-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.production.yml
135 lines (124 loc) · 5.58 KB
/
docker-compose.production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
version: "3.3"
networks:
vault-net:
external:
#§ 'name: ' + data.config.vault.docker.network
name: vault-net
proxy-tier:
external:
name: caddy-proxy
default:
driver: bridge
services:
#§ data.config.hub.docker.services.nginx.name + ':'
nginx:
expose:
- 80
environment:
WISE_ENVIRONMENT_TYPE: production
#§ 'WISE_SQL_ENDPOINT_URL: ' + data.config.sql.url.production
WISE_SQL_ENDPOINT_URL: https://sql.wise.vote/
#§ 'STEEMD_ENDPOINT_URL: ' + data.config.steem.defaultApiUrl
STEEMD_ENDPOINT_URL: https://anyx.io
#§ 'STEEMCONNECT_REDIRECT_URI: "' + data.config.hub.url.production + data.config.hub.urls.api.auth.callback.substring(1) + '"'
STEEMCONNECT_REDIRECT_URI: "https://wise.vote/api/auth/callback"
#§ "VIRTUAL_HOST: \"" + url(data.config.hub.url.production).hostname + "\""
VIRTUAL_HOST: "wise.vote"
VIRTUAL_NETWORK: "caddy-proxy"
VIRTUAL_PORT: 80
#§ 'CADDY_TLS: ' + ( url(data.config.hub.url.production).protocol === "https:" ? '"yes"' : '"no"')
CADDY_TLS: "yes"
CADDY_TIMEOUTS: "read 5m, write 2m"
networks:
- default
- proxy-tier
restart: always
#§ data.config.hub.docker.services.redis.name + ':'
redis:
#§ d(data.config.hub.docker.services.api.name) + ':'
api:
secrets:
#§ '- ' + data.config.hub.docker.services.api.secrets.appRoleId
- hub-api-approle-id
#§ '- ' + data.config.hub.docker.services.api.secrets.appRoleSecret
- hub-api-approle-secret
environment:
NODE_TLS_REJECT_UNAUTHORIZED: "0"
#§ 'VAULT_APPROLE_NAME: ' + data.config.hub.docker.services.api.appRole.role
VAULT_APPROLE_NAME: wise-hub-api
#§ 'VAULT_APPROLE_ID_FILE: /run/secrets/' + data.config.hub.docker.services.api.secrets.appRoleId
VAULT_APPROLE_ID_FILE: /run/secrets/hub-api-approle-id
#§ 'VAULT_APPROLE_SECRET_FILE: /run/secrets/' + data.config.hub.docker.services.api.secrets.appRoleSecret
VAULT_APPROLE_SECRET_FILE: /run/secrets/hub-api-approle-secret
WISE_LOG_LEVEL: debug
#§ 'WISE_VAULT_URL: "https://' + data.config.vault.docker.services.vault.container + ':8200"'
WISE_VAULT_URL: "https://wise-vault:8200"
# refer this guide for session options: https://github.com/expressjs/session
SESSION_OPTIONS: '{ "cookie": { "secure": false }, "resave": false, "saveUninitialized": false }'
#§ 'STEEMCONNECT_CALLBACK_URL: "' + data.config.hub.url.production + data.config.hub.urls.api.auth.callback.substring(1) + '"'
STEEMCONNECT_CALLBACK_URL: "https://wise.vote/api/auth/callback"
LOGIN_REDIRECT_URL: "/"
networks:
- default
#§ '- ' + data.config.vault.docker.network
- vault-net
restart: always
#§ d(data.config.hub.docker.services.daemon.name) + ':'
daemon:
environment:
START_FROM_BLOCK: HEAD
RULESETS_LOADING_STRATEGY: "wisesql-preload"
#§ "STEEM_API_URL: \"" + data.config.steem.apis.filter(api => api.get_block === true).map(api => api.url).join(",") + "\""
STEEM_API_URL: "https://api.steemit.com,https://anyx.io"
#§ 'WISE_SQL_ENDPOINT_URL: ' + data.config.sql.url.production
WISE_SQL_ENDPOINT_URL: https://sql.wise.vote/
WISE_LOG_LEVEL: debug
networks:
- default
restart: always
#§ d(data.config.hub.docker.services.publisher.name) + ':'
publisher:
secrets:
#§ '- ' + data.config.hub.docker.services.publisher.secrets.appRoleId
- hub-publisher-approle-id
#§ '- ' + data.config.hub.docker.services.publisher.secrets.appRoleSecret
- hub-publisher-approle-secret
environment:
NODE_TLS_REJECT_UNAUTHORIZED: "0"
#§ 'VAULT_APPROLE_NAME: ' + data.config.hub.docker.services.publisher.appRole.role
VAULT_APPROLE_NAME: wise-hub-publisher
#§ 'VAULT_APPROLE_ID_FILE: /run/secrets/' + data.config.hub.docker.services.publisher.secrets.appRoleId
VAULT_APPROLE_ID_FILE: /run/secrets/hub-publisher-approle-id
#§ 'VAULT_APPROLE_SECRET_FILE: /run/secrets/' + data.config.hub.docker.services.publisher.secrets.appRoleSecret
VAULT_APPROLE_SECRET_FILE: /run/secrets/hub-publisher-approle-secret
WISE_LOG_LEVEL: debug
#§ 'WISE_VAULT_URL: "https://' + data.config.vault.docker.services.vault.container + ':8200"'
WISE_VAULT_URL: "https://wise-vault:8200"
networks:
- default
#§ '- ' + data.config.vault.docker.network
- vault-net
restart: always
#§ d(data.config.hub.docker.services.realtime.name) + ':'
realtime:
restart: always
secrets:
#§ data.config.hub.docker.services.api.secrets.appRoleId + ':'
hub-api-approle-id:
#§ 'file: /run/wise/secrets/' + data.config.hub.docker.services.api.secrets.appRoleId
file: /run/wise/secrets/hub-api-approle-id
#§ data.config.hub.docker.services.api.secrets.appRoleSecret + ':'
hub-api-approle-secret:
#§ 'file: /run/wise/secrets/' + data.config.hub.docker.services.api.secrets.appRoleSecret
file: /run/wise/secrets/hub-api-approle-secret
#§ data.config.hub.docker.services.publisher.secrets.appRoleId + ':'
hub-publisher-approle-id:
#§ 'file: /run/wise/secrets/' + data.config.hub.docker.services.publisher.secrets.appRoleId
file: /run/wise/secrets/hub-publisher-approle-id
#§ data.config.hub.docker.services.publisher.secrets.appRoleSecret + ':'
hub-publisher-approle-secret:
#§ 'file: /run/wise/secrets/' + data.config.hub.docker.services.publisher.secrets.appRoleSecret
file: /run/wise/secrets/hub-publisher-approle-secret
volumes:
#§ data.config.hub.docker.services.redis.volume + ':'
wise_hub_redis: