Skip to content

Commit

Permalink
split out compose.yml by service
Browse files Browse the repository at this point in the history
  • Loading branch information
@timcowlishaw
timcowlishaw committed Nov 25, 2023
1 parent e148b76 commit 6f461ca
Show file tree
Hide file tree
Showing 13 changed files with 214 additions and 202 deletions.
215 changes: 13 additions & 202 deletions compose.yml
View file
Original file line number Diff line number Diff line change
@@ -1,202 +1,13 @@
services:
db:
image: postgres:10
volumes:
- sck-postgres:/var/lib/postgresql/data
#environment:
# NOTE: Postgres 9.5 stopped allowing connections without passwords.
# Enable this if needed.
#- POSTGRES_HOST_AUTH_METHOD=trust

redis:
image: redis:5

auth:
env_file: .env
image: smartcitizen/auth
ports:
- "3001:3000"
restart: always

app:
build:
context: .
# Skip installing development & test gems in production, saves 20s build time.
# If developing with Docker, this line might need to be commented out.
args:
- BUNDLE_WITHOUT=test development
env_file: .env
ports:
- "3000:3000"
depends_on:
# We disable some containers in production
- db
- auth
- redis
- sidekiq
- mqtt-task
- telnet-task
- push
#- mqtt
restart: always
deploy:
resources:
limits:
memory: 2gb
volumes:
- "./:/app"
#command: rails server -p 3000 -b '0.0.0.0'
#command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'"
environment:
# For this to take effect, remove init/timeout, and in Gemfile, fix "rack-timeout" to not require anything.
RACK_TIMEOUT_SERVICE_TIMEOUT: 25
logging:
driver: "json-file"
options:
max-size: "100m"

sidekiq:
build: .
env_file: .env
command: bundle exec sidekiq
restart: always
volumes:
- "./log:/app/log"

mqtt-task:
build: .
env_file: .env
command: bundle exec rake mqtt:sub
restart: always
volumes:
- "./log:/app/log"
logging:
driver: "json-file"
options:
max-size: "100m"

telnet-task:
build: .
env_file: .env
command: bundle exec rake telnet:push
restart: always

mqtt:
# NOTE: This cannot be fully dockerized in production yet because MQTT also needs port 80
# The MQTT server hax iptables rules that 80 -> 1883 and 443 -> 8883
# This was done in the past to allow kits to post mqtt over 80 to prevent firewall issues.
#
#image: emqx/emqx:v2.4.7 # This is currently on mqtt server #2020-05-05
image: emqx/emqx:v3.0.0 # last known working version on docker
ports:
- "1883:1883" # mqtt tcp
#- "8080:8080" # http:management - can clash with Kairos
- "8083:8083" # HTTP and WebSocket
- "8084:8084" # HTTPS and WSS
- "8883:8883" # MQTT SSL listener port
- "18083:18083" # Web dashboard: admin:public
- "18084:18084" # Web dashboard TLS
#- "11883:11883"
environment:
# Enable HTTPS for Dashboard:
EMQX_DASHBOARD__LISTENER__HTTPS__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_DASHBOARD__LISTENER__HTTPS__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_DASHBOARD__LISTENER__HTTPS__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
EMQX_DASHBOARD__LISTENER__HTTPS: 18084
EMQX_DASHBOARD__LISTENER__HTTPS__ACCEPTORS: 2
EMQX_DASHBOARD__LISTENER__HTTPS__MAX_CLIENTS: 512

EMQX_LISTENER__WSS__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_LISTENER__WSS__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_LISTENER__WSS__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"

EMQX_LISTENER__SSL__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_LISTENER__SSL__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_LISTENER__SSL__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
EMQX_LISTENER__SSL__EXTERNAL: 8883
#EMQX_LISTENER__SSL__EXTERNAL__REUSEADDR: "true"
volumes:
# emqx.conf can be overwritten with ENV vars, so next line is not needed. Rather use ENV above
#- "./scripts/emqx-config/emqx.conf:/opt/emqx/etc/emqx.conf"
# However, acl.conf is not supported (yet), see: https://github.com/emqx/emqx-docker/issues/86
#- "./scripts/emqx-config/acl.conf:/opt/emqx/etc/acl.conf"
- "./scripts/certs/:/opt/emqx/etc/certs/"

web:
image: nginx
depends_on:
- app
ports:
- 80:80
- 80:80/udp
#- 443:443
volumes:
- ./scripts/nginx-conf/api.smartcitizen.me.conf:/etc/nginx/conf.d/api.smartcitizen.me.conf
- ./scripts/nginx.conf:/etc/nginx/nginx.conf

# Websockets
push:
image: smartcitizen/push
environment:
- REDIS_URL=redis://redis:6379/4
# TODO: needs SSL on ws.smartcitizen.me
restart: always
ports:
- 8000:8000

# There is no official docker image for Kairos 2017-12-18
# kairos:
# image: kairos
kairos:
env_file: .env
build:
context: ./scripts/
dockerfile: Dockerfile-kairos
deploy:
restart_policy:
condition: on-failure
max_attempts: 3
window: 120s
ports:
- 8080:8080
- 4242:4242 #telnet
# We better not start Cassandra container in production, it eats up memory
#depends_on:
#- cassandra-1

# Check if cassandra cluster is working:
# docker compose exec cassandra-1 nodetool status
cassandra-1:
image: cassandra:3.11.4
ports:
# no need to expose all ports?
- "7000:7000" # Internode, cluster communication
- "7001:7001" # TLS Internode
- "7199:7199" # JMX
- "9042:9042" # CQL native transport
- "9160:9160" # Thrift client API
#volumes:
#- sck-cassandra:/var/lib/cassandra

# cassandra-2:
# image: cassandra:3.11.4
# ports:
# - 9142:9042
# environment:
# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
# depends_on:
# - cassandra-1
# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 60; fi && /docker-entrypoint.sh cassandra -f'
#
# cassandra-3:
# image: cassandra:3.11.4
# ports:
# - 9242:9042
# environment:
# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
# depends_on:
# - cassandra-1
# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 120; fi && /docker-entrypoint.sh cassandra -f'

volumes:
sck-postgres:
include:
- compose/db.yml
- compose/redis.yml
- compose/auth.yml
- compose/app.yml
- compose/sidekiq.yml
- compose/mqtt-task.yml
- compose/telnet-task.yml
- compose/mqtt.yml
- compose/web.yml
- compose/push.yml
- compose/kairos.yml
- compose/cassandra.yml
37 changes: 37 additions & 0 deletions compose/app.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
services:
app:
build:
context: ../.
# Skip installing development & test gems in production, saves 20s build time.
# If developing with Docker, this line might need to be commented out.
args:
- BUNDLE_WITHOUT=test development
env_file: ../.env
ports:
- "3000:3000"
depends_on:
# We disable some containers in production
- db
- auth
- redis
- sidekiq
- mqtt-task
- telnet-task
- push
#- mqtt
restart: always
deploy:
resources:
limits:
memory: 2gb
volumes:
- "../:/app"
#command: rails server -p 3000 -b '0.0.0.0'
#command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'"
environment:
# For this to take effect, remove init/timeout, and in Gemfile, fix "rack-timeout" to not require anything.
RACK_TIMEOUT_SERVICE_TIMEOUT: 25
logging:
driver: "json-file"
options:
max-size: "100m"
7 changes: 7 additions & 0 deletions compose/auth.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
services:
auth:
env_file: ../.env
image: smartcitizen/auth
ports:
- "3001:3000"
restart: always
34 changes: 34 additions & 0 deletions compose/cassandra.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
services:
# Check if cassandra cluster is working:
# docker compose exec cassandra-1 nodetool status
cassandra-1:
image: cassandra:3.11.4
ports:
# no need to expose all ports?
- "7000:7000" # Internode, cluster communication
- "7001:7001" # TLS Internode
- "7199:7199" # JMX
- "9042:9042" # CQL native transport
- "9160:9160" # Thrift client API
#volumes:
#- ../sck-cassandra:/var/lib/cassandra

# cassandra-2:
# image: cassandra:3.11.4
# ports:
# - 9142:9042
# environment:
# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
# depends_on:
# - cassandra-1
# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 60; fi && /docker-entrypoint.sh cassandra -f'
#
# cassandra-3:
# image: cassandra:3.11.4
# ports:
# - 9242:9042
# environment:
# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
# depends_on:
# - cassandra-1
# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 120; fi && /docker-entrypoint.sh cassandra -f'
11 changes: 11 additions & 0 deletions compose/db.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
services:
db:
image: postgres:10
volumes:
- sck-postgres:/var/lib/postgresql/data
#environment:
# NOTE: Postgres 9.5 stopped allowing connections without passwords.
# Enable this if needed.
#- POSTGRES_HOST_AUTH_METHOD=trust
volumes:
sck-postgres:
20 changes: 20 additions & 0 deletions compose/kairos.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
services:
# There is no official docker image for Kairos 2017-12-18
# kairos:
# image: kairos
kairos:
env_file: ../.env
build:
context: ../scripts/
dockerfile: Dockerfile-kairos
deploy:
restart_policy:
condition: on-failure
max_attempts: 3
window: 120s
ports:
- 8080:8080
- 4242:4242 #telnet
# We better not start Cassandra container in production, it eats up memory
#depends_on:
#- cassandra-1
12 changes: 12 additions & 0 deletions compose/mqtt-task.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
services:
mqtt-task:
build: ../
env_file: ../.env
command: bundle exec rake mqtt:sub
restart: always
volumes:
- "../log:/app/log"
logging:
driver: "json-file"
options:
max-size: "100m"
41 changes: 41 additions & 0 deletions compose/mqtt.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
services:
mqtt:
# NOTE: This cannot be fully dockerized in production yet because MQTT also needs port 80
# The MQTT server hax iptables rules that 80 -> 1883 and 443 -> 8883
# This was done in the past to allow kits to post mqtt over 80 to prevent firewall issues.
#
#image: emqx/emqx:v2.4.7 # This is currently on mqtt server #2020-05-05
image: emqx/emqx:v3.0.0 # last known working version on docker
ports:
- "1883:1883" # mqtt tcp
#- "8080:8080" # http:management - can clash with Kairos
- "8083:8083" # HTTP and WebSocket
- "8084:8084" # HTTPS and WSS
- "8883:8883" # MQTT SSL listener port
- "18083:18083" # Web dashboard: admin:public
- "18084:18084" # Web dashboard TLS
#- "11883:11883"
environment:
# Enable HTTPS for Dashboard:
EMQX_DASHBOARD__LISTENER__HTTPS__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_DASHBOARD__LISTENER__HTTPS__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_DASHBOARD__LISTENER__HTTPS__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
EMQX_DASHBOARD__LISTENER__HTTPS: 18084
EMQX_DASHBOARD__LISTENER__HTTPS__ACCEPTORS: 2
EMQX_DASHBOARD__LISTENER__HTTPS__MAX_CLIENTS: 512

EMQX_LISTENER__WSS__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_LISTENER__WSS__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_LISTENER__WSS__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"

EMQX_LISTENER__SSL__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
EMQX_LISTENER__SSL__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
EMQX_LISTENER__SSL__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
EMQX_LISTENER__SSL__EXTERNAL: 8883
#EMQX_LISTENER__SSL__EXTERNAL__REUSEADDR: "true"
volumes:
# emqx.conf can be overwritten with ENV vars, so next line is not needed. Rather use ENV above
#- "./scripts/emqx-config/emqx.conf:/opt/emqx/etc/emqx.conf"
# However, acl.conf is not supported (yet), see: https://github.com/emqx/emqx-docker/issues/86
#- "./scripts/emqx-config/acl.conf:/opt/emqx/etc/acl.conf"
- "../scripts/certs/:/opt/emqx/etc/certs/"
Loading

0 comments on commit 6f461ca

Please sign in to comment.