forked from mitre/heimdall2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
67 lines (63 loc) · 1.6 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
services:
database:
image: postgres:13
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 30s
timeout: 60s
retries: 5
start_period: 80s
volumes:
- ./data:/var/lib/postgresql/data
environment:
- POSTGRES_DB=heimdall-server-production
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
- PGDATA=/var/lib/postgresql/data/pgdata
expose:
- "5432"
certs:
image: registry.access.redhat.com/ubi8/ubi:latest
restart: unless-stopped
command: sh -c "sh /etc/pki/ca-trust/source/anchors/dodcerts.sh && update-ca-trust && tail -f /dev/null"
volumes:
- type: volume
source: cert_bundles
target: /etc/pki/ca-trust/extracted/
- type: bind
source: ./certs/
target: /etc/pki/ca-trust/source/anchors/
server:
image: mitre/heimdall2:release-latest
restart: unless-stopped
environment:
- NODE_ENV=production
- DATABASE_HOST=database
- DATABASE_PASSWORD=${DATABASE_PASSWORD}
env_file: .env
ports:
- "3000"
volumes:
- type: volume
source: cert_bundles
target: /etc/pki/ca-trust/extracted/
read_only: true
volume:
nocopy: true
depends_on:
database:
condition: service_healthy
nginx:
image: nginx:alpine
environment:
NGINX_HOST: ${NGINX_HOST}
volumes:
- ./nginx/conf/:/etc/nginx/templates/
- ./nginx/certs/:/etc/nginx/cert/
ports:
- "80:80"
- "443:443"
depends_on:
- "server"
volumes:
cert_bundles: