-
Notifications
You must be signed in to change notification settings - Fork 43
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
122 lines (115 loc) · 3.89 KB
/
docker-compose.yml
File metadata and controls
122 lines (115 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
version: "3.7"
services:
pg:
image: postgres:15
environment:
- POSTGRES_DB=frontier
- POSTGRES_USER=frontier
- POSTGRES_HOST_AUTH_METHOD=trust
volumes:
- ./temp/pgdata:/var/lib/postgresql/data
ports:
- "5432:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U frontier"]
interval: 10s
timeout: 10s
retries: 3
pg2:
image: postgres:15
environment:
- POSTGRES_DB=frontier_spicedb
- POSTGRES_USER=frontier_spicedb
- POSTGRES_HOST_AUTH_METHOD=trust
volumes:
- ./temp/pgdata2:/var/lib/postgresql/data
ports:
- "5431:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U frontier_spicedb"]
interval: 10s
timeout: 10s
retries: 3
frontier-migrate:
build:
context: .
dockerfile: Dockerfile.dev
command: ["server", "migrate"]
restart: on-failure
depends_on:
pg:
condition: service_healthy
environment:
- FRONTIER_DB_DRIVER=postgres
- FRONTIER_DB_URL=postgres://frontier:@pg:5432/frontier?sslmode=disable
- FRONTIER_SPICEDB_PORT=50051
- FRONTIER_SPICEDB_HOST=spicedb
- FRONTIER_SPICEDB_PRE_SHARED_KEY=frontier
frontier:
build:
context: .
dockerfile: Dockerfile.dev
ports:
- "8002:8002" # connect endpoint
- "8083:8083" # ui
- "9000:9000" # metrics
command: ["server", "start"]
restart: on-failure
depends_on:
pg:
condition: service_healthy
frontier-migrate:
condition: service_completed_successfully
spicedb:
condition: service_healthy
environment:
- FRONTIER_DB_DRIVER=postgres
- FRONTIER_DB_URL=postgres://frontier:@pg:5432/frontier?sslmode=disable
- FRONTIER_SPICEDB_PORT=50051
- FRONTIER_SPICEDB_HOST=spicedb
- FRONTIER_SPICEDB_PRE_SHARED_KEY=frontier
- FRONTIER_APP_RESOURCES_CONFIG_PATH=file:///opt
- FRONTIER_UI_PORT=8083
- FRONTIER_AUTHENTICATION_SESSION_HEADERS_CLIENT_IP=x-forwarded-for
- FRONTIER_AUTHENTICATION_SESSION_HEADERS_CLIENT_COUNTRY=x-frontier-country
- FRONTIER_AUTHENTICATION_SESSION_HEADERS_CLIENT_CITY=x-frontier-city
- FRONTIER_AUTHENTICATION_SESSION_HEADERS_CLIENT_USER_AGENT=User-Agent
# - FRONTIER_APP_MAILER_SMTP_HOST=sandbox.smtp.mailtrap.io
# - FRONTIER_APP_MAILER_SMTP_PORT=2525
# - FRONTIER_APP_MAILER_SMTP_USERNAME=
# - FRONTIER_APP_MAILER_SMTP_PASSWORD=
# - FRONTIER_APP_MAILER_SMTP_INSECURE=false
# - FRONTIER_APP_MAILER_SMTP_TLS_POLICY=mandatory # possible values are "mandatory", "opportunistic", or "none"
# - FRONTIER_APP_ADMIN_USERS=sample@example.com
spicedb-migration:
image: quay.io/authzed/spicedb:v1.34.0
command: migrate head --datastore-engine postgres --datastore-conn-uri postgres://frontier_spicedb:@pg2:5432/frontier_spicedb?sslmode=disable
restart: on-failure
depends_on:
pg2:
condition: service_healthy
spicedb-repair:
image: quay.io/authzed/spicedb:v1.34.0
command: datastore repair transaction-ids --datastore-engine postgres --datastore-conn-uri postgres://frontier_spicedb:@pg2:5432/frontier_spicedb?sslmode=disable
restart: on-failure
depends_on:
spicedb-migration:
condition: service_completed_successfully
spicedb:
image: quay.io/authzed/spicedb:v1.34.0
ports:
- "7443:8443"
- "50051:50051"
command: serve --grpc-preshared-key "frontier" --datastore-engine postgres
--datastore-conn-uri postgres://frontier_spicedb:@pg2:5432/frontier_spicedb?sslmode=disable --http-enabled=true
restart: on-failure
healthcheck:
test: ["CMD", "/usr/local/bin/grpc_health_probe", "-addr=:50051"]
interval: 10s
timeout: 10s
retries: 3
depends_on:
pg2:
condition: service_healthy
spicedb-repair:
condition: service_completed_successfully