docker-compose.yml

version: '3.6'
services:
  ca:
    build: 
      context: .
      dockerfile: Dockerfile.ca
      args:
        ARG_CA_NAME: ${CA_NAME}
        ARG_STATE: ${STATE}
        ARG_CITY: ${CITY}
        ARG_ORGANIZATIONAL_UNIT: ${ORGANIZATIONAL_UNIT}
    container_name: ca-setup-hardened
    healthcheck:
      test: bash -c "if [[ -f /tak/certs/files/admin.pem ]]; then exit 0; else exit 1; fi"
      interval: 30s
      timeout: 15s
      retries: 5
      start_period: 30s
    networks:
      - takserver-net-hardened
  db:
    build: 
      context: .
      dockerfile: Dockerfile.hardened-takserver-db
    container_name: tak-database-hardened
    environment:
      - envpass=${DB_PASS}
    ports:
      - 5432:5432
    networks:
      takserver-net-hardened:
        aliases:
          - tak-database
    volumes:
      - tak-db:/var/lib/postgresql/data:z
    depends_on:
        ca:
          condition: service_healthy
  server:
    build: 
      context: .
      dockerfile: Dockerfile.hardened-takserver
    container_name: takserver-hardened
    ports:
      - 8089:8089
      - 8443:8443
      - 8444:8444
      - 8446:8446
    networks:
      - takserver-net-hardened
    depends_on:
      db:
        condition: service_healthy
  # hubdb:
  #   build:
  #     context: .
  #     dockerfile: Dockerfile.fedhub-db
  #   container_name: hubdb
  #   ports:
  #     - 27017:27017
  #   networks:
  #     - takserver-net-hardened
  #   volumes:
  #     - hub-db:/var/lib/postgresql/data:z
  #     - ${HUB_RELEASE}/tak/configs:/opt/tak/federation-hub/configs:z
  #   depends_on:
  #     db:
  #       condition: service_healthy
  # hub:
  #   build:
  #     context: .
  #     dockerfile: Dockerfile.fedhub
  #   container_name: hub
  #   ports:
  #     - 8080:8080
  #   networks:
  #     - takserver-net-hardened
  #   depends_on:
  #     hubdb:
  #       condition: service_healthy

networks:
  takserver-net-hardened:
    name: takserver-net-hardened
    ipam:
      driver: default
      config:
        - subnet: ${DOCKER_SUBNET}

volumes:
  tak-db:
    name: tak-db
    driver: local
  hub-db:
    name: hub-db
    driver: local