIO_ROOT_USER=inesdata - MINIO_ROOT_PASSWORD=inesdata - MINIO_DEFAULT_BUCKETS=bucket-connector-2 command: server --console-address ":9011" /data healthcheck: test: timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1 interval: 30s timeout: 20s retries: 3 setup-minio: image: minio/mc depends_on: - minio-c1 - minio-c2 entrypoint: > /bin/sh -c " /usr/bin/mc alias set minio-c1 http://minio-c1:9000 inesdata inesdata; /usr/bin/mc admin user svcacct add minio-c1 inesdata --access-key DrJ6PmnJ3QtlxYowRSLi --secret-key gjaVnJstoeV4bWLrJkmswKBMIZxY10PjZOJhp2qk; /usr/bin/mc mb minio-c1/bucket-connector-1; /usr/bin/mc alias set minio-c2 http://minio-c2:9000 inesdata inesdata; /usr/bin/mc admin user svcacct add minio-c2 inesdata --access-key wEfyrv2vH7Wj3ON03g8V --secret-key JlHVGgSgeRkbs6WtKTugR4I5uU7oA1VRf8kBtrGd; /usr/bin/mc mb minio-c2/bucket-connector-2; exit 0; " keycloak: image: quay.io/keycloak/keycloak:24.0.2 volumes: - ./resources/keycloak/dataspace-realm.json:/opt/keycloak/data/import/dataspace-realm.json environment: KC_HOSTNAME: keycloak KC_HOSTNAME_PORT: 8080 KC_HOSTNAME_STRICT_BACKCHANNEL: "false" KC_DB: postgres KC_DB_URL: jdbc:postgresql://postgres-common/keycloak KC_DB_USERNAME: keycloak KC_DB_PASSWORD: keycloak KEYCLOAK_ADMIN: admin KEYCLOAK_ADMIN_PASSWORD: inesdata KC_HEALTH_ENABLED: "true" KC_LOG_LEVEL: ERROR KEYCLOAK_LOGLEVEL: ERROR healthcheck: test: ['CMD-SHELL', '[ -f /tmp/HealthCheck.java ] || echo "public class HealthCheck { public static void main(String[] args) throws java.lang.Throwable { System.exit(java.net.HttpURLConnection.HTTP_OK == ((java.net.HttpURLConnection)new java.net.URL(args[0]).openConnection()).getResponseCode() ? 0 : 1); } }" > /tmp/HealthCheck.java && java /tmp/HealthCheck.java http://localhost:8080/health/live'] interval: 15s timeout: 2s retries: 15 command: start-dev --import-realm ports: - 8080:8080 depends_on: postgres-common: condition: service_healthy connector-c1: image: ghcr.io/inesdata/inesdata-connector:0.10.2 ports: - '19191:19191' - '19192:19192' - '19193:19193' - '19194:19194' - '19195:19195' - '19291:19291' - '19196:19196' volumes: - ./resources:/opt/connector/resources environment: - EDC_FS_CONFIG=/opt/connector/resources/configuration/connector-c1-configuration.properties healthcheck: test: ["CMD", "curl", "--fail", "-X", "GET", "http://localhost:19191/api/check/health"] interval: 30s timeout: 10s retries: 10 start_period: 5s depends_on: keycloak: condition: service_healthy postgres-common: condition: service_healthy minio-c1: condition: service_healthy vault: condition: service_healthy registration-service: condition: service_healthy connector-c2: image: ghcr.io/inesdata/inesdata-connector:0.10.2 ports: - '29191:29191' - '29192:29192' - '29193:29193' - '29194:29194' - '29195:29195' - '29291:29291' - '29196:29196' volumes: - ./resources:/opt/connector/resources environment: - EDC_FS_CONFIG=/opt/connector/resources/configuration/connector-c2-configuration.properties healthcheck: test: ["CMD", "curl", "--fail", "-X", "GET", "http://localhost:29191/api/check/health"] interval: 30s timeout: 10s retries: 10 start_period: 5s depends_on: postgres-common: condition: service_healthy minio-c2: condition: service_healthy keycloak: condition: service_healthy vault: condition: service_healthy registration-service: condition: service_healthy registration-service: image: ghcr.io/inesdata/inesdata-registration-service:0.7.0 ports: - 59191:59191 volumes: - ./resources:/opt/connector/resources environment: - SERVER_PORT=59191 - SERVER_SERVLET_CONTEXTPATH=/api - SPRING_WEB_CORS_ALLOWEDORIGINS=* - SPRING_WEB_CORS_ALLOWEDHEADERS=origin, content-type, accept, authorization, x-api-key - SPRING_DATASOURCE_URL=jdbc:postgresql://postgres-common:5432/registrationservice - SPRING_DATASOURCE_USERNAME=registrationservice - SPRING_DATASOURCE_PASSWORD=registrationservice - SPRING_DATASOURCE_HIKARI_MAXIMUMPOOLSIZE=10 - SPRING_DATASOURCE_HIKARI_MINIMUMIDLE=5 - SPRING_DATASOURCE_HIKARI_IDLETIMEOUT=60000 - SPRING_JPA_PROPERTIES_HIBERNATE_DIALECT=org.hibernate.dialect.PostgreSQLDialect - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_TOKENURI=http://keycloak:8080/realms/dataspace/protocol/openid-connect/token - SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_JWKSETURI=http://keycloak:8080/realms/dataspace/protocol/openid-connect/certs - APP_SECURITY_OAUTH2_ALLOWEDROLES0=connector-admin - APP_SECURITY_OAUTH2_ALLOWEDROLES1=connector-management - APP_SECURITY_OAUTH2_ALLOWEDROLES2=connector-user - APP_SECURITY_OAUTH2_ALLOWEDROLES3=dataspace-admin - APP_ALLOWED_ROLE=dataspace-admin - MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE=* - MANAGEMENT_ENDPOINT_HEALTH_SHOWDETAILS=always - SPRING_LIQUIBASE_ENABLED=false - SPRING_LIQUIBASE_CHANGELOG=classpath:/db/changelog/db.changelog-master.xml depends_on: keycloak: condition: service_healthy postgres-common: condition: service_healthy vault: condition: service_healthy healthcheck: test: [ "CMD", "wget", "--spider", "--proxy", "off", "http://localhost:59191/api/actuator/health"] interval: 2s timeout: 3s retries: 30 connector-interface-c1: image: ghcr.io/inesdata/inesdata-connector-interface:0.11.0 ports: - '8001:8080' environment: - MANAGEMENT_API_URL=http://localhost:19193/management - CATALOG_URL=http://localhost:19193/management/federatedcatalog - SHARED_URL=http://localhost:19196/shared - PARTICIPANT_ID=connector-c1 - STORAGE_ACCOUNT=company2assets - STORAGE_LINK_TEMPLATE=storageexplorer://v=1 - APP_THEME=theme-1 - OAUTH2_ISSUER=http://keycloak:8080/realms/dataspace - OAUTH2_REDIRECT_PATH=/inesdata-connector-interface - OAUTH2_CLIENT_ID=dataspace-users - OAUTH2_SCOPE=openid profile email - OAUTH2_RESPONSE_TYPE=code - OAUTH2_SHOW_DEBUG_INFO=true - OAUTH2_ALLOWED_URLS=http://localhost:8001,http://localhost:19193,http://connector-c1:8001 connector-interface-c2: image: ghcr.io/inesdata/inesdata-connector-interface:0.11.0 ports: - '8002:8080' environment: - MANAGEMENT_API_URL=http://localhost:29193/management - CATALOG_URL=http://localhost:29193/management/federatedcatalog - SHARED_URL=http://localhost:29196/shared - PARTICIPANT_ID=connector-c2 - STORAGE_ACCOUNT=company2assets - STORAGE_LINK_TEMPLATE=storageexplorer://v=1 - APP_THEME=theme-2 - OAUTH2_ISSUER=http://keycloak:8080/realms/dataspace - OAUTH2_REDIRECT_PATH=/inesdata-connector-interface - OAUTH2_CLIENT_ID=dataspace-users - OAUTH2_SCOPE=openid profile email - OAUTH2_RESPONSE_TYPE=code - OAUTH2_SHOW_DEBUG_INFO=true - OAUTH2_ALLOWED_URLS=http://localhost:8002,http://localhost:29193,http://connector-c2:8002 public-portal-backend: image: ghcr.io/inesdata/inesdata-public-portal-backend:0.9.0 ports: - '1337:1337' volumes: - portal-uploads:/opt/app/public/uploads environment: - DATABASE_CLIENT=postgres - DATABASE_HOST=postgres-common - DATABASE_PORT=5432 - DATABASE_NAME=strapi - DATABASE_USERNAME=strapi - DATABASE_PASSWORD=strapi - JWT_SECRET=${STRAPI_JWT_SECRET} - ADMIN_JWT_SECRET=${STRAPI_ADMIN_JWT_SECRET} - APP_KEYS=${STRAPI_APP_KEYS} - API_TOKEN_SALT=${STRAPI_API_TOKEN_SALT} - NODE_ENV=production - TOKEN_CLIENT_ID=dataspace-users - TOKEN_USERNAME=user-strapi-c1 - TOKEN_PASSWORD=user-strapi-c1 - KEYCLOAK_BASE_URL=http://keycloak:8080/realms/dataspace - CATALOG_BASE_URL=http://connector-c1:19193 - VOCABULARIES_BASE_URL=http://connector-c1:19196 depends_on: postgres-common: condition: service_healthy keycloak: condition: service_healthy public-portal-frontend: image: ghcr.io/inesdata/inesdata-public-portal-frontend:0.9.0 ports: - '80:80' environment: - STRAPI_URL=http://localhost:1337 vault: image: "hashicorp/vault:1.17.0" restart: on-failure:10 ports: - "8201:8201" environment: VAULT_ADDR: 'https://0.0.0.0:8201' VAULT_LOCAL_CONFIG: '{"listener": [{"tcp":{"address": "0.0.0.0:8201","tls_disable":"1"}}], "default_lease_ttl": "168h", "max_lease_ttl": "720h"}, "ui": true}' VAULT_DEV_ROOT_TOKEN_ID: '00000000-0000-0000-0000-000000000000' VAULT_TOKEN: '00000000-0000-0000-0000-000000000000' cap_add: - IPC_LOCK volumes: - hvdata:/data healthcheck: test: [ "CMD", "wget", "--spider", "http://0.0.0.0:8201/v1/sys/health?standbyok=true" ] interval: 2s timeout: 3s retries: 30 command: server -dev -dev-root-token-id="00000000-0000-0000-0000-000000000000" setup-vault: image: "hashicorp/vault:1.17.0" command: - "sh" - "-c" - "/vault/scripts/init-vault.sh" environment: VAULT_ADDR: http://vault:8201 VAULT_TOKEN: '00000000-0000-0000-0000-000000000000' volumes: - ./resources/vault-init/scripts/init-vault.sh:/vault/scripts/init-vault.sh - ./resources/vault-init/secrets/:/var/init-secrets - ./resources/vault-init/json-secrets/:/var/init-json-secrets depends_on: vault: condition: service_healthy volumes: pgdata-common: driver: local mdata-c1: driver: local mdata-c2: driver: local hvdata: driver: local portal-uploads: driver: local