mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0ebcfaa3b7
meldestelle/dc-infra.yaml
Stefan Mogeritsch 0ebcfaa3b7 build: optimize Postgres container configuration for performance and stability 
Updated `dc-infra.yaml` to enable automatic restart (`unless-stopped`), introduce dynamic memory allocations via environment variables, and adjust healthcheck intervals for reduced load. Enhanced `postgresql.conf` with performance tuning comments, schema search path inclusion for Keycloak and app users, and SSL adjustments for internal communication.
2026-02-12 20:35:25 +01:00

170 lines
5.3 KiB
YAML
Raw Blame History

name: "${PROJECT_NAME:-meldestelle}"
services:
# ==========================================
# 1. INFRASTRUCTURE (Stateful & Core)
# ==========================================
# --- DATABASE: PostgreSQL ---
postgres:
image: "${POSTGRES_IMAGE:-postgres:16-alpine}"
container_name: "${PROJECT_NAME:-meldestelle}-postgres"
# OPTIMIERUNG: Automatischer Neustart bei System-Reboot
restart: unless-stopped
ports:
- "${POSTGRES_PORT:-5432:5432}"
environment:
POSTGRES_USER: "${POSTGRES_USER:-pg-user}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:-pg-password}"
POSTGRES_DB: "${POSTGRES_DB:-pg-meldestelle-db}"
volumes:
- "postgres-data:/var/lib/postgresql/data"
- "./config/docker/postgres:/docker-entrypoint-initdb.d:Z"
- "./config/docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:Z"
profiles: [ "infra", "all" ]
# OPTIMIERUNG: Dynamische Speicherzuweisung via .env Overrides
command:
- "postgres"
- "-c"
- "config_file=/etc/postgresql/postgresql.conf"
- "-c"
- "shared_buffers=${POSTGRES_SHARED_BUFFERS:-256MB}"
- "-c"
- "effective_cache_size=${POSTGRES_EFFECTIVE_CACHE_SIZE:-768MB}"
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}" ]
# OPTIMIERUNG: Höheres Intervall (10s), um Zora im Normalbetrieb zu entlasten
interval: "10s"
timeout: "5s"
retries: "5"
start_period: "5s"
networks:
meldestelle-network:
aliases:
- "postgres"
# --- CACHE: Valkey (formerly Redis) ---
redis:
# Valkey 9.0 (User Request)
image: "${VALKEY_IMAGE:-valkey/valkey:9.0}"
container_name: "${PROJECT_NAME:-meldestelle}-redis"
restart: no
ports:
- "${REDIS_PORT:-6379:6379}"
volumes:
- "redis-data:/data"
# Wir nutzen weiterhin die redis.conf, da Valkey kompatibel ist
- "./config/docker/redis/redis.conf:/etc/valkey/valkey.conf:Z"
profiles: [ "infra", "all" ]
# Anpassung der Binaries auf valkey-server und valkey-cli
command: [ "sh", "-lc", "exec valkey-server /etc/valkey/valkey.conf --protected-mode no ${REDIS_PASSWORD:+--requirepass $REDIS_PASSWORD}" ]
healthcheck:
test: [ "CMD-SHELL", "[ -z \"$REDIS_PASSWORD\" ] && valkey-cli ping | grep PONG || valkey-cli -a \"$REDIS_PASSWORD\" ping | grep PONG" ]
interval: "5s"
timeout: "5s"
retries: "3"
networks:
meldestelle-network:
aliases:
- "redis"
- "valkey"
# --- SERVICE DISCOVERY: Consul ---
consul:
image: "${CONSUL_IMAGE:-hashicorp/consul:1.22.1}"
container_name: "${PROJECT_NAME:-meldestelle}-consul"
restart: no
ports:
- "${CONSUL_PORT:-8500:8500}"
- "${CONSUL_UDP_PORT:-8600:8600/udp}"
command: "agent -server -bootstrap-expect=1 -ui -client=0.0.0.0"
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8500/v1/status/leader" ]
interval: "30s"
timeout: "10s"
retries: "3"
networks:
meldestelle-network:
aliases:
- "consul"
profiles: [ "infra", "all" ]
# --- TRACING: Zipkin ---
zipkin:
image: "${ZIPKIN_IMAGE:-openzipkin/zipkin:3}"
container_name: "${PROJECT_NAME:-meldestelle}-zipkin"
restart: no
ports:
- "${ZIPKIN_PORT:-9411:9411}"
profiles: [ "infra", "all" ]
networks:
meldestelle-network:
aliases:
- "zipkin"
# --- EMAIL TESTING: Mailpit ---
mailpit:
image: "axllent/mailpit"
container_name: "${PROJECT_NAME:-meldestelle}-mailpit"
restart: no
ports:
- "8025:8025" # Web UI
- "1025:1025" # SMTP Port
environment:
MP_MAX_MESSAGES: 5000
MP_DATABASE: /data/mailpit.db
MP_SMTP_AUTH_ACCEPT_ANY: 1
MP_SMTP_AUTH_ALLOW_INSECURE: 1
volumes:
- "mailpit-data:/data"
profiles: [ "infra", "all" ]
networks:
meldestelle-network:
aliases:
- "mailpit"
# --- IAM: Keycloak (DEBUG MODE) ---
keycloak:
image: "quay.io/keycloak/keycloak:26.4"
container_name: "${PROJECT_NAME:-meldestelle}-keycloak"
restart: no
environment:
KC_BOOTSTRAP_ADMIN_USERNAME: "${KC_ADMIN_USERNAME:-kc-admin}"
KC_BOOTSTRAP_ADMIN_PASSWORD: "${KC_ADMIN_PASSWORD:-kc-password}"
KC_DB: "${KC_DB:-postgres}"
KC_DB_SCHEMA: "${KC_DB_SCHEMA:-keycloak}"
KC_DB_URL: "${POSTGRES_DB_URL:-jdbc:postgresql://postgres:5432/pg-meldestelle-db}"
KC_DB_USERNAME: "${POSTGRES_USER:-pg-user}"
KC_DB_PASSWORD: "${POSTGRES_PASSWORD:-pg-password}"
KC_HOSTNAME: "${KC_HOSTNAME:-localhost}"
KC_HTTP_ENABLED: "true"
KC_PROXY_HEADERS: "xforwarded"
KC_HEALTH_ENABLED: "true"
KC_METRICS_ENABLED: "true"
KC_LOG_LEVEL: "INFO"
ports:
- "${KC_PORT:-8180:8080}"
- "${KC_DEBUG_PORT:-9000:9000}"
depends_on:
postgres:
condition: "service_healthy"
volumes:
# Mount für den Import
- "./config/docker/keycloak:/opt/keycloak/data/import:Z"
# Import beim Start aktivieren
command: "start-dev --import-realm"
networks:
meldestelle-network:
aliases:
- "keycloak"
profiles: [ "infra", "all" ]
volumes:
postgres-data:
redis-data:
mailpit-data:
networks:
meldestelle-network:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink