-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.stac.yml
80 lines (73 loc) · 2.89 KB
/
docker-compose.stac.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
version: '3'
services:
stac:
container_name: stac-fastapi-pgstac
platform: linux/amd64
build:
context: ./stac-fastapi-pgstac
environment:
- APP_HOST=0.0.0.0
- APP_PORT=8082
- RELOAD=true
- ENVIRONMENT=local
- POSTGRES_USER=username
- POSTGRES_PASS=password
- POSTGRES_DBNAME=postgis
- POSTGRES_HOST_READER=database
- POSTGRES_HOST_WRITER=database
- POSTGRES_PORT=5432
- WEB_CONCURRENCY=10
- VSI_CACHE=TRUE
- GDAL_HTTP_MERGE_CONSECUTIVE_RANGES=YES
- GDAL_DISABLE_READDIR_ON_OPEN=EMPTY_DIR
- DB_MIN_CONN_SIZE=1
- DB_MAX_CONN_SIZE=1
- USE_API_HYDRATE=${USE_API_HYDRATE:-false}
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.compresstraefik.compress=true"
- "traefik.http.routers.public_collections.rule=Host(`${APP_HOST}`) && Path(`/api`) || Path(`/api.html`) || Path(`/`) || Path(`/conformance`) || Path(`/collections`) || Path(`/search`) || Path(`/queryables`) || Path(`/_mgmt/ping`)"
- "traefik.http.routers.public_collections.priority=1"
- 'traefik.http.routers.public_collections.tls=true'
- "traefik.http.routers.public_collections.tls.certresolver=letsencrypt"
- "traefik.http.routers.public_collections.entrypoints=websecure"
- "traefik.http.routers.public_collections.service=public_stac"
- "traefik.http.services.public_stac.loadbalancer.server.port=8082"
- "traefik.http.routers.authenticated_collections.rule=Host(`${APP_HOST}`) && (Path(`/collections`) && Method(`POST`) || Method(`PUT`) || Method(`DELETE`))"
- "traefik.http.routers.authenticated_collections.priority=10000"
- 'traefik.http.routers.authenticated_collections.tls=true'
- "traefik.http.routers.authenticated_collections.tls.certresolver=letsencrypt"
- "traefik.http.routers.authenticated_collections.entrypoints=websecure"
- "traefik.http.routers.authenticated_collections.service=authenticated_stac"
- "traefik.http.services.authenticated_stac.loadbalancer.server.port=8082"
- "traefik.http.services.authenticated_stac.loadbalancer.passhostheader=true"
- "traefik.http.routers.authenticated_collections.middlewares=keycloakAuth@file"
volumes:
- ./stac-fastapi-pgstac:/app
depends_on:
- database
networks:
- stac-network
command: bash -c "./scripts/wait-for-it.sh database:5432 && python -m stac_fastapi.pgstac.app"
database:
container_name: stac-db
image: ghcr.io/stac-utils/pgstac:v0.7.10
environment:
- POSTGRES_USER=username
- POSTGRES_PASSWORD=password
- POSTGRES_DB=postgis
- PGUSER=username
- PGPASSWORD=password
- PGDATABASE=postgis
volumes:
- ./pg-data:/var/lib/postgresql
labels:
- "traefik.enable=false"
networks:
- stac-network
ports:
- "5439:5432"
command: postgres -N 500
networks:
stac-network:
driver: bridge