114 lines
3.4 KiB
YAML
114 lines
3.4 KiB
YAML
services:
|
|
lacpass-backend:
|
|
build:
|
|
context: ..
|
|
dockerfile: ./docker/Dockerfile
|
|
container_name: lacpass-backend
|
|
image: ips-backend
|
|
networks:
|
|
- backend
|
|
env_file:
|
|
- ../.env
|
|
environment:
|
|
API_PORT: ${API_PORT:-3000}
|
|
AUTH_INTERNAL_URL: ${AUTH_INTERNAL_URL:-http://auth:8080}
|
|
AUTH_HOSTNAME: ${KEYCLOAK_HOSTNAME:-http://localhost:9083}
|
|
AUTH_REALM: ${KEYCLOAK_REALM:-lacpass}
|
|
AUTH_CLIENT_ID: ${AUTH_CLIENT_ID:-admin-cli}
|
|
# Need to set this after creating a client for Keycloak Admin API access, using service account
|
|
AUTH_CLIENT_SECRET: ${KEYCLOAK_ADMIN_CLIENT_SECRET:-bbU4vnqhqe2AJ32XpdQVRVqfRMA82Hnu}
|
|
AUTH_EMAIL_REDIRECT_URI: ${AUTH_EMAIL_REDIRECT_URI:-ph4happ://open/validated-email}
|
|
AUTH_EMAIL_CLIENT_ID: ${AUTH_EMAIL_CLIENT_ID:-app}
|
|
FHIR_BASE_URL: ${FHIR_BASE_URL:-http://lacpass.create.cl:8080}
|
|
VHL_BASE_URL: ${VHL_BASE_URL:-http://lacpass.create.cl:8182}
|
|
FHIR_MEDIATOR_BASE_URL: ${FHIR_MEDIATOR_BASE_URL:-http://lacpass.create.cl:3000}
|
|
API_SWAGGER: ${API_SWAGGER:-true}
|
|
WALLET_ENABLED: ${WALLET_ENABLED:-0}
|
|
WALLET_URL: ${WALLET_URL:-https://conectathon-balancer.izer.tech/}
|
|
WALLET_IDENTIFIER: ${WALLET_IDENTIFIER:-test}
|
|
WALLET_API_KEY: ${WALLET_API_KEY:-}
|
|
ICVP_VALIDATOR_URL: ${ICVP_VALIDATOR_URL:-http://lacpass.create.cl:7089}
|
|
ports:
|
|
- "9081:3000"
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
depends_on:
|
|
auth:
|
|
condition: service_healthy
|
|
|
|
auth:
|
|
image: bitnami/keycloak:26.2.5
|
|
container_name: auth
|
|
env_file:
|
|
- ../.env
|
|
volumes:
|
|
- ../config/keycloak:/opt/bitnami/keycloak/data/import
|
|
environment:
|
|
KEYCLOAK_HOSTNAME: ${KEYCLOAK_HOSTNAME:-http://localhost:9083}
|
|
KC_HTTP_PORT: 8080
|
|
KC_CACHE: local
|
|
KEYCLOAK_ADMIN_USER: ${KC_BOOTSTRAP_ADMIN_USERNAME:-admin}
|
|
KEYCLOAK_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD:-admin}
|
|
KEYCLOAK_DATABASE_HOST: auth-db
|
|
KEYCLOAK_DATABASE_PORT: 5432
|
|
KEYCLOAK_DATABASE_NAME: ${POSTGRES_DB:-keycloak}
|
|
KEYCLOAK_DATABASE_USER: ${POSTGRES_USER:-keycloak}
|
|
KEYCLOAK_DATABASE_PASSWORD: ${POSTGRES_PASS:-p@ssw0rd}
|
|
KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: true
|
|
KEYCLOAK_EXTRA_ARGS: --import-realm
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8080/"]
|
|
interval: 15s
|
|
timeout: 5s
|
|
retries: 5
|
|
ports:
|
|
- "9083:8080"
|
|
networks:
|
|
- backend
|
|
- auth
|
|
depends_on:
|
|
auth-db:
|
|
condition: service_healthy
|
|
|
|
auth-db:
|
|
image: postgres:17.5-alpine
|
|
container_name: auth-db
|
|
volumes:
|
|
- auth-data:/var/lib/postgresql/data
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB:-keycloak}
|
|
POSTGRES_USER: ${POSTGRES_USER:-keycloak}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASS:-p@ssw0rd}
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD-SHELL",
|
|
"pg_isready -U ${POSTGRES_USER:-keycloak} -d ${POSTGRES_DB:-keycloak} -h localhost",
|
|
]
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 5
|
|
networks:
|
|
- auth
|
|
|
|
mailcatcher:
|
|
image: haravich/fake-smtp-server:20250615
|
|
container_name: mailcatcher
|
|
platform: "linux/amd64"
|
|
ports:
|
|
- "25:1025"
|
|
- "9082:1080"
|
|
networks:
|
|
- auth
|
|
|
|
volumes:
|
|
auth-data:
|
|
|
|
networks:
|
|
auth:
|
|
backend:
|