265 lines
8.0 KiB
YAML
265 lines
8.0 KiB
YAML
name: ${COMPOSE_PROJECT_NAME:-meldestelle}
|
|
|
|
services:
|
|
# ==========================================
|
|
# CORE INFRASTRUCTURE
|
|
# ==========================================
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
container_name: ${COMPOSE_PROJECT_NAME}-postgres
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${POSTGRES_PORT}"
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
volumes:
|
|
- postgres-data:/var/lib/postgresql/data
|
|
- ./docker/core/postgres:/docker-entrypoint-initdb.d:Z
|
|
healthcheck:
|
|
test: [ "CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}" ]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 10s
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: ${COMPOSE_PROJECT_NAME}-redis
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${REDIS_PORT}"
|
|
volumes:
|
|
- redis-data:/data
|
|
command: redis-server --appendonly yes
|
|
healthcheck:
|
|
test: [ "CMD", "redis-cli" ]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 3
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
# ==========================================
|
|
# SECURITY
|
|
# ==========================================
|
|
keycloak:
|
|
image: quay.io/keycloak/keycloak:26.4
|
|
container_name: ${COMPOSE_PROJECT_NAME}-keycloak
|
|
restart: unless-stopped
|
|
environment:
|
|
KC_HEALTH_ENABLED: true
|
|
KC_METRICS_ENABLED: true
|
|
# Admin Credentials aus .env
|
|
KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_ADMIN_USER}
|
|
KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_ADMIN_PASSWORD}
|
|
# DB Verbindung (Nutzt interne Docker-Namen, daher fest 'postgres')
|
|
KC_DB: postgres
|
|
KC_DB_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB}
|
|
KC_DB_USERNAME: ${POSTGRES_USER}
|
|
KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
|
|
KC_HOSTNAME: ${KC_HOSTNAME}
|
|
ports:
|
|
- "${KC_PORT}"
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
volumes:
|
|
- ./docker/core/keycloak:/opt/keycloak/data/import:Z
|
|
command: start-dev --import-realm
|
|
healthcheck:
|
|
test: [ "CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/9000" ]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 60s
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
# ==========================================
|
|
# MONITORING & TOOLS
|
|
# ==========================================
|
|
pgadmin:
|
|
image: dpage/pgadmin4:8
|
|
container_name: ${COMPOSE_PROJECT_NAME}-pgadmin
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${PGADMIN_PORT:-8888:80}"
|
|
environment:
|
|
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_EMAIL}
|
|
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_PASSWORD}
|
|
volumes:
|
|
- pgadmin-data:/var/lib/pgadmin
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
prometheus:
|
|
image: prom/prometheus:v2.54.1
|
|
container_name: ${COMPOSE_PROJECT_NAME}-prometheus
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${PROMETHEUS_PORT}"
|
|
volumes:
|
|
- prometheus-data:/prometheus
|
|
- ./docker/monitoring/prometheus:/etc/prometheus:Z
|
|
command:
|
|
- --config.file=/etc/prometheus/prometheus.yml
|
|
- --storage.tsdb.retention.time=15d
|
|
healthcheck:
|
|
test: [ "CMD", "wget", "--spider", "-q", "http://localhost:9090/-/healthy" ]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
grafana:
|
|
image: grafana/grafana:11.3.0
|
|
container_name: ${COMPOSE_PROJECT_NAME}-grafana
|
|
restart: unless-stopped
|
|
environment:
|
|
GF_SECURITY_ADMIN_USER: ${GF_ADMIN_USER}
|
|
GF_SECURITY_ADMIN_PASSWORD: ${GF_ADMIN_PASSWORD}
|
|
ports:
|
|
- "${GF_PORT}"
|
|
volumes:
|
|
- grafana-data:/var/lib/grafana
|
|
- ./docker/monitoring/grafana:/etc/grafana/provisioning:Z
|
|
depends_on:
|
|
- prometheus
|
|
healthcheck:
|
|
test: [ "CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/api/health" ]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 30s
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
# ==========================================
|
|
# APPLICATION GATEWAY
|
|
# ==========================================
|
|
|
|
consul:
|
|
image: hashicorp/consul:1.15
|
|
container_name: ${COMPOSE_PROJECT_NAME}-consul
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${CONSUL_PORT}"
|
|
command: agent -server -bind=0.0.0.0 -client=0.0.0.0 -bootstrap-expect=1 -ui
|
|
healthcheck:
|
|
test: [ "CMD", "curl", "-f", "http://localhost:8500/v1/status/leader" ]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
api-gateway:
|
|
build:
|
|
context: .
|
|
dockerfile: dockerfiles/infrastructure/gateway/Dockerfile
|
|
args:
|
|
# Build-Args aus deinen .env Dateien (werden hier statisch benötigt für den Build)
|
|
GRADLE_VERSION: 9.1.0
|
|
JAVA_VERSION: 21
|
|
VERSION: 1.0.0
|
|
BUILD_DATE: "2025-11-21"
|
|
container_name: ${COMPOSE_PROJECT_NAME}-gateway
|
|
restart: no
|
|
ports:
|
|
- "${GATEWAY_PORT}"
|
|
- "${GATEWAY_DEBUG_PORT}" # Für Remote Debugging
|
|
environment:
|
|
SERVER_PORT: ${GATEWAY_SERVER_PORT}
|
|
SPRING_PROFILES_ACTIVE: docker
|
|
DEBUG: "true"
|
|
# --- VERBINDUNGEN ---
|
|
# Keycloak URL (INTERN im Docker Netzwerk!)
|
|
# Beachte: http://container-name:8080 (nicht localhost, nicht 8180)
|
|
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://${COMPOSE_PROJECT_NAME}-keycloak:8080/realms/meldestelle
|
|
SPRING_CLOUD_CONSUL_HOST: consul
|
|
SPRING_CLOUD_CONSUL_PORT: 8500
|
|
# WICHTIG: Das Gateway muss wissen, wie es von anderen Containern erreicht wird (nicht localhost!)
|
|
SPRING_CLOUD_CONSUL_DISCOVERY_HOSTNAME: api-gateway
|
|
# Postgres Verbindung (für Routes/Session, falls nötig)
|
|
SPRING_DATASOURCE_URL: jdbc:postgresql://${COMPOSE_PROJECT_NAME}-postgres:5432/${POSTGRES_DB}
|
|
SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER}
|
|
SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD}
|
|
# Logging
|
|
LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_CLOUD_GATEWAY: DEBUG
|
|
LOGGING_LEVEL_ORG_SPRINGFRAMEWORK_SECURITY: DEBUG
|
|
depends_on:
|
|
consul:
|
|
condition: service_healthy
|
|
postgres:
|
|
condition: service_healthy
|
|
keycloak:
|
|
condition: service_healthy
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
# ==========================================
|
|
# MICROSERVICES
|
|
# ==========================================
|
|
ping-service:
|
|
build:
|
|
context: .
|
|
dockerfile: dockerfiles/services/ping-service/Dockerfile
|
|
args:
|
|
GRADLE_VERSION: 9.1.0
|
|
JAVA_VERSION: 21
|
|
VERSION: 1.0.0
|
|
BUILD_DATE: "2025-11-21"
|
|
container_name: ${COMPOSE_PROJECT_NAME}-ping-service
|
|
restart: no # "${RESTART_POLICY:-unless-stopped}"
|
|
ports:
|
|
- "${PING_SERVICE_PORT}"
|
|
- "${PING_DEBUG_PORT}"
|
|
environment:
|
|
SPRING_PROFILES_ACTIVE: docker
|
|
DEBUG: "true"
|
|
SERVER_PORT: 8082
|
|
|
|
# --- CONSUL ---
|
|
SPRING_CLOUD_CONSUL_HOST: consul
|
|
SPRING_CLOUD_CONSUL_PORT: 8500
|
|
SPRING_CLOUD_CONSUL_DISCOVERY_HOSTNAME: ping-service
|
|
|
|
# --- DATENBANK VERBINDUNG (Das hat gefehlt!) ---
|
|
# Wir nutzen die Container-Namen aus deiner .env Variable
|
|
SPRING_DATASOURCE_URL: jdbc:postgresql://${COMPOSE_PROJECT_NAME}-postgres:5432/${POSTGRES_DB}
|
|
SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER}
|
|
SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD}
|
|
# WICHTIG: Wir wollen nur validieren, nichts erstellen.
|
|
SPRING_JPA_HIBERNATE_DDL_AUTO: validate
|
|
|
|
# --- REDIS (DAS HAT GEFEHLT!) ---
|
|
# Wir nutzen den Service-Namen, genau wie bei Postgres
|
|
SPRING_DATA_REDIS_HOST: ${COMPOSE_PROJECT_NAME}-redis
|
|
SPRING_DATA_REDIS_PORT: 6379
|
|
depends_on:
|
|
consul:
|
|
condition: service_healthy
|
|
postgres:
|
|
condition: service_healthy
|
|
keycloak:
|
|
condition: service_healthy
|
|
networks:
|
|
- meldestelle-network
|
|
|
|
volumes:
|
|
postgres-data:
|
|
pgadmin-data:
|
|
redis-data:
|
|
prometheus-data:
|
|
grafana-data:
|
|
|
|
networks:
|
|
meldestelle-network:
|
|
driver: bridge
|