From 7c9f0cf702ac548e55eb18fafe6a458c6a22e1f7 Mon Sep 17 00:00:00 2001 From: Emilien Devos <121870973+edevosc2c@users.noreply.github.com> Date: Fri, 27 Sep 2024 12:40:24 +0200 Subject: [PATCH] bring back SP + disable all not needed services --- docker-compose.override.yml | 3 +- docker-compose.yml | 77 +++++++++++++++++++++++++------------ 2 files changed, 54 insertions(+), 26 deletions(-) diff --git a/docker-compose.override.yml b/docker-compose.override.yml index 3d9ca20..e54d21d 100644 --- a/docker-compose.override.yml +++ b/docker-compose.override.yml @@ -56,6 +56,7 @@ services: - "traefik.http.routers.static.rule=Host(`georchestra-127-0-1-1.traefik.me`)" - "traefik.http.routers.static.priority=1" + # modify from gateway to proxy if security-proxy is enabled gateway: labels: - "traefik.enable=true" @@ -115,7 +116,7 @@ services: - "traefik.http.middlewares.add-trailing-slash.redirectregex.replacement=https://$${1}/$${2}/$${3}" - "traefik.http.middlewares.add-trailing-slash.redirectregex.permanent=false" -# uncomment for oauth 2.0 +# uncomment for oauth 2.0 and security-proxy # cas: # labels: # - "traefik.enable=true" diff --git a/docker-compose.yml b/docker-compose.yml index b613d22..34289bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -82,6 +82,7 @@ services: gateway: image: georchestra/gateway:latest + scale: 1 # set to 0 if using security-proxy depends_on: - database volumes: @@ -94,28 +95,28 @@ services: - .envs-hosts - .envs-database-georchestra -# uncomment for oauth 2.0 -# cas: -# image: georchestra/cas:latest -# healthcheck: -# test: [ "CMD-SHELL", "curl -s -f http://localhost:8080/cas/login >/dev/null || exit 1" ] -# interval: 30s -# timeout: 10s -# retries: 10 -# depends_on: -# ldap: -# condition: service_healthy -# volumes: -# - georchestra_datadir:/etc/georchestra -# environment: -# - JAVA_OPTIONS=-Dorg.eclipse.jetty.annotations.AnnotationParser.LEVEL=OFF -# - XMS=256M -# - XMX=1G -# env_file: -# - .envs-common -# - .envs-ldap -# - .envs-database-georchestra -# restart: always + cas: + image: georchestra/cas:latest + scale: 0 # set to 1 if need for oauth 2.0 and security-proxy + healthcheck: + test: [ "CMD-SHELL", "curl -s -f http://localhost:8080/cas/login >/dev/null || exit 1" ] + interval: 30s + timeout: 10s + retries: 10 + depends_on: + ldap: + condition: service_healthy + volumes: + - georchestra_datadir:/etc/georchestra + environment: + - JAVA_OPTIONS=-Dorg.eclipse.jetty.annotations.AnnotationParser.LEVEL=OFF + - XMS=256M + - XMX=1G + env_file: + - .envs-common + - .envs-ldap + - .envs-database-georchestra + restart: always header: image: georchestra/header:latest @@ -241,6 +242,7 @@ services: analytics: image: georchestra/analytics:latest + scale: 0 # set to 1 if security proxy is activated healthcheck: test: ["CMD-SHELL", "curl -s -f http://localhost:8080/analytics/ >/dev/null || exit 1"] interval: 30s @@ -398,8 +400,9 @@ services: rabbitmq: image: docker.io/bitnami/rabbitmq:3.12 + scale: 0 # set to 1 if need rabbitmq healthcheck: - test: rabbitmq-diagnostics -q ping && rabbitmq-diagnostics -q check_local_alarms + test: rabbitmq-diagnostics -q ping interval: 60s timeout: 30s retries: 3 @@ -410,5 +413,29 @@ services: volumes: - 'rabbitmq_data:/bitnami/rabbitmq/mnesia' restart: always - - + + proxy: + image: georchestra/security-proxy:latest + scale: 0 #set to 1 if need security-proxy but set 0 gateway service + healthcheck: + test: ["CMD-SHELL", "curl -s -f http://localhost:8080/_static/bootstrap_3.0.0/css/bootstrap-theme.min.css >/dev/null || exit 1"] + interval: 30s + timeout: 10s + retries: 10 + depends_on: + ldap: + condition: service_healthy + database: + condition: service_healthy + volumes: + - georchestra_datadir:/etc/georchestra + environment: + - JAVA_OPTIONS=-Dorg.eclipse.jetty.annotations.AnnotationParser.LEVEL=OFF + - XMS=256M + - XMX=1G + env_file: + - .envs-common + - .envs-ldap + - .envs-hosts + - .envs-database-georchestra + restart: always