From e312bdd68bd1edf6f43173616a4b9eee6880e2f2 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Fri, 21 Feb 2025 17:35:52 +0100 Subject: [PATCH 1/3] chore: docker build & push files --- .dockerignore | 4 + docker/dev/.env.example | 21 ++++ docker/dev/README.md | 112 ++++++++++++++++++ .../credential-showcase-api-server/Dockerfile | 22 ++++ .../Dockerfile | 22 ++++ docker/dev/docker-compose.yml | 81 +++++++++++++ docker/dev/push.sh | 15 +++ docker/dev/setup-env.sh | 31 +++++ .../credential-showcase-openapi/README.md | 21 +++- .../docs/diagram.md | 3 +- .../docs/example-visualization.json | 18 +-- 11 files changed, 329 insertions(+), 21 deletions(-) create mode 100644 .dockerignore create mode 100644 docker/dev/.env.example create mode 100644 docker/dev/README.md create mode 100644 docker/dev/credential-showcase-api-server/Dockerfile create mode 100644 docker/dev/credential-showcase-traction-adapter/Dockerfile create mode 100644 docker/dev/docker-compose.yml create mode 100755 docker/dev/push.sh create mode 100755 docker/dev/setup-env.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..03820f2 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +../node_modules +**/node_modules/ +.git +dist \ No newline at end of file diff --git a/docker/dev/.env.example b/docker/dev/.env.example new file mode 100644 index 0000000..2a03419 --- /dev/null +++ b/docker/dev/.env.example @@ -0,0 +1,21 @@ +# Server Configuration +API_PORT=3377 # Port for the API server + +# Database Configuration (for drizzle-orm and pg) +DB_HOST=postgres +DB_PORT=5232 +DB_USER=postgres +DB_PASSWORD=s3cH9KK1Lo0opzPo +DB_NAME=postgres + +# RabbitMQ Configuration +RABBITMQ_HOST=rabbitmq # Hostname of RabbitMQ service +RABBITMQ_PORT=5672 # AMQP port +RABBITMQ_MGMT_PORT=15672 # Management UI port +RABBITMQ_USER=guest # RabbitMQ username +RABBITMQ_PASSWORD=guest # RabbitMQ password +RABBITMQ_VHOST=/ # Virtual host (default is /) + +# Optional: Application-specific settings +APP_NAME=credential-showcase-api # Example: App identifier +LOG_LEVEL=info # Example: Logging level (info/debug/error) \ No newline at end of file diff --git a/docker/dev/README.md b/docker/dev/README.md new file mode 100644 index 0000000..20669be --- /dev/null +++ b/docker/dev/README.md @@ -0,0 +1,112 @@ +# Credential Showcase Docker Build + +This repository contains Docker configurations for the Credential Showcase system, which consists of an API server and a Traction adapter that communicate via RabbitMQ message broker. + +## Components + +- **credential-showcase-api-server**: Main API service that connects to PostgreSQL +- **credential-showcase-traction-adapter**: Adapter service that integrates with the Traction network +- **PostgreSQL**: Database for persistent storage +- **RabbitMQ**: Message broker for service communication + +## Setup Instructions + +### Prerequisites + +- Docker and Docker Compose + +### Configuration + +1. Copy the example environment file to create your configuration: + +```bash +cp .env.example .env +``` + +2. Modify the `.env` file with your desired configuration: + +``` +# Server Configuration +API_PORT=3377 # Port for the API server + +# Database Configuration +DB_HOST=postgres +DB_PORT=5232 +DB_USER=postgres +DB_PASSWORD=s3cH9KK1Lo0opzPo +DB_NAME=postgres + +# RabbitMQ Configuration +RABBITMQ_HOST=rabbitmq +RABBITMQ_PORT=5672 +RABBITMQ_MGMT_PORT=15672 +RABBITMQ_USER=guest +RABBITMQ_PASSWORD=guest +RABBITMQ_VHOST=/ + +# Application settings +APP_NAME=credential-showcase-api +LOG_LEVEL=info +``` + +## Building and Running + +Build and start the services using Docker Compose: + +```bash +docker-compose up -d +``` + +This will start: +- The API server accessible on port defined in your `.env` file +- The Traction adapter service +- PostgreSQL database with persistent storage +- RabbitMQ with management interface + +## Network Configuration + +The system uses two isolated Docker networks: +- `messagebroker_net`: For RabbitMQ communication +- `db_net`: For database access + +## Volumes + +- `postgres_data`: Persistent volume for PostgreSQL data + +## Pushing Images to Registry + +### Prerequisites for Image Push + +- Bash shell +- jq utility installed +- Access to the target Docker registry + +### Push Process + +To push the images to a Docker registry: + +1. Ensure you have proper credentials and access to the registry +2. Run the push script: + +```bash +./push.sh +``` + +The script: +- Checks that API server and Traction adapter versions match +- Tags images with the appropriate version number from package.json +- Pushes images to the configured registry (default: sphereonregistry.azurecr.io) + +## Development Notes + +- The Dockerfiles use a multi-stage build process for optimized image size +- The system uses pnpm for package management +- Environment variables control most aspects of the configuration + +## Troubleshooting + +- Check container logs: `docker-compose logs [service-name]` +- Verify network connectivity between services +- Ensure RabbitMQ credentials are correct +- Check PostgreSQL connection parameters +- If push script fails, verify your Docker registry credentials and connection \ No newline at end of file diff --git a/docker/dev/credential-showcase-api-server/Dockerfile b/docker/dev/credential-showcase-api-server/Dockerfile new file mode 100644 index 0000000..19f8254 --- /dev/null +++ b/docker/dev/credential-showcase-api-server/Dockerfile @@ -0,0 +1,22 @@ +# Build stage +FROM node:20-bookworm AS builder +SHELL ["/bin/bash", "-c"] +ENV SHELL=bash +ENV PNPM_HOME=/usr/local/share/pnpm +ENV PATH=$PNPM_HOME:$PATH +RUN npm -g install pnpm && pnpm setup && source /root/.bashrc && pnpm self-update && pnpm setup && pnpm config set store-dir "/usr/local/share/pnpm/store/v10" --global + +WORKDIR /build +COPY . /build +RUN rm -rf $(pnpm store path) && pnpm install -g rimraf typescript tslib +RUN pnpm install +RUN pnpm build +RUN pnpm deploy /deploy --filter credential-showcase-api-server --prod + +# Runtime stage +FROM node:20-bookworm-slim +WORKDIR /app +COPY --from=builder /deploy /app +ENV NODE_ENV=production +RUN echo PORT=3000 > .env +CMD ["node", "dist/index.js"] diff --git a/docker/dev/credential-showcase-traction-adapter/Dockerfile b/docker/dev/credential-showcase-traction-adapter/Dockerfile new file mode 100644 index 0000000..a97cdd4 --- /dev/null +++ b/docker/dev/credential-showcase-traction-adapter/Dockerfile @@ -0,0 +1,22 @@ +# Build stage +FROM node:20-bookworm AS builder +SHELL ["/bin/bash", "-c"] +ENV SHELL=bash +ENV PNPM_HOME=/usr/local/share/pnpm +ENV PATH=$PNPM_HOME:$PATH +RUN npm -g install pnpm && pnpm setup && source /root/.bashrc && pnpm self-update && pnpm setup && pnpm config set store-dir "/usr/local/share/pnpm/store/v10" --global + +WORKDIR /build +COPY . /build +RUN rm -rf $(pnpm store path) && pnpm install -g rimraf typescript tslib turbo +RUN pnpm install +RUN pnpm build +RUN pnpm deploy /deploy --filter credential-showcase-traction-adapter --prod + +# Runtime stage +FROM node:20-bookworm-slim +WORKDIR /app +COPY --from=builder /deploy /app +ENV NODE_ENV=production +RUN echo PORT=3000 > .env +CMD ["node", "dist/index.js"] \ No newline at end of file diff --git a/docker/dev/docker-compose.yml b/docker/dev/docker-compose.yml new file mode 100644 index 0000000..4ad7fb3 --- /dev/null +++ b/docker/dev/docker-compose.yml @@ -0,0 +1,81 @@ +services: + credential-showcase-api-server: + build: + context: ../.. + dockerfile: ./docker/dev/credential-showcase-api-server/Dockerfile + restart: unless-stopped + networks: + - messagebroker_net + - db_net + environment: + # Only include variables this service needs + - NODE_PORT=3000 + - DATABASE_URL=${DATABASE_URL} + - DB_HOST=${DB_HOST} + - DB_PORT=${DB_PORT} + - DB_USER=${DB_USER} + - DB_PASSWORD=${DB_PASSWORD} + - DB_NAME=${DB_NAME} + - APP_NAME=${APP_NAME} + - LOG_LEVEL=${LOG_LEVEL} + ports: + - "${API_PORT}:${API_PORT:-3000}" + + credential-showcase-traction-adapter: + build: + context: ../.. + dockerfile: ./docker/dev/credential-showcase-traction-adapter/Dockerfile + restart: unless-stopped + networks: + - messagebroker_net + + environment: + - NODE_PORT=3000 + - RABBITMQ_HOST=${RABBITMQ_HOST} + - RABBITMQ_PORT=${RABBITMQ_PORT} + - RABBITMQ_USER=${RABBITMQ_USER} + - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} + - RABBITMQ_VHOST=${RABBITMQ_VHOST} + - APP_NAME=${APP_NAME} + - LOG_LEVEL=${LOG_LEVEL} + depends_on: + - rabbitmq # Ensure RabbitMQ starts first + + postgres: + image: postgres:16 + restart: unless-stopped + networks: + - db_net + environment: + - POSTGRES_USER=${DB_USER} + - POSTGRES_PASSWORD=${DB_PASSWORD} + - POSTGRES_DB=${DB_NAME} + ports: + - "${DB_PORT:-5432}:5432" # Expose Postgres port, default 5432 + volumes: + - postgres_data:/var/lib/postgresql/data + + rabbitmq: + image: rabbitmq:4-management # Using RabbitMQ 4.x with management plugin + restart: unless-stopped + networks: + - messagebroker_net + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} + ports: + - "${RABBITMQ_PORT}:5672" + - "${RABBITMQ_MGMT_PORT}:15672" + +volumes: + postgres_data: # Named volume for Postgres data persistence + +networks: + messagebroker_net: + driver: bridge + name: messagebroker_net + internal: false # This makes the network isolated from other docker projects + db_net: + driver: bridge + name: db_net + internal: false \ No newline at end of file diff --git a/docker/dev/push.sh b/docker/dev/push.sh new file mode 100755 index 0000000..bcd7459 --- /dev/null +++ b/docker/dev/push.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +source ./setup-env.sh + +# Push API server image +docker tag ${API_SERVER_IMAGE}:latest ${DOCKER_REGISTRY}/${TAGGED_API_SERVER_IMAGE}:${PACKAGE_VERSION} +docker push ${DOCKER_REGISTRY}/${TAGGED_API_SERVER_IMAGE}:${PACKAGE_VERSION} +docker tag ${API_SERVER_IMAGE}:latest ${DOCKER_REGISTRY}/${TAGGED_API_SERVER_IMAGE}:latest +docker push ${DOCKER_REGISTRY}/${TAGGED_API_SERVER_IMAGE}:latest + +# Push tract adapter image +docker tag ${TRACTION_ADAPTER_IMAGE}:latest ${DOCKER_REGISTRY}/${TAGGED_TRACTION_ADAPTER_IMAGE}:${PACKAGE_VERSION} +docker push ${DOCKER_REGISTRY}/${TAGGED_TRACTION_ADAPTER_IMAGE}:${PACKAGE_VERSION} +docker tag ${TRACTION_ADAPTER_IMAGE}:latest ${DOCKER_REGISTRY}/${TAGGED_TRACTION_ADAPTER_IMAGE}:latest +docker push ${DOCKER_REGISTRY}/${TAGGED_TRACTION_ADAPTER_IMAGE}:latest diff --git a/docker/dev/setup-env.sh b/docker/dev/setup-env.sh new file mode 100755 index 0000000..64f7905 --- /dev/null +++ b/docker/dev/setup-env.sh @@ -0,0 +1,31 @@ +#!/bin/bash +set -euo pipefail + +# Ensure jq is installed +if ! command -v jq >/dev/null; then + echo "Error: jq is not installed. Please install jq (e.g., from https://stedolan.github.io/jq/download/) and ensure it is available in your PATH." >&2 + exit 1 +fi + + +DOCKER_REGISTRY="${DOCKER_REGISTRY:-sphereonregistry.azurecr.io}" + +# Extract versions from package.json files. +API_VERSION=$(jq -r .version ../../apps/credential-showcase-api-server/package.json) +ADAPTER_VERSION=$(jq -r .version ../../packages/credential-showcase-traction-adapter/package.json) + +# Check that both versions match. +if [ "$API_VERSION" != "$ADAPTER_VERSION" ]; then + echo "Error: Version mismatch - API server version ($API_VERSION) does not match traction adapter version ($ADAPTER_VERSION)" >&2 + exit 1 +fi + +export PACKAGE_VERSION="$API_VERSION" + +# Source image names. +export API_SERVER_IMAGE="dev-credential-showcase-api-server" +export TRACTION_ADAPTER_IMAGE="dev-credential-showcase-traction-adapter" + +# Remove the "dev-" prefix when tagging. +export TAGGED_API_SERVER_IMAGE="${API_SERVER_IMAGE#dev-}" +export TAGGED_TRACTION_ADAPTER_IMAGE="${TRACTION_ADAPTER_IMAGE#dev-}" \ No newline at end of file diff --git a/packages/credential-showcase-openapi/README.md b/packages/credential-showcase-openapi/README.md index d774261..c1e40e7 100644 --- a/packages/credential-showcase-openapi/README.md +++ b/packages/credential-showcase-openapi/README.md @@ -1,14 +1,16 @@ ## credential-showcase-openapi ### Environment setup + Make sure following software is installed on your PC. -* [OpenJDK 17](https://jdk.java.net/java-se-ri/17). -* [Maven 3.8.1](https://maven.apache.org/download.cgi) or later. +- [OpenJDK 17](https://jdk.java.net/java-se-ri/17). +- [Maven 3.8.1](https://maven.apache.org/download.cgi) or later. ### Generate API/Models The following command will generate the models in `src/models`. + ``` mvn -U clean install ``` @@ -17,10 +19,12 @@ mvn -U clean install ### Using the models -The models will be generated in `src/models`, therefore, they may be imported into another submodule as a workspace dependency by: +The models will be generated in `src/models`, therefore, they may be imported into another submodule as a workspace dependency by: adding the lines below to the respective files + ###### package.json + ```json { "dependencies": { @@ -30,20 +34,25 @@ adding the lines below to the respective files ``` ###### tsconfig.json + ```json { - "references": [{ - "path": "../credential-showcase-openapi" - }] + "references": [ + { + "path": "../credential-showcase-openapi" + } + ] } ``` running the command below from the root project + ```shell pnpm install ``` And importing them as any other package + ```typescript import { Asset } from 'credential-showcase-openapi' diff --git a/packages/credential-showcase-openapi/docs/diagram.md b/packages/credential-showcase-openapi/docs/diagram.md index 514cc93..d488973 100644 --- a/packages/credential-showcase-openapi/docs/diagram.md +++ b/packages/credential-showcase-openapi/docs/diagram.md @@ -90,7 +90,7 @@ classDiagram } class RelyingParty { +name : String - +type: RelyingPartyType + +type: RelyingPartyType +credentialDefinitions: List~CredentialDefinition~ +description: String organization: String @@ -171,3 +171,4 @@ classDiagram IssuanceFlow "0..*" o-- "1" Issuer : includes PresentationFlow "0..*" o-- "1" RelyingParty : includes +``` diff --git a/packages/credential-showcase-openapi/docs/example-visualization.json b/packages/credential-showcase-openapi/docs/example-visualization.json index 7755f93..36dc104 100644 --- a/packages/credential-showcase-openapi/docs/example-visualization.json +++ b/packages/credential-showcase-openapi/docs/example-visualization.json @@ -9,15 +9,8 @@ "id": "university-parking-scenario", "name": "University Parking Journey", "description": "Student obtaining and using parking credentials", - "workflowRefs": [ - "issuance-flow-123", - "presentation-flow-123" - ], - "personaRefs": [ - "issuer-persona-123", - "holder-persona-123", - "verifier-persona-123" - ] + "workflowRefs": ["issuance-flow-123", "presentation-flow-123"], + "personaRefs": ["issuer-persona-123", "holder-persona-123", "verifier-persona-123"] } ], "credentials": [ @@ -71,8 +64,7 @@ "type": "ISSUANCE", "name": "Parking Permit Issuance", "description": "Workflow for issuing parking permits", - "steps": [ - ], + "steps": [], "credentialDefinitionRefs": ["university-parking-123"] }, { @@ -80,10 +72,8 @@ "type": "PRESENTATION", "name": "Parking Permit Verification", "description": "Workflow for verifying parking permits", - "steps": [ - ], + "steps": [], "credentialDefinitionRefs": ["university-parking-123"] } ] } - From af1d37708ad059ab3970ab16c5d371682a8d0315 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Mon, 24 Feb 2025 11:16:25 +0100 Subject: [PATCH 2/3] chore: docker fixes --- docker/dev/.env.example | 8 +-- docker/dev/docker-compose.yml | 34 ++++++--- docker/prod/.env.example | 21 ++++++ docker/prod/docker-compose.yml | 124 +++++++++++++++++++++++++++++++++ 4 files changed, 171 insertions(+), 16 deletions(-) create mode 100644 docker/prod/.env.example create mode 100644 docker/prod/docker-compose.yml diff --git a/docker/dev/.env.example b/docker/dev/.env.example index 2a03419..af4ec7a 100644 --- a/docker/dev/.env.example +++ b/docker/dev/.env.example @@ -2,16 +2,14 @@ API_PORT=3377 # Port for the API server # Database Configuration (for drizzle-orm and pg) -DB_HOST=postgres -DB_PORT=5232 DB_USER=postgres DB_PASSWORD=s3cH9KK1Lo0opzPo DB_NAME=postgres +DB_EXPOSED_PORT=5232 # RabbitMQ Configuration -RABBITMQ_HOST=rabbitmq # Hostname of RabbitMQ service -RABBITMQ_PORT=5672 # AMQP port -RABBITMQ_MGMT_PORT=15672 # Management UI port +RABBITMQ_EXPOSED_PORT=5672 # Exposed AMQP port +RABBITMQ_MGMT_EXPOSED_PORT=15672 # Exposed management UI port RABBITMQ_USER=guest # RabbitMQ username RABBITMQ_PASSWORD=guest # RabbitMQ password RABBITMQ_VHOST=/ # Virtual host (default is /) diff --git a/docker/dev/docker-compose.yml b/docker/dev/docker-compose.yml index 4ad7fb3..07bd5ce 100644 --- a/docker/dev/docker-compose.yml +++ b/docker/dev/docker-compose.yml @@ -5,21 +5,24 @@ services: dockerfile: ./docker/dev/credential-showcase-api-server/Dockerfile restart: unless-stopped networks: + - api_net - messagebroker_net - db_net environment: # Only include variables this service needs - NODE_PORT=3000 - - DATABASE_URL=${DATABASE_URL} - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} + # - DATABASE_URL=${DATABASE_URL} uncomment when using URL instead of vars above + - DB_HOST=postgres + - DB_PORT=${DB_PORT:-5432} - DB_USER=${DB_USER} - DB_PASSWORD=${DB_PASSWORD} - DB_NAME=${DB_NAME} - APP_NAME=${APP_NAME} - LOG_LEVEL=${LOG_LEVEL} + depends_on: + - postgres # Ensure Postgres starts first ports: - - "${API_PORT}:${API_PORT:-3000}" + - "${API_PORT}:3000" # remove when enabling proxy credential-showcase-traction-adapter: build: @@ -31,8 +34,8 @@ services: environment: - NODE_PORT=3000 - - RABBITMQ_HOST=${RABBITMQ_HOST} - - RABBITMQ_PORT=${RABBITMQ_PORT} + - RABBITMQ_HOST=rabbitmq + - RABBITMQ_PORT=5672 - RABBITMQ_USER=${RABBITMQ_USER} - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} - RABBITMQ_VHOST=${RABBITMQ_VHOST} @@ -51,9 +54,14 @@ services: - POSTGRES_PASSWORD=${DB_PASSWORD} - POSTGRES_DB=${DB_NAME} ports: - - "${DB_PORT:-5432}:5432" # Expose Postgres port, default 5432 + - "${DB_EXPOSED_PORT}:5432" # Expose Postgres port, default 5432 volumes: - postgres_data:/var/lib/postgresql/data + healthcheck: + test: ["CMD", "pg_isready", "-U", "${DB_USER}"] + interval: 10s + timeout: 5s + retries: 5 rabbitmq: image: rabbitmq:4-management # Using RabbitMQ 4.x with management plugin @@ -64,18 +72,22 @@ services: - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER} - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} ports: - - "${RABBITMQ_PORT}:5672" - - "${RABBITMQ_MGMT_PORT}:15672" + - "${RABBITMQ_EXPOSED_PORT:-5672}:5672" + - "${RABBITMQ_MGMT_EXPOSED_PORT:-15672}:15672" volumes: postgres_data: # Named volume for Postgres data persistence networks: + api_net: + driver: bridge + name: api_net + internal: false messagebroker_net: driver: bridge name: messagebroker_net - internal: false # This makes the network isolated from other docker projects + internal: false # set to false to be able to expose for debugging db_net: driver: bridge name: db_net - internal: false \ No newline at end of file + internal: false # set to false to be able to expose for debugging \ No newline at end of file diff --git a/docker/prod/.env.example b/docker/prod/.env.example new file mode 100644 index 0000000..e80fd72 --- /dev/null +++ b/docker/prod/.env.example @@ -0,0 +1,21 @@ +# Server Configuration +API_PORT=3377 # Port for the API server + +# COMPOSE_PROFILES=traefik # uncomment to enable reverse proxy +API_PUBLIC_HOSTS=Host(`api.bc.demo.sphereon.com`) # see https://doc.traefik.io/traefik/routing/routers/#rule + +# Database Configuration (for drizzle-orm and pg) +DB_USER=postgres +DB_PASSWORD=s3cH9KK1Lo0opzPo +DB_NAME=postgres + +# RabbitMQ Configuration +RABBITMQ_USER=guest # RabbitMQ username +RABBITMQ_PASSWORD=guest # RabbitMQ password +RABBITMQ_VHOST=/ # Virtual host (default is /) +RABBITMQ_EXPOSED_PORT=5672 # Exposed port +RABBITMQ_MGMT_EXPOSED_PORT=15672 # Exposed management UI port + +# Optional: Application-specific settings +APP_NAME=credential-showcase-api # Example: App identifier +LOG_LEVEL=info # Example: Logging level (info/debug/error) \ No newline at end of file diff --git a/docker/prod/docker-compose.yml b/docker/prod/docker-compose.yml new file mode 100644 index 0000000..f76eb76 --- /dev/null +++ b/docker/prod/docker-compose.yml @@ -0,0 +1,124 @@ +services: + credential-showcase-api-server: + image: ${DOCKER_REGISTRY:-sphereonregistry.azurecr.io}/credential-showcase-api-server:latest + restart: unless-stopped + networks: + - frontend + - messagebroker_net + - db_net + environment: + # Only include variables this service needs + - NODE_PORT=3000 + - DB_HOST=postgres + - DB_PORT=${DB_PORT:-5432} + - DB_USER=${DB_USER} + - DB_PASSWORD=${DB_PASSWORD} + - DB_NAME=${DB_NAME} + # - DATABASE_URL=${DATABASE_URL} uncomment when using URL instead of vars above + - APP_NAME=${APP_NAME} + - LOG_LEVEL=${LOG_LEVEL} + depends_on: + - postgres # Ensure Postgres starts first + ports: + - "${API_PORT}:3000" # remove when enabling proxy + labels: + - "traefik.enable=true" + - "traefik.docker.network=frontend" + - "traefik.http.routers.credential-showcase-api-server.entrypoints=websecure" + - "traefik.http.routers.credential-showcase-api-server.rule=${API_PUBLIC_HOSTS}" + - "traefik.http.routers.credential-showcase-api-server.tls.certresolver=acmeresolver" + - "traefik.http.services.credential-showcase-api-server.loadbalancer.server.port=3000" + - "traefik.http.services.credential-showcase-api-server.loadbalancer.server.scheme=http" + + credential-showcase-traction-adapter: + image: ${DOCKER_REGISTRY:-sphereonregistry.azurecr.io}/credential-showcase-traction-adapter:latest + restart: unless-stopped + networks: + - messagebroker_net + environment: + - NODE_PORT=3000 + - RABBITMQ_HOST=rabbitmq + - RABBITMQ_PORT=5672 + - RABBITMQ_USER=${RABBITMQ_USER} + - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} + - RABBITMQ_VHOST=${RABBITMQ_VHOST} + - APP_NAME=${APP_NAME} + - LOG_LEVEL=${LOG_LEVEL} + depends_on: + - rabbitmq # Ensure RabbitMQ starts first + + postgres: + image: postgres:16 + restart: unless-stopped + networks: + - db_net + environment: + - POSTGRES_USER=${DB_USER} + - POSTGRES_PASSWORD=${DB_PASSWORD} + - POSTGRES_DB=${DB_NAME} + volumes: + - postgres_data:/var/lib/postgresql/data + healthcheck: + test: [ "CMD", "pg_isready", "-U", "${DB_USER}" ] + interval: 10s + timeout: 5s + retries: 5 + + rabbitmq: + image: rabbitmq:4-management # Using RabbitMQ 4.x with management plugin + restart: unless-stopped + networks: + - messagebroker_net + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD} + ports: + - "${RABBITMQ_EXPOSED_PORT:-5672}:5672" + - "${RABBITMQ_MGMT_EXPOSED_PORT:-15672}:15672" + + traefik: + image: traefik:latest + profiles: + - traefik + command: > + --providers.docker + --providers.docker.exposedbydefault=false + --entrypoints.web.address=:80 + --entrypoints.web.http.redirections.entryPoint.to=websecure + --entrypoints.web.http.redirections.entryPoint.scheme=https + --entrypoints.web.http.redirections.entrypoint.permanent=true + --entrypoints.websecure.address=:443 + --certificatesresolvers.acmeresolver.acme.httpchallenge=true + --certificatesresolvers.acmeresolver.acme.httpchallenge.entrypoint=web + --certificatesresolvers.acmeresolver.acme.email=dev@sphereon.com + --certificatesresolvers.acmeresolver.acme.storage=/cert/acme.json + --api.dashboard=false + --log.level=INFO + ports: + - "80:80" + - "443:443" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./cert/:/cert/ + restart: unless-stopped + networks: + - frontend + labels: + - "traefik.enable=true" + +volumes: + postgres_data: # Named volume for Postgres data persistence + +networks: + messagebroker_net: + driver: bridge + name: messagebroker_net + internal: true # not exposed when set to true + db_net: + driver: bridge + name: db_net + internal: true # not exposed when set to true + frontend: + driver: bridge + name: frontend_net + internal: false From 4731abacca8c5027f8135d1774ea11d125c66fb3 Mon Sep 17 00:00:00 2001 From: sanderPostma Date: Mon, 24 Feb 2025 11:30:02 +0100 Subject: [PATCH 3/3] chore: comment --- docker/prod/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/prod/docker-compose.yml b/docker/prod/docker-compose.yml index f76eb76..4e3169f 100644 --- a/docker/prod/docker-compose.yml +++ b/docker/prod/docker-compose.yml @@ -79,7 +79,7 @@ services: traefik: image: traefik:latest profiles: - - traefik + - traefik # CONDITIONAL - set COMPOSE_PROFILES=traefik to enable command: > --providers.docker --providers.docker.exposedbydefault=false