From bee4dad239a6e4e98fac2d28d6b5ce9d264a61f7 Mon Sep 17 00:00:00 2001 From: sniedzielski <52816247+sniedzielski@users.noreply.github.com> Date: Mon, 2 Oct 2023 14:35:54 +0200 Subject: [PATCH 1/5] CM-269: added to openSearch config fixed stable version of compoments (#50) --- docker-compose.openSearch.yml | 2 +- opensearch-configuration/Dockerfile-openSearch-dev- | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.openSearch.yml b/docker-compose.openSearch.yml index 575f390..cbe9ad4 100644 --- a/docker-compose.openSearch.yml +++ b/docker-compose.openSearch.yml @@ -17,7 +17,7 @@ services: openimis-net: opensearch-dashboards: - image: opensearchproject/opensearch-dashboards:latest + image: opensearchproject/opensearch-dashboards:2.9.0 container_name: opensearch-dashboards ports: - "5601:5601" diff --git a/opensearch-configuration/Dockerfile-openSearch-dev- b/opensearch-configuration/Dockerfile-openSearch-dev- index a45e4ef..4256877 100644 --- a/opensearch-configuration/Dockerfile-openSearch-dev- +++ b/opensearch-configuration/Dockerfile-openSearch-dev- @@ -1,4 +1,4 @@ -FROM opensearchproject/opensearch:latest +FROM opensearchproject/opensearch:2.10.0 # Set the ownership of the data directory RUN chown -R 1000:1000 /usr/share/opensearch/data From da8715432bb4de283292385cf7cd8f2fded6d8db Mon Sep 17 00:00:00 2001 From: Jan Date: Thu, 12 Oct 2023 11:21:16 +0200 Subject: [PATCH 2/5] add-sonar-ci: add sonar files (#52) * add-sonar-ci: add sonar files * add-sonar-ci: update sonar properties --------- Co-authored-by: Jan --- .github/workflows/ci.yaml | 23 +++++++++++++++++++++++ sonar-project.properties | 6 ++++++ 2 files changed, 29 insertions(+) create mode 100644 .github/workflows/ci.yaml create mode 100644 sonar-project.properties diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..da93b2d --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,23 @@ +name: Sonar CI pipeline +on: + push: + branches: + - main + - 'release/**' + - develop + - 'feature/**' + pull_request: + types: [opened, synchronize, reopened] +jobs: + sonarcloud: + name: SonarCloud + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..b695e1d --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,6 @@ +sonar.projectKey=openimis_openimis-dist_dkr +sonar.organization=openimis-1 +sonar.projectName=openimis-openimis-dist_dkr + +sonar.sources=./ +sonar.sourceEncoding=UTF-8 From baf193b1ee1724287581bff1c4a143d3dd5a831f Mon Sep 17 00:00:00 2001 From: Patrick Delcroix Date: Tue, 27 Feb 2024 10:55:41 +0100 Subject: [PATCH 3/5] 23.10 * coreMIS deploy script * default 23.10 --- .env.example | 10 +-- .env.lightning.example | 159 +++++++++++++++++++++++++++++++--- deploy_coremis.sh | 17 ++++ docker-compose.coremis.yml | 16 ++++ docker-compose.lightning.yml | 44 ++++------ docker-compose.openSearch.yml | 9 +- docker-compose.yml | 83 +++++++----------- 7 files changed, 232 insertions(+), 106 deletions(-) create mode 100644 deploy_coremis.sh create mode 100644 docker-compose.coremis.yml diff --git a/.env.example b/.env.example index c15f2bb..82faab8 100644 --- a/.env.example +++ b/.env.example @@ -32,15 +32,11 @@ SITE_ROOT=api # github branches to use # Database, you can use develop branch too -DB_TAG=23.04 +DB_TAG=23.10 # BE assembly image tag -BE_TAG=23.04 +BE_TAG=23.10 #FE assembly, image tag -FE_TAG=23.04 -# REST API, image tag -RESTAPI_TAG=23.04 -# rest API flavours -RESTAPI_BUILD_FLAVOR=Release +FE_TAG=23.10 #one-liner json config for the FE (to override the openimis.json from the FE assembly) #OPENIMIS_FE_CONF_JSON= diff --git a/.env.lightning.example b/.env.lightning.example index 91eaf14..c5e5ab9 100644 --- a/.env.lightning.example +++ b/.env.lightning.example @@ -1,49 +1,180 @@ -# Example .env copied from Lightning repository, full description of variables can be found in -# https://github.com/OpenFn/Lightning +# Default values are optimized for production to avoid having to configure +# much in production. +# +# However it should be easy to get going in development too. If you see an +# uncommented option that means it's either mandatory to set or it's being +# overwritten in development to make your life easier. + +# Set this up to handle Github App configuration +# GITHUB_APP_ID=12345 +# GITHUB_CERT=Base64-encoded-private-key + +# Choose an admin email address and configure a mailer. If you don't specify +# mailer details the local test adaptor will be used and mail previews can be +# viewed at localhost:4000/dev/mailbox +EMAIL_ADMIN='admin@openfn.org' +# MAILGUN_API_KEY='some-key' +# MAILGUN_DOMAIN='some-domain' -# Thise secrets should be regenerated -PRIMARY_ENCRYPTION_KEY=0bJ9w+hn4ebQrsCaWXuA9JY49fP9kbHmywGd5K7k+/s= +# You should generate a random string of 64+ characters for this value in prod. +# You can generate a secure secret by running: ./run secret SECRET_KEY_BASE=please_generate_a_more_secure_unique_secret_value_for_your_project -EMAIL_ADMIN='admin@openfn.org' - +# Which environment is running? MIX_ENV should be "dev" or "prod" and NODE_ENV +# should be "production" or "development". When MIX_ENV is set to prod you'll +# automatically be set to build and run releases instead of using mix. +#MIX_ENV=prod +#NODE_ENV=production MIX_ENV=dev NODE_ENV=development +# Override the default log level +# Must be a valid level, see: https://hexdocs.pm/logger/1.12.3/Logger.html#module-levels +#LOG_LEVEL=debug + +# The URL that will be generated through out your app. When you combine all 3 +# values it should be the URL that visitors access in their browser / client. +#URL_SCHEME=https +#URL_HOST= +#URL_PORT=443 URL_SCHEME=http URL_HOST=localhost URL_PORT=4000 +# If you're using a CDN you can customize which URL gets used for your static +# files. If left commented out it will fall back to using your URL_HOST. +#URL_STATIC_HOST= + +# The address and bind port for the web server. +# (See: endpoint config in runtime.exs and Cowboy.) LISTEN_ADDRESS=0.0.0.0 PORT=4000 +# The origins from which you want to allow requests (comma separated) ORIGINS=//localhost:* +# You can configure error reporting via Sentry by providing a DSN. +# SENTRY_DSN=https://some-url.ingest.sentry.io/some-id + +# ============================================================================== +# <><><> JOB EXECUTION SETTINGS <><><> + +# You can configure the max run duration for jobs in milliseconds. This should +# be lower than the pod termination grace period if using Kubernetes. MAX_RUN_DURATION=20000 +MAX_DATACLIP_SIZE=10000000 +# ------------------------------------------------------------------------------ -# Those postgres credentials should match ones in .env for imis database -POSTGRES_USER=IMISUser -POSTGRES_PASSWORD=IMISuserP@s -POSTGRES_HOST=db +# ============================================================================== +# <><><> DATABASE SETTINGS <><><> -POSTGRES_DB="lightning_${MIX_ENV}" +# Disable SSL connections for Postgres +# In production mode, SSL connections are enforced by default - uncomment to +# disable this behaviour. +#DISABLE_DB_SSL=true -# Lightning uses DATABASE_URL to determine connection +# You you're using Docker for postgres, set POSTGRES_USER and POSTGRES_PASSWORD +# since the postgres Docker image uses them for its default database user and +# password. The database URL will be composed from these variables: +POSTGRES_USER=${DB_USER} +POSTGRES_PASSWORD=${DB_PASSWORD} +POSTGRES_HOST=db +#POSTGRES_PORT=5432 +POSTGRES_DB="lightning_${MIX_ENV}" DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}" +# If you're not using docker, but running postgres locally and migrating/running +# using `env $(cat .env | grep -v "#" | xargs )` set the database url directly: +# DATABASE_URL=postgres://hello:password@localhost/lightning_dev +# ============================================================================== + +# Generate secure keys, see ./DEPLOYMENT.md +PRIMARY_ENCRYPTION_KEY=0bJ9w+hn4ebQrsCaWXuA9JY49fP9kbHmywGd5K7k+/s= +ATTEMPTS_PRIVATE_KEY="LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBeWJER3JEbFBWd05yWTA4czF3VkU5SktDSWhhditwT1ZXVSsyR2pSekFneEI5dW5CCjFrejdJQTh3SUIyZ1NseDhYWHlPZDA5QmhlMHBiRERxV2Q5YWV5OGZNb2tTMUVkcGFBT1k0YnRPYlIwbDFlM2wKazBQelBIc2lITWlFVWpTQm5yS2ZJZVJjd1VKK3NPaTQxVjYrTVV4V1FhSFBPTXRrWjRMNFdUOTVvV0paNG8wdQpQd0pXS0V0cmh3cHdoSldHeFl1Ym51TVhJdW1PTW5USFZ4cmlpdGRjODdyMDhuUTF3eDJjT3JkUkVBK25mWjVWCml6VHprUVFBTG1PNUI4V3IrS1ZYRW5HRUVHVTR2alRMYkQ5blAyclVXMXYvSFBTamgyZjlOaDlxd1RDQm04bGoKb1JBQ3BUTUhlS2VxYmpQOVgxM2V1bFp0a2hhK05kRndkeDdPZ1FJREFRQUJBb0lCQURrU2hkV2NUZ0F3WG9YMgpsSml2ekFodElOZm1sWnVSZ1pTSlF0MTlkQUhqV0JNM3FIc3N3MjhaL1NOSlh0OUw5b0U1eXRLbUljTjFEZUNvCm90Z1ZwUFB3cktKUE9YM0tTMkI4akJsc09GQVdER3ZSNnNIV1c1RUV3dTFrTEZWYXVFY2hBbmpEdHgrVTRtYkwKSStwMDZkcm5ZQTBvYll3RHVnQzBoZlF6U3diSVhaM3d6V25BVlRaZE4yTGFqRTA2UHRNSkxsSzZZZ3FyWmpObQpzeXpKSVgwRmg4WlFlOHZVMmF1U205UnIvTFhwMEN6TFpDYmxUT2RRcXlRdFQ3cHR5c2ZBUWZvZkkrMFNWcVZ2CkhqQUhaTU5ZZk9mSFJiMVBjVzFKdjZlSUJERFZiYXNCZVl5bWlQRStXVEpkOU1hbFNFSlI5NDFmaWFBQ1UwVEcKRlhLclQ4RUNnWUVBL0JaNEJvbkdONkVsQUd5akhldU42eXhka3JCUHJhUWh4am5ScEZxMGQzTjFISUdBS2pEVQpvQStEU0JzMG1NY2xRWm8yT1dHVTdZbzhwNkEzZVMyNTc2aVF6a1pndnNhS3hXcnFWTTBCRHdlOU5mdEYyVXQwCjhoczNZS1V2ek1yNEhiL1FTVFZkWldWZkR0YUdBY3kxTkFnVlRJcE9PK1FDTlk5V3p1cVVlT2tDZ1lFQXpOSVUKNm1HOGcxOUtqN1lJb3hmd1E1c3E1WGhWSk8zQ3MvVXpqSU5HKzNSRnZDWDRxd2VoTVdUY0NBVVFicnl5MGlJSApYdGpXR1B3clM5Z0JiZzdsS2VJdkdQYXRlZGhrZUNqMDJzVVp3SnZoUGowaHRXTnZWckRnb1doWG03M0xNUU1lCnRrOTdDejZta0J5RWw0VGcwMTVLL1JHK2hVLzl0aVhWRDBoUEtka0NnWUFqV0c4cDA0V0VaVWJQNFd1WmxWNkgKdStlKzJwUEJjQU1BVFRrVXgxY0liSnJlRFZaUUZCcXIrcURZcWwvY2tBZXNSQmdZUVpObEh2M1VMd1c0S3U0bwpLVVZzZHJlMzZCU3JDNHVocWtEY3Y2UUsvcGxUbDEzbFdHV1NXbmJ5U3Y4eEJLVUtycjNTcXIwQ1VwZmxock5kCmdVaWpPNzB1YnBEVXU2MWJRODdmaVFLQmdFQkhBYWRZaXNlVHBSdWFuZlZJOHU3VWlFN0JSNzh5R25OTlZTTVkKbzdNUUZ6NW5rRFZrVEpMcXV4Nk5NRTRBVEFJa0Nib2JSSDFNemUyY1dUNkgwQ1VueFc0SkpBSGtCZ3VybHNQOQpMUXJFSUpqZXFIQjdSeHFtb2FnbHpiQ2pqRnZTUmRZaTlWTmZFdmlRNm85K2RPd0FZSG94RW1CVjdTSTNsemlYCmtiaHBBb0dBYjBrVUVpanl0akZlUWJBRGYvRk92VlRVdmUxZW9PK3JuWmJ2V3NhVWhVSGRuMTdDUXc0Y1ZjK0UKbHQzWXhHVmMvNldIV3E3azB4YXBlVWJucEF4NjNIMTlNZTRjTmJFaXZSb2d4bzdHWERnRDIxbENGUHlCUmZKagpLN2g1VE1lQnRnZjhibGdrVzcxenkyWFdNWnBJRXVRT3ZCZjJqRVJuU0hYTDFrL2NObDQ9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg" +WORKER_SECRET="dECXNlqctXJ/a+1FI4AaeLZY4Rp+Pxo23WwmJxC2xew=" +# Start your app with RTM=false to manage your runtime manually. You might be +# doing this so that you can run `ws-worker` by hand on a local branch, rather +# than using the NPM installed version. +# RTM=false + + +# Should Docker restart your containers if they go down in unexpected ways? +#DOCKER_RESTART_POLICY=unless-stopped DOCKER_RESTART_POLICY=no +# What health check test command do you want to run? In development, having it +# curl your web server will result in a lot of log spam, so setting it to +# /bin/true is an easy way to make the health check do basically nothing. +#DOCKER_WEB_HEALTHCHECK_TEST=curl localhost:4000/health_check DOCKER_WEB_HEALTHCHECK_TEST=/bin/true -LIGHTNING_EXTERNAL_PORT=4000 - +# What ip:port should be published back to the Docker host for the app server? +# If you're using Docker Toolbox or a custom VM you can't use 127.0.0.1. This +# is being overwritten in dev to be compatible with more dev environments. +# +# If you have a port conflict because something else is using 4000 then you +# can either stop that process or change 4000 to be something else. +# +# Use the default in production to avoid having it directly accessible to +# the internet without assistance from a cloud based firewall. +#LIGHTNING_EXTERNAL_PORT=127.0.0.1:4000 +LIGHTNING_EXTERNAL_PORT=4001 + +# What volume path should be used? In dev we want to volume mount everything +# so we can develop our code without rebuilding our Docker images. +# Note that by mounting the whole project into the container, you will need to +# follow the Contributing steps in the README. +#LIGHTNING_VOLUME=.:/app + +# What CPU and memory constraints will be added to your services? When left at +# 0, they will happily use as much as needed. +#DOCKER_POSTGRES_CPUS=0 +#DOCKER_POSTGRES_MEMORY=0 +#DOCKER_WEB_CPUS=0 +#DOCKER_WEB_MEMORY=0 + +# Give this variable the value of true if you want the system to create a sample project for a new registered user INIT_PROJECT_FOR_NEW_USER=false +# If not provided, PURGE_DELETED_AFTER_DAYS defaults to 7. Set to 0 to never purge deleted records. PURGE_DELETED_AFTER_DAYS=7 +# To use https://plausible.io/ analytics, provide the SRC for your script and +# your data-domain below. +# PLAUSIBLE_SRC=https://plausible.io/js/script.js +# PLAUSIBLE_DATA_DOMAIN=openfn.org + +# If you wish to enable PromEx-driven Prometheus/Grafana monitoring use the following: +# PROMEX_ENABLED=true +# PROMEX_GRAFANA_HOST=http://localhost:3000 +# PROMEX_GRAFANA_USER=admin +# PROMEX_GRAFANA_PASSWORD=admin +# PROMEX_UPLOAD_GRAFANA_DASHBOARDS_ON_START=true +# PROMEX_DATASOURCE_ID=promex +# PROMEX_METRICS_ENDPOINT_AUTHORIZATION_REQUIRED=yes +# PROMEX_METRICS_ENDPOINT_TOKEN=foobar +# PROMEX_ENDPOINT_SCHEME=http + +# The length of time an Attempt must remain in the `available` state before it is +# considered `stalled`. +# METRICS_STALLED_ATTEMPT_THRESHOLD_SECONDS=300 + +# The maximum age of an Attempt that will be considered when measuring +# Attempt performance. +# METRICS_ATTEMPT_PERFORMANCE_AGE_SECONDS=120 + + + +# Example .env copied from Lightning repository, full description of variables can be found in +# https://github.com/OpenFn/Lightning + +# Thise secrets should be regenerated +PRIMARY_ENCRYPTION_KEY=0bJ9w+hn4ebQrsCaWXuA9JY49fP9kbHmywGd5K7k+/s= +SECRET_KEY_BASE=please_generate_a_more_secure_unique_secret_value_for_your_project + IMIS_USER_FIRST_NAME=IMISUser IMIS_USER_LAST_NAME=IMISUser diff --git a/deploy_coremis.sh b/deploy_coremis.sh new file mode 100644 index 0000000..5adc795 --- /dev/null +++ b/deploy_coremis.sh @@ -0,0 +1,17 @@ +#!/bin/bash +#rename .env +cp .env.example .env +cp .env.lightning.example .env.lightning +cp .env.openSearch.example .env.openSearch + +docker compose -f docker-compose.coremis.yml up -d db +set -a # automatically export all variables +source .env +source .env.lightning +set +a +docker compose -f docker-compose.coremis.yml run -e PGPASSWORD=${POSTGRES_PASSWORD} --rm db createdb -h db -U ${POSTGRES_USER} ${POSTGRES_DB} +docker compose -f docker-compose.coremis.yml run --rm web mix ecto.migrate +docker compose -f docker-compose.coremis.yml run --rm web mix run imisSetupScripts/imisSetup.exs +docker compose -f docker-compose.coremis.yml up -d + + diff --git a/docker-compose.coremis.yml b/docker-compose.coremis.yml new file mode 100644 index 0000000..2ebb540 --- /dev/null +++ b/docker-compose.coremis.yml @@ -0,0 +1,16 @@ +include: + - path: docker-compose.yml + env_file: .env + - path: docker-compose.openSearch.yml + env_file: + - .env + - .env.openSearch + - path: docker-compose.lightning.yml + env_file: + - .env + - .env.lightning + + + + + diff --git a/docker-compose.lightning.yml b/docker-compose.lightning.yml index 0743ab2..dc44eda 100644 --- a/docker-compose.lightning.yml +++ b/docker-compose.lightning.yml @@ -1,38 +1,25 @@ -version: "3" +version: "3.7" x-lightning: &default-app - build: - dockerfile: Dockerfile-dev- - context: "https://github.com/openimis/openimis-lightning_dkr.git#develop" - target: "${MIX_ENV:-dev}" - args: - - "MIX_ENV=${MIX_ENV:-dev}" - - "NODE_ENV=${NODE_ENV:-development}" + image: ghcr.io/openimis/openimis-lightning_dkr:develop + platform: linux/amd64 + #build: + # dockerfile: Dockerfile-dev- + # context: "https://github.com/openimis/openimis-lightning_dkr.git#delcroip-patch-1" + # target: "${MIX_ENV:-dev}" + # args: + # - "MIX_ENV=${MIX_ENV:-dev}" + # - "NODE_ENV=${NODE_ENV:-development}" depends_on: - - "postgres" + - "db" env_file: - - ".env" + - ".env.lightning" restart: "${DOCKER_RESTART_POLICY:-unless-stopped}" stop_grace_period: "3s" - tty: ${TTY:-false} volumes: - "${LIGHTNING_VOLUME:-./priv/static:/app/priv/static}" services: - postgres: - deploy: - resources: - limits: - cpus: "${DOCKER_POSTGRES_CPUS:-0}" - memory: "${DOCKER_POSTGRES_MEMORY:-0}" - env_file: - - ".env" - image: "postgres:14.2-alpine" - restart: "${DOCKER_RESTART_POLICY:-unless-stopped}" - stop_grace_period: "3s" - volumes: - - "postgres:/var/lib/postgresql/data" - web: <<: *default-app deploy: @@ -48,10 +35,11 @@ services: retries: 3 ports: - "${LIGHTNING_EXTERNAL_PORT:-127.0.0.1:4000}:${URL_PORT}" + networks: + openimis-net: volumes: postgres: {} -networks: - openimis-net: - name: ${PROJECT_NAME}-openimis-net + + diff --git a/docker-compose.openSearch.yml b/docker-compose.openSearch.yml index cbe9ad4..7bf69ed 100644 --- a/docker-compose.openSearch.yml +++ b/docker-compose.openSearch.yml @@ -1,4 +1,4 @@ -version: '2.4' +version: '3.7' services: opensearch: build: @@ -37,6 +37,9 @@ services: volumes: opensearch-data1: +# networks: +# openimis-net: +# name: "${PROJECT_NAME:-openimis}-net" +# external: true + -networks: - openimis-net: diff --git a/docker-compose.yml b/docker-compose.yml index 925c5f0..ed3cf07 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,26 @@ version: "3.7" +x-api: &default-api + image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} + environment: + - DB_HOST=${DB_HOST} + - DB_PORT=${DB_PORT} + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - DB_PASSWORD=${DB_PASSWORD} + - SITE_ROOT=api + - SITE_URL=${NEW_OPENIMIS_HOST} + - CELERY_BROKER_URL=amqp://rabbitmq + - DB_ENGINE=${DB_ENGINE} + - DJANGO_LOG_LEVEL=DEBUG + - DEBUG=True + volumes: + - photos:/openimis-be/openIMIS/images/insurees + depends_on: + db: + condition: service_healthy + networks: + openimis-net: + restart: always services: db: @@ -22,30 +44,6 @@ services: restart: always networks: openimis-net: - backend: - container_name: ${PROJECT_NAME:-openimis}-api - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - restart: always - command: start - volumes: - - photos:/openimis-be/openIMIS/images/insurees - environment: &backend-env - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - - DB_ENGINE=${DB_ENGINE} - - SITE_ROOT=api - - DEBUG=True - - DJANGO_LOG_LEVEL=DEBUG - - SITE_URL=${NEW_OPENIMIS_HOST} - - CELERY_BROKER_URL=amqp://rabbitmq - depends_on: - db: - condition: service_healthy - networks: - openimis-net: frontend: container_name: ${PROJECT_NAME:-openimis}-frontend @@ -68,47 +66,24 @@ services: - ./data/certbot/www:/var/www/certbot # uncomment to use custom openimis.conf #- ./conf/nginx:/conf/ + backend: + <<: *default-api + container_name: ${PROJECT_NAME:-openimis}-api + command: start + worker: + <<: *default-api container_name: ${PROJECT_NAME:-openimis}-worker - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} command: worker - restart: always - volumes: - - photos:/openimis-be/openIMIS/images/insurees - depends_on: - - backend - environment: *backend-env - networks: - openimis-net: rabbitmq: container_name: ${PROJECT_NAME:-openimis}-rabbitmq image: rabbitmq:3-management restart: always networks: openimis-net: - restapi: - container_name: ${PROJECT_NAME:-openimis}-restapi - image: ghcr.io/openimis/openimis-rest_api:${RESTAPI_TAG:-latest} - environment: - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - volumes: - #- ./conf/restapi:/app/config - - ./logs:/app/log - - photos:/app/photos - - ./Escape:/app/Escape - - ./FromPhone:/app/FromPhone - restart: always - depends_on: - db: - condition: service_healthy - networks: - openimis-net: networks: openimis-net: + name: "${PROJECT_NAME:-openimis}-net" volumes: database: photos: From 29b6f21336075c286ae20a64eafae7ec62e9c867 Mon Sep 17 00:00:00 2001 From: Patrick Delcroix Date: Wed, 17 Apr 2024 17:06:34 +0200 Subject: [PATCH 4/5] Feature/modular docker compose (#57) * modular config * modular compose --- .env.example | 8 +- .env.lightning | 187 ++++++++++++++++++++++++++++ .env.openSearch | 5 + .env.openSearch.example | 5 +- README.md | 38 +++--- conf/nginx/locations/backend.loc | 21 ++++ conf/nginx/locations/certbot.loc | 3 + conf/nginx/locations/frontend.loc | 10 ++ conf/nginx/locations/lightning.loc | 14 +++ conf/nginx/locations/opensearch.loc | 13 ++ conf/nginx/locations/restapi.loc.bk | 14 +++ conf/nginx/openimis.conf | 36 +----- conf/nginx/variables/var.conf | 4 + deploy_coremis.sh | 17 --- deploy_openimis.sh | 37 ++++++ docker-compose-mssql.yml | 119 ------------------ docker-compose.base.yml | 66 ++++++++++ docker-compose.certbot.yml | 114 +---------------- docker-compose.coremis.yml | 16 --- docker-compose.lightning.yml | 3 +- docker-compose.mssql.yml | 31 +++++ docker-compose.openSearch.yml | 21 ++-- docker-compose.psql.yml | 21 ++++ docker-compose.yml | 105 +++------------- 24 files changed, 480 insertions(+), 428 deletions(-) create mode 100644 .env.lightning create mode 100644 .env.openSearch create mode 100644 conf/nginx/locations/backend.loc create mode 100644 conf/nginx/locations/certbot.loc create mode 100644 conf/nginx/locations/frontend.loc create mode 100644 conf/nginx/locations/lightning.loc create mode 100644 conf/nginx/locations/opensearch.loc create mode 100644 conf/nginx/locations/restapi.loc.bk create mode 100644 conf/nginx/variables/var.conf delete mode 100644 deploy_coremis.sh create mode 100644 deploy_openimis.sh delete mode 100644 docker-compose-mssql.yml create mode 100644 docker-compose.base.yml delete mode 100644 docker-compose.coremis.yml create mode 100644 docker-compose.mssql.yml create mode 100644 docker-compose.psql.yml diff --git a/.env.example b/.env.example index 82faab8..d239d8d 100644 --- a/.env.example +++ b/.env.example @@ -3,7 +3,7 @@ PROJECT_NAME=demo # urls # url of openimis, FQDN -NEW_OPENIMIS_HOST=demo.openimis.org +DOMAIN=demo.openimis.org # http port for openimis HTTP_PORT=80 # https port for openimis @@ -32,11 +32,11 @@ SITE_ROOT=api # github branches to use # Database, you can use develop branch too -DB_TAG=23.10 +DB_TAG=24.04 # BE assembly image tag -BE_TAG=23.10 +BE_TAG=24.04 #FE assembly, image tag -FE_TAG=23.10 +FE_TAG=24.04 #one-liner json config for the FE (to override the openimis.json from the FE assembly) #OPENIMIS_FE_CONF_JSON= diff --git a/.env.lightning b/.env.lightning new file mode 100644 index 0000000..c5e5ab9 --- /dev/null +++ b/.env.lightning @@ -0,0 +1,187 @@ +# Default values are optimized for production to avoid having to configure +# much in production. +# +# However it should be easy to get going in development too. If you see an +# uncommented option that means it's either mandatory to set or it's being +# overwritten in development to make your life easier. + +# Set this up to handle Github App configuration +# GITHUB_APP_ID=12345 +# GITHUB_CERT=Base64-encoded-private-key + +# Choose an admin email address and configure a mailer. If you don't specify +# mailer details the local test adaptor will be used and mail previews can be +# viewed at localhost:4000/dev/mailbox +EMAIL_ADMIN='admin@openfn.org' +# MAILGUN_API_KEY='some-key' +# MAILGUN_DOMAIN='some-domain' + +# You should generate a random string of 64+ characters for this value in prod. +# You can generate a secure secret by running: ./run secret +SECRET_KEY_BASE=please_generate_a_more_secure_unique_secret_value_for_your_project + +# Which environment is running? MIX_ENV should be "dev" or "prod" and NODE_ENV +# should be "production" or "development". When MIX_ENV is set to prod you'll +# automatically be set to build and run releases instead of using mix. +#MIX_ENV=prod +#NODE_ENV=production +MIX_ENV=dev +NODE_ENV=development + +# Override the default log level +# Must be a valid level, see: https://hexdocs.pm/logger/1.12.3/Logger.html#module-levels +#LOG_LEVEL=debug + +# The URL that will be generated through out your app. When you combine all 3 +# values it should be the URL that visitors access in their browser / client. +#URL_SCHEME=https +#URL_HOST= +#URL_PORT=443 +URL_SCHEME=http +URL_HOST=localhost +URL_PORT=4000 + +# If you're using a CDN you can customize which URL gets used for your static +# files. If left commented out it will fall back to using your URL_HOST. +#URL_STATIC_HOST= + +# The address and bind port for the web server. +# (See: endpoint config in runtime.exs and Cowboy.) +LISTEN_ADDRESS=0.0.0.0 +PORT=4000 + +# The origins from which you want to allow requests (comma separated) +ORIGINS=//localhost:* + +# You can configure error reporting via Sentry by providing a DSN. +# SENTRY_DSN=https://some-url.ingest.sentry.io/some-id + +# ============================================================================== +# <><><> JOB EXECUTION SETTINGS <><><> + +# You can configure the max run duration for jobs in milliseconds. This should +# be lower than the pod termination grace period if using Kubernetes. +MAX_RUN_DURATION=20000 +MAX_DATACLIP_SIZE=10000000 + +# ------------------------------------------------------------------------------ + +# ============================================================================== +# <><><> DATABASE SETTINGS <><><> + +# Disable SSL connections for Postgres +# In production mode, SSL connections are enforced by default - uncomment to +# disable this behaviour. +#DISABLE_DB_SSL=true + +# You you're using Docker for postgres, set POSTGRES_USER and POSTGRES_PASSWORD +# since the postgres Docker image uses them for its default database user and +# password. The database URL will be composed from these variables: +POSTGRES_USER=${DB_USER} +POSTGRES_PASSWORD=${DB_PASSWORD} +POSTGRES_HOST=db +#POSTGRES_PORT=5432 +POSTGRES_DB="lightning_${MIX_ENV}" +DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}" + +# If you're not using docker, but running postgres locally and migrating/running +# using `env $(cat .env | grep -v "#" | xargs )` set the database url directly: +# DATABASE_URL=postgres://hello:password@localhost/lightning_dev + +# ============================================================================== + +# Generate secure keys, see ./DEPLOYMENT.md +PRIMARY_ENCRYPTION_KEY=0bJ9w+hn4ebQrsCaWXuA9JY49fP9kbHmywGd5K7k+/s= +ATTEMPTS_PRIVATE_KEY="LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBeWJER3JEbFBWd05yWTA4czF3VkU5SktDSWhhditwT1ZXVSsyR2pSekFneEI5dW5CCjFrejdJQTh3SUIyZ1NseDhYWHlPZDA5QmhlMHBiRERxV2Q5YWV5OGZNb2tTMUVkcGFBT1k0YnRPYlIwbDFlM2wKazBQelBIc2lITWlFVWpTQm5yS2ZJZVJjd1VKK3NPaTQxVjYrTVV4V1FhSFBPTXRrWjRMNFdUOTVvV0paNG8wdQpQd0pXS0V0cmh3cHdoSldHeFl1Ym51TVhJdW1PTW5USFZ4cmlpdGRjODdyMDhuUTF3eDJjT3JkUkVBK25mWjVWCml6VHprUVFBTG1PNUI4V3IrS1ZYRW5HRUVHVTR2alRMYkQ5blAyclVXMXYvSFBTamgyZjlOaDlxd1RDQm04bGoKb1JBQ3BUTUhlS2VxYmpQOVgxM2V1bFp0a2hhK05kRndkeDdPZ1FJREFRQUJBb0lCQURrU2hkV2NUZ0F3WG9YMgpsSml2ekFodElOZm1sWnVSZ1pTSlF0MTlkQUhqV0JNM3FIc3N3MjhaL1NOSlh0OUw5b0U1eXRLbUljTjFEZUNvCm90Z1ZwUFB3cktKUE9YM0tTMkI4akJsc09GQVdER3ZSNnNIV1c1RUV3dTFrTEZWYXVFY2hBbmpEdHgrVTRtYkwKSStwMDZkcm5ZQTBvYll3RHVnQzBoZlF6U3diSVhaM3d6V25BVlRaZE4yTGFqRTA2UHRNSkxsSzZZZ3FyWmpObQpzeXpKSVgwRmg4WlFlOHZVMmF1U205UnIvTFhwMEN6TFpDYmxUT2RRcXlRdFQ3cHR5c2ZBUWZvZkkrMFNWcVZ2CkhqQUhaTU5ZZk9mSFJiMVBjVzFKdjZlSUJERFZiYXNCZVl5bWlQRStXVEpkOU1hbFNFSlI5NDFmaWFBQ1UwVEcKRlhLclQ4RUNnWUVBL0JaNEJvbkdONkVsQUd5akhldU42eXhka3JCUHJhUWh4am5ScEZxMGQzTjFISUdBS2pEVQpvQStEU0JzMG1NY2xRWm8yT1dHVTdZbzhwNkEzZVMyNTc2aVF6a1pndnNhS3hXcnFWTTBCRHdlOU5mdEYyVXQwCjhoczNZS1V2ek1yNEhiL1FTVFZkWldWZkR0YUdBY3kxTkFnVlRJcE9PK1FDTlk5V3p1cVVlT2tDZ1lFQXpOSVUKNm1HOGcxOUtqN1lJb3hmd1E1c3E1WGhWSk8zQ3MvVXpqSU5HKzNSRnZDWDRxd2VoTVdUY0NBVVFicnl5MGlJSApYdGpXR1B3clM5Z0JiZzdsS2VJdkdQYXRlZGhrZUNqMDJzVVp3SnZoUGowaHRXTnZWckRnb1doWG03M0xNUU1lCnRrOTdDejZta0J5RWw0VGcwMTVLL1JHK2hVLzl0aVhWRDBoUEtka0NnWUFqV0c4cDA0V0VaVWJQNFd1WmxWNkgKdStlKzJwUEJjQU1BVFRrVXgxY0liSnJlRFZaUUZCcXIrcURZcWwvY2tBZXNSQmdZUVpObEh2M1VMd1c0S3U0bwpLVVZzZHJlMzZCU3JDNHVocWtEY3Y2UUsvcGxUbDEzbFdHV1NXbmJ5U3Y4eEJLVUtycjNTcXIwQ1VwZmxock5kCmdVaWpPNzB1YnBEVXU2MWJRODdmaVFLQmdFQkhBYWRZaXNlVHBSdWFuZlZJOHU3VWlFN0JSNzh5R25OTlZTTVkKbzdNUUZ6NW5rRFZrVEpMcXV4Nk5NRTRBVEFJa0Nib2JSSDFNemUyY1dUNkgwQ1VueFc0SkpBSGtCZ3VybHNQOQpMUXJFSUpqZXFIQjdSeHFtb2FnbHpiQ2pqRnZTUmRZaTlWTmZFdmlRNm85K2RPd0FZSG94RW1CVjdTSTNsemlYCmtiaHBBb0dBYjBrVUVpanl0akZlUWJBRGYvRk92VlRVdmUxZW9PK3JuWmJ2V3NhVWhVSGRuMTdDUXc0Y1ZjK0UKbHQzWXhHVmMvNldIV3E3azB4YXBlVWJucEF4NjNIMTlNZTRjTmJFaXZSb2d4bzdHWERnRDIxbENGUHlCUmZKagpLN2g1VE1lQnRnZjhibGdrVzcxenkyWFdNWnBJRXVRT3ZCZjJqRVJuU0hYTDFrL2NObDQ9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg" +WORKER_SECRET="dECXNlqctXJ/a+1FI4AaeLZY4Rp+Pxo23WwmJxC2xew=" + +# Start your app with RTM=false to manage your runtime manually. You might be +# doing this so that you can run `ws-worker` by hand on a local branch, rather +# than using the NPM installed version. +# RTM=false + + +# Should Docker restart your containers if they go down in unexpected ways? +#DOCKER_RESTART_POLICY=unless-stopped +DOCKER_RESTART_POLICY=no + +# What health check test command do you want to run? In development, having it +# curl your web server will result in a lot of log spam, so setting it to +# /bin/true is an easy way to make the health check do basically nothing. +#DOCKER_WEB_HEALTHCHECK_TEST=curl localhost:4000/health_check +DOCKER_WEB_HEALTHCHECK_TEST=/bin/true + +# What ip:port should be published back to the Docker host for the app server? +# If you're using Docker Toolbox or a custom VM you can't use 127.0.0.1. This +# is being overwritten in dev to be compatible with more dev environments. +# +# If you have a port conflict because something else is using 4000 then you +# can either stop that process or change 4000 to be something else. +# +# Use the default in production to avoid having it directly accessible to +# the internet without assistance from a cloud based firewall. +#LIGHTNING_EXTERNAL_PORT=127.0.0.1:4000 +LIGHTNING_EXTERNAL_PORT=4001 + +# What volume path should be used? In dev we want to volume mount everything +# so we can develop our code without rebuilding our Docker images. +# Note that by mounting the whole project into the container, you will need to +# follow the Contributing steps in the README. +#LIGHTNING_VOLUME=.:/app + +# What CPU and memory constraints will be added to your services? When left at +# 0, they will happily use as much as needed. +#DOCKER_POSTGRES_CPUS=0 +#DOCKER_POSTGRES_MEMORY=0 +#DOCKER_WEB_CPUS=0 +#DOCKER_WEB_MEMORY=0 + +# Give this variable the value of true if you want the system to create a sample project for a new registered user +INIT_PROJECT_FOR_NEW_USER=false + +# If not provided, PURGE_DELETED_AFTER_DAYS defaults to 7. Set to 0 to never purge deleted records. +PURGE_DELETED_AFTER_DAYS=7 + +# To use https://plausible.io/ analytics, provide the SRC for your script and +# your data-domain below. +# PLAUSIBLE_SRC=https://plausible.io/js/script.js +# PLAUSIBLE_DATA_DOMAIN=openfn.org + +# If you wish to enable PromEx-driven Prometheus/Grafana monitoring use the following: +# PROMEX_ENABLED=true +# PROMEX_GRAFANA_HOST=http://localhost:3000 +# PROMEX_GRAFANA_USER=admin +# PROMEX_GRAFANA_PASSWORD=admin +# PROMEX_UPLOAD_GRAFANA_DASHBOARDS_ON_START=true +# PROMEX_DATASOURCE_ID=promex +# PROMEX_METRICS_ENDPOINT_AUTHORIZATION_REQUIRED=yes +# PROMEX_METRICS_ENDPOINT_TOKEN=foobar +# PROMEX_ENDPOINT_SCHEME=http + +# The length of time an Attempt must remain in the `available` state before it is +# considered `stalled`. +# METRICS_STALLED_ATTEMPT_THRESHOLD_SECONDS=300 + +# The maximum age of an Attempt that will be considered when measuring +# Attempt performance. +# METRICS_ATTEMPT_PERFORMANCE_AGE_SECONDS=120 + + + +# Example .env copied from Lightning repository, full description of variables can be found in +# https://github.com/OpenFn/Lightning + +# Thise secrets should be regenerated +PRIMARY_ENCRYPTION_KEY=0bJ9w+hn4ebQrsCaWXuA9JY49fP9kbHmywGd5K7k+/s= +SECRET_KEY_BASE=please_generate_a_more_secure_unique_secret_value_for_your_project + + +IMIS_USER_FIRST_NAME=IMISUser +IMIS_USER_LAST_NAME=IMISUser +IMIS_USER_PASSWORD=IMISUserPassword +IMIS_USER_EMAIL=IMISUser@openimis.com +IMIS_DB_HOST=db +IMIS_DB_PORT=5439 +IMIS_DB_DATABASE=IMIS +IMIS_DB_USER=IMISUser +IMIS_DB_PASSWORD=IMISUserPassword diff --git a/.env.openSearch b/.env.openSearch new file mode 100644 index 0000000..bd5d921 --- /dev/null +++ b/.env.openSearch @@ -0,0 +1,5 @@ +DISCOVERY_TYPE=single-node +CLUSTER_NAME=my_opensearch_cluster +OPEN_SEARCH_HTTP_PORT=9200 +SLL_HTTP_ENABLED=false +OPENSEARCH_HOSTS='["http://opensearch:9200"]' diff --git a/.env.openSearch.example b/.env.openSearch.example index 66a086f..bd5d921 100644 --- a/.env.openSearch.example +++ b/.env.openSearch.example @@ -2,7 +2,4 @@ DISCOVERY_TYPE=single-node CLUSTER_NAME=my_opensearch_cluster OPEN_SEARCH_HTTP_PORT=9200 SLL_HTTP_ENABLED=false -OPENSEARCH_ADMIN=admin -OPENSEARCH_PASSWORD=admin -OPENSEARCH_BASIC_TOKEN="Basic YourBasicToken" -OPENSEARCH_HOSTS=http://opensearch:9200 +OPENSEARCH_HOSTS='["http://opensearch:9200"]' diff --git a/README.md b/README.md index 6044d18..ed1432e 100644 --- a/README.md +++ b/README.md @@ -1,44 +1,42 @@ # openIMIS dockerized - This repository provides a dockerized openIMIS (all components) as a quick setup for development, testing or demoing. + This repository provides a dockerized openIMIS (all components) as a quick setup , testing or demoing. Please look for further instructions on the openIMIS Wiki: https://openimis.atlassian.net/wiki/spaces/OP/pages/963182705/MO1.1+Install+the+modular+openIMIS+using+Docker - The docker-compose currently contains the openIMIS database, backend + worker, frontend, restapi and gateway components. + The docker-compose currently contains the openIMIS database, backend + worker, frontend, and third parties components (lightning, opensearch, rabitMQ ... ). In case of troubles, please consult/contact our service desk via our [ticketing site](https://openimis.atlassian.net/servicedesk/customer). -#Prerequisit +# Prerequisit - Docker installed -# First startup +# fast lane + + You can use the script `deploy_openimis.sh`to initialize all components -* create a `.env` file, use .env.example as starting point +# First startup -## configure the restapi - the rest api config files appsettings.json, appsettings.Production.json, appsetting.Developments.json must be created in the folder ./conf/restapi - create the log folder ./logs¨ +* create a `.env` file, use `.env.example` as starting point (respectivement for `.env.lightning`, `.env.openSearch`) +* chose database vendor: the default is psql but you can edit the docker-compose.yml and change `docker-compose-psql.yml` to `docker-compose-mssql.yml` - to remove the restapi one will have to: - - uncomment the volume in the fronend config - - replace openimis.conf with openimis.conf.without_restapi ## configure the gateway (optionnal) - - uncomment the volume in the fronend config - - make modification in openimis.conf +* uncomment the volume in the frontend config +* make modification in openimis.conf + +## main database initialisation -## init database +Include the line INIT_MODE=demo in .env or uncomment it in case it has been copied from .env.example copied to intiate the database with the DEMO dataset, it will create an empty openIMIS database otherwise -Include the line INIT_MODE=demo in .env or uncomment it if .env.example copied to intiate the database with the DEMO dataset, it will create an empty openIMIS database otherwise +## OpenFN/Lightning setup ( manage social protection workflow/import ) -## OpenFN/Lightning setup -Lightning is not by default enabled in dockerized instance. To make it work it's required to: * Copy `.env.lightning.example` to `.env.lightning` and make adjustments * Create `lightning_dev` database in db container * Run container build `docker compose -f docker-compose.yml -f docker-compose.lightning.yml build lightning` @@ -72,12 +70,12 @@ To pull new images or images update `docker-compose pull` use the certbot docker compose file -export NEW_OPENIMIS_HOST first +export DOMAIN first ## dry run -docker-compose run --rm --entrypoint " certbot certonly --webroot -w /var/www/certbot --staging --register-unsafely-without-email -d ${NEW_OPENIMIS_HOST} --rsa-key-size 2048 --agree-tos --force-renewal" certbot +docker-compose run --rm --entrypoint " certbot certonly --webroot -w /var/www/certbot --staging --register-unsafely-without-email -d ${DOMAIN} --rsa-key-size 2048 --agree-tos --force-renewal" certbot ## actual setup -docker-compose run --rm --entrypoint " certbot certonly --webroot -w /var/www/certbot --register-unsafely-without-email -d ${NEW_OPENIMIS_HOST} --rsa-key-size 2048 --agree-tos --force-renewal" certbot +docker-compose run --rm --entrypoint " certbot certonly --webroot -w /var/www/certbot --register-unsafely-without-email -d ${DOMAIN} --rsa-key-size 2048 --agree-tos --force-renewal" certbot diff --git a/conf/nginx/locations/backend.loc b/conf/nginx/locations/backend.loc new file mode 100644 index 0000000..51f388e --- /dev/null +++ b/conf/nginx/locations/backend.loc @@ -0,0 +1,21 @@ + + location /${REACT_APP_API_URL}/ { + + proxy_pass http://${backend}; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Proto https; + } + location = /check_user/ { + internal; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + proxy_set_header X-Original-URI $request_uri; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://${backend}/${REACT_APP_API_URL}/core/users/current_user/; + } + + diff --git a/conf/nginx/locations/certbot.loc b/conf/nginx/locations/certbot.loc new file mode 100644 index 0000000..17a03e7 --- /dev/null +++ b/conf/nginx/locations/certbot.loc @@ -0,0 +1,3 @@ +location /.well-known/acme-challenge/ { + root /var/www/certbot; +} \ No newline at end of file diff --git a/conf/nginx/locations/frontend.loc b/conf/nginx/locations/frontend.loc new file mode 100644 index 0000000..86517ea --- /dev/null +++ b/conf/nginx/locations/frontend.loc @@ -0,0 +1,10 @@ + + + location / { + return 302 https://$host/${PUBLIC_URL}/; + } + + location /${PUBLIC_URL} { + try_files $uri $uri/ /${PUBLIC_URL}/index.html; + #error_page 404 $scheme://$host/front/; + } diff --git a/conf/nginx/locations/lightning.loc b/conf/nginx/locations/lightning.loc new file mode 100644 index 0000000..6bce374 --- /dev/null +++ b/conf/nginx/locations/lightning.loc @@ -0,0 +1,14 @@ + + location /lightning/ { + + rewrite /lightning/(.*) /$1 break; + proxy_pass http://${lightning}; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Host $server_name; + + + } + diff --git a/conf/nginx/locations/opensearch.loc b/conf/nginx/locations/opensearch.loc new file mode 100644 index 0000000..79cfec2 --- /dev/null +++ b/conf/nginx/locations/opensearch.loc @@ -0,0 +1,13 @@ + + location /opensearch/ { + auth_request /check_user/; + proxy_pass http://${opensearch}; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header Authorization "Basic ${OPENSEARCH_BASIC_TOKEN}"; + + } + diff --git a/conf/nginx/locations/restapi.loc.bk b/conf/nginx/locations/restapi.loc.bk new file mode 100644 index 0000000..b7c6458 --- /dev/null +++ b/conf/nginx/locations/restapi.loc.bk @@ -0,0 +1,14 @@ + + + location /${ROOT_MOBILEAPI}/ { + + #this rewrite rule is required to remove "ROOT_MOBILEAPI" because implicite rule (/ at the end of the url) donc work with variable + rewrite /${ROOT_MOBILEAPI}/(.*) /$1 break; + proxy_pass http://${restapi}; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Host $server_name; + + } diff --git a/conf/nginx/openimis.conf b/conf/nginx/openimis.conf index 91ee8d5..6598f67 100644 --- a/conf/nginx/openimis.conf +++ b/conf/nginx/openimis.conf @@ -1,8 +1,7 @@ server { resolver 127.0.0.11 valid=30s; - set $dockerbackend "backend:8000"; - set $dockerrestapi "restapi:80"; + client_max_body_size ${DATA_UPLOAD_MAX_MEMORY_SIZE}; listen 443 ssl; @@ -12,39 +11,10 @@ server { ssl_certificate /etc/letsencrypt/live/${NEW_OPENIMIS_HOST}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/${NEW_OPENIMIS_HOST}/privkey.pem; root /usr/share/nginx/html; - location /.well-known/acme-challenge/ { - root /var/www/certbot; - } + location /.well-known { root /var/www/html; } + ###INCLUDE_PLACEHOLDER### - location / { - return 302 https://$host/${PUBLIC_URL}/${REDIRECT_TAIL}; - } - - location /${PUBLIC_URL} { - try_files $uri $uri/ /${PUBLIC_URL}/index.html; - #error_page 404 $scheme://$host/front/; - } - - location /${REACT_APP_API_URL}/ { - proxy_pass http://${dockerbackend}; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $server_name; - proxy_set_header X-Forwarded-Proto https; - } - - location /${ROOT_MOBILEAPI}/ { - #this rewrite rule is required to remove "ROOT_MOBILEAPI" because implicite rule (/ at the end of the url) donc work with variable - rewrite /${ROOT_MOBILEAPI}/(.*) /$1 break; - proxy_pass http://${dockerrestapi}; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-Host $server_name; - } } \ No newline at end of file diff --git a/conf/nginx/variables/var.conf b/conf/nginx/variables/var.conf new file mode 100644 index 0000000..0567990 --- /dev/null +++ b/conf/nginx/variables/var.conf @@ -0,0 +1,4 @@ +set $backend "backend:8000"; +set $opensearch "opensearch-dashboards:5601"; +set $lightning "lightning:4000"; +set $frontend "lightning:4000"; \ No newline at end of file diff --git a/deploy_coremis.sh b/deploy_coremis.sh deleted file mode 100644 index 5adc795..0000000 --- a/deploy_coremis.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -#rename .env -cp .env.example .env -cp .env.lightning.example .env.lightning -cp .env.openSearch.example .env.openSearch - -docker compose -f docker-compose.coremis.yml up -d db -set -a # automatically export all variables -source .env -source .env.lightning -set +a -docker compose -f docker-compose.coremis.yml run -e PGPASSWORD=${POSTGRES_PASSWORD} --rm db createdb -h db -U ${POSTGRES_USER} ${POSTGRES_DB} -docker compose -f docker-compose.coremis.yml run --rm web mix ecto.migrate -docker compose -f docker-compose.coremis.yml run --rm web mix run imisSetupScripts/imisSetup.exs -docker compose -f docker-compose.coremis.yml up -d - - diff --git a/deploy_openimis.sh b/deploy_openimis.sh new file mode 100644 index 0000000..b387f2b --- /dev/null +++ b/deploy_openimis.sh @@ -0,0 +1,37 @@ +#!/bin/bash +#rename .env +if [[ -f '.env' ]] +then +echo "Using existing env files" +else +echo "creating env files from example" +cp .env.example .env +cp .env.lightning.example .env.lightning +cp .env.openSearch.example .env.openSearch +fi + + +if [[ -f '.init.lock' ]] +then +echo "initialisation already done" +else +echo "initialisation" + +docker compose up -d db +#set -a # automatically export all variables +source .env +source .env.lightning +#set +a +docker compose run -e PGPASSWORD=${POSTGRES_PASSWORD} --rm db createdb -h db -U ${POSTGRES_USER} ${POSTGRES_DB} +set -e +docker compose run --rm web mix ecto.migrate +docker compose run --rm web mix run imisSetupScripts/imisSetup.exs +#TODO init opensearch dashboard with API/ manage command +echo "connect to https://{DOMAIN}" +echo "then go to https://{DOMAIN}/opensearch" +echo "then go in manage / saved object / import to import the openSearch dashboard" +touch '.init.lock' +fi +docker compose up -d + + diff --git a/docker-compose-mssql.yml b/docker-compose-mssql.yml deleted file mode 100644 index 0788b83..0000000 --- a/docker-compose-mssql.yml +++ /dev/null @@ -1,119 +0,0 @@ -version: "2.4" - -services: - db: - container_name: ${PROJECT_NAME:-openimis}-db - image: ghcr.io/openimis/openimis-mssql:${DB_TAG:-latest} - restart: always - environment: - - DB_USER_PASSWORD=${DB_PASSWORD} - - SA_PASSWORD=${DB_PASSWORD} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - ACCEPT_EULA=${ACCEPT_EULA} - - INIT_MODE=${INIT_MODE} - healthcheck: - test: "bash /app/healthcheck.sh" - interval: 10s - timeout: 5s - retries: 5 - start_period: 100s - networks: - openimis-net: - volumes: - - database:/var/opt/mssql/data - ports: - - 1433:1433 - ## WARNING: - ## exposing the database port outside the openimis-net network - ## may lead to security issue (depending on your network topology) - # ports: - # - 1433:1433 - backend: - container_name: ${PROJECT_NAME:-openimis}-api - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - restart: always - command: start - volumes: - - photos:/openimis-be/openIMIS/images/insurees - environment: &backend-env - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - - SITE_ROOT=api - - DEBUG=True - - DJANGO_LOG_LEVEL=DEBUG - - SITE_URL=${NEW_OPENIMIS_HOST} - - CELERY_BROKER_URL=amqp://rabbitmq - depends_on: - db: - condition: service_healthy - networks: - openimis-net: - - frontend: - container_name: ${PROJECT_NAME:-openimis}-frontend - image: ghcr.io/openimis/openimis-fe:${FE_TAG:-develop} - restart: always - environment: - - REACT_APP_API_URL=api - - NEW_OPENIMIS_HOST=${NEW_OPENIMIS_HOST} - - OPENIMIS_CONF_JSON=${OPENIMIS_FE_CONF_JSON} - networks: - openimis-net: - ports: - - ${HTTP_PORT:-80}:80 - - ${HTTPS_PORT:-443}:443 - depends_on: - - backend - volumes: - - ./data/certbot/conf:/etc/letsencrypt - - ./data/certbot/www:/var/www/certbot - # uncomment to use custom openimis.conf - #- ./conf/nginx:/conf/ - worker: - container_name: ${PROJECT_NAME:-openimis}-worker - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - command: worker - restart: always - volumes: - - photos:/openimis-be/openIMIS/images/insurees - depends_on: - - backend - environment: *backend-env - networks: - openimis-net: - rabbitmq: - container_name: ${PROJECT_NAME:-openimis}-rabbitmq - image: rabbitmq:3-management - restart: always - networks: - openimis-net: - restapi: - container_name: ${PROJECT_NAME:-openimis}-restapi - image: ghcr.io/openimis/openimis-rest_api:${RESTAPI_TAG:-develop} - environment: - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - volumes: - #- ./conf/restapi:/app/config - - ./logs:/app/log - - photos:/app/photos - - ./Escape:/app/Escape - - ./FromPhone:/app/FromPhone - restart: always - depends_on: - db: - condition: service_healthy - networks: - openimis-net: -networks: - openimis-net: -volumes: - database: - photos: diff --git a/docker-compose.base.yml b/docker-compose.base.yml new file mode 100644 index 0000000..21f3a6b --- /dev/null +++ b/docker-compose.base.yml @@ -0,0 +1,66 @@ +#version: "3.7" +x-api: &default-api + image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} + environment: + - DB_HOST=${DB_HOST} + - DB_PORT=${DB_PORT} + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - DB_PASSWORD=${DB_PASSWORD} + - SITE_ROOT=api + - SITE_URL=${DOMAIN} + - CELERY_BROKER_URL=amqp://rabbitmq + - DB_ENGINE=${DB_ENGINE} + - MODE=${MODE:-Prod} + volumes: + - photos:/openimis-be/openIMIS/images/insurees + depends_on: + db: + condition: service_healthy + networks: + openimis-net: + restart: always + +services: + frontend: + container_name: ${PROJECT_NAME:-openimis}-frontend + image: ghcr.io/openimis/openimis-fe:${FE_TAG:-develop} + restart: always + environment: + - REACT_APP_API_URL=api + - NEW_OPENIMIS_HOST=${DOMAIN} + - OPENIMIS_CONF_JSON=${OPENIMIS_FE_CONF_JSON} + - OPENSEARCH_BASIC_TOKEN=${OPENSEARCH_BASIC_TOKEN} + networks: + openimis-net: + ports: + - ${HTTP_PORT:-80}:80 + - ${HTTPS_PORT:-443}:443 + depends_on: + - backend + volumes: + - ./data/certbot/conf:/etc/letsencrypt + - ./data/certbot/www:/var/www/certbot + # uncomment to use custom openimis.conf + - ./conf/nginx:/conf/ + backend: + <<: *default-api + container_name: ${PROJECT_NAME:-openimis}-api + command: start + + worker: + <<: *default-api + container_name: ${PROJECT_NAME:-openimis}-worker + command: worker + rabbitmq: + container_name: ${PROJECT_NAME:-openimis}-rabbitmq + image: rabbitmq:3-management + restart: always + networks: + openimis-net: +networks: + openimis-net: + name: "${PROJECT_NAME:-openimis}-net" +volumes: + database: + photos: diff --git a/docker-compose.certbot.yml b/docker-compose.certbot.yml index b32b9c4..369143b 100644 --- a/docker-compose.certbot.yml +++ b/docker-compose.certbot.yml @@ -1,73 +1,6 @@ -version: "2.4" - +#version: "3.7" services: - db: - container_name: ${PROJECT_NAME:-openimis}-db - image: ghcr.io/openimis/openimis-pgsql:${DB_TAG:-latest} - environment: - - DB_USER_PASSWORD=${DB_PASSWORD} - - SA_PASSWORD=${DB_PASSWORD} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - ACCEPT_EULA=${ACCEPT_EULA} - healthcheck: - test: "bash /app/healthcheck.sh" - interval: 10s - timeout: 5s - retries: 5 - start_period: 100s - networks: - openimis-net: - volumes: - - database:/var/opt/mssql/data - ports: - - 1433:1433 - ## WARNING: - ## exposing the database port outside the openimis-net network - ## may lead to security issue (depending on your network topology) - # ports: - # - 1433:1433 - backend: - container_name: ${PROJECT_NAME:-openimis}-api - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - command: start - volumes: - - photos:/openimis-be/openIMIS/images/insurees - environment: &backend-env - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - - DB_ENGINE=${DB_ENGINE} - - SITE_ROOT=api - - DEBUG=True - - DJANGO_LOG_LEVEL=DEBUG - - SITE_URL=${NEW_OPENIMIS_HOST} - - CELERY_BROKER_URL=amqp://rabbitmq - depends_on: - db: - condition: service_healthy - networks: - openimis-net: - frontend: - container_name: ${PROJECT_NAME:-openimis}-frontend - image: ghcr.io/openimis/openimis-fe:${FE_TAG:-develop} - environment: - - REACT_APP_API_URL=api - - NEW_OPENIMIS_HOST=${NEW_OPENIMIS_HOST} - - OPENIMIS_CONF_JSON=${OPENIMIS_FE_CONF_JSON} - networks: - openimis-net: - ports: - - ${HTTP_PORT:-80}:80 - - ${HTTPS_PORT:-443}:443 - depends_on: - - backend - volumes: - - ./data/certbot/conf:/etc/letsencrypt - - ./data/certbot/www:/var/www/certbot certbot: image: certbot/certbot entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" @@ -76,48 +9,3 @@ services: - ./data/certbot/www:/var/www/certbot # uncomment to use custom openimis.conf #- ./conf/nginx:/conf/ - - worker: - container_name: ${PROJECT_NAME:-openimis}-worker - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - command: worker - restart: always - volumes: - - photos:/openimis-be/openIMIS/images/insurees - depends_on: - - backend - environment: *backend-env - networks: - openimis-net: - rabbitmq: - container_name: ${PROJECT_NAME:-openimis}-rabbitmq - image: rabbitmq:3-management - restart: always - networks: - openimis-net: - restapi: - container_name: ${PROJECT_NAME:-openimis}-restapi - image: ghcr.io/openimis/openimis-rest_api:${RESTAPI_TAG:-develop} - environment: - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - volumes: - #- ./conf/restapi:/app/config - - ./logs:/app/log - - photos:/app/photos - - ./Escape:/app/Escape - - ./FromPhone:/app/FromPhone - restart: always - depends_on: - db: - condition: service_healthy - networks: - openimis-net: -networks: - openimis-net: -volumes: - database: - photos: diff --git a/docker-compose.coremis.yml b/docker-compose.coremis.yml deleted file mode 100644 index 2ebb540..0000000 --- a/docker-compose.coremis.yml +++ /dev/null @@ -1,16 +0,0 @@ -include: - - path: docker-compose.yml - env_file: .env - - path: docker-compose.openSearch.yml - env_file: - - .env - - .env.openSearch - - path: docker-compose.lightning.yml - env_file: - - .env - - .env.lightning - - - - - diff --git a/docker-compose.lightning.yml b/docker-compose.lightning.yml index dc44eda..b2c7983 100644 --- a/docker-compose.lightning.yml +++ b/docker-compose.lightning.yml @@ -1,5 +1,4 @@ -version: "3.7" - +#version: "3.7" x-lightning: &default-app image: ghcr.io/openimis/openimis-lightning_dkr:develop platform: linux/amd64 diff --git a/docker-compose.mssql.yml b/docker-compose.mssql.yml new file mode 100644 index 0000000..4ce6908 --- /dev/null +++ b/docker-compose.mssql.yml @@ -0,0 +1,31 @@ +#version: '3.7' +services: + db: + container_name: ${PROJECT_NAME:-openimis}-db + image: ghcr.io/openimis/openimis-mssql:${DB_TAG:-latest} + restart: always + environment: + - DB_USER_PASSWORD=${DB_PASSWORD} + - SA_PASSWORD=${DB_PASSWORD} + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - ACCEPT_EULA=${ACCEPT_EULA} + - INIT_MODE=${INIT_MODE} + healthcheck: + test: "bash /app/healthcheck.sh" + interval: 10s + timeout: 5s + retries: 5 + start_period: 100s + networks: + openimis-net: + volumes: + - database:/var/opt/mssql/data + ports: + - 1433:1433 + ## WARNING: + ## exposing the database port outside the openimis-net network + ## may lead to security issue (depending on your network topology) + # ports: + # - 1433:1433 + \ No newline at end of file diff --git a/docker-compose.openSearch.yml b/docker-compose.openSearch.yml index 7bf69ed..a4f0574 100644 --- a/docker-compose.openSearch.yml +++ b/docker-compose.openSearch.yml @@ -1,4 +1,4 @@ -version: '3.7' +#version: '3.7' services: opensearch: build: @@ -11,6 +11,7 @@ services: - "cluster.name=${CLUSTER_NAME:-my_opensearch_local}" - "http.port=${OPEN_SEARCH_HTTP_PORT:-9200}" - "plugins.security.ssl.http.enabled=${SLL_HTTP_ENABLED:-false}" + - "plugins.security.disabled=true" volumes: - "opensearch-data1:/usr/share/opensearch/data" networks: @@ -18,19 +19,14 @@ services: opensearch-dashboards: image: opensearchproject/opensearch-dashboards:2.9.0 - container_name: opensearch-dashboards - ports: - - "5601:5601" - expose: - - "5601" + container_name: ${PROJECT_NAME:-openimis}-opensearch-dashboards environment: - - "OPENSEARCH_HOSTS=${OPENSEARCH_HOSTS:-http://opensearch:9200}" - - "ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME:-admin}" - - "ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD:-admin}" - - 'SERVER_BASEPATH="/opensearch"' - - 'SERVER_REWRITEBASEPATH=true' + - OPENSEARCH_HOSTS=${OPENSEARCH_HOSTS:-http://opensearch:9200} + - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=true" + - SERVER_BASEPATH=/opensearch + - SERVER_REWRITEBASEPATH=true volumes: - - "./opensearch-configuration/opensearch.yml:/usr/share/opensearch-dashboards/config/opensearch.yml" + - "./conf/opensearch/opensearch.yml:/usr/share/opensearch-dashboards/config/opensearch.yml" networks: openimis-net: @@ -42,4 +38,3 @@ volumes: # name: "${PROJECT_NAME:-openimis}-net" # external: true - diff --git a/docker-compose.psql.yml b/docker-compose.psql.yml new file mode 100644 index 0000000..506b501 --- /dev/null +++ b/docker-compose.psql.yml @@ -0,0 +1,21 @@ +#version: '3.7' +services: + db: + container_name: ${PROJECT_NAME:-openimis}-db + image: ghcr.io/openimis/openimis-pgsql:${DB_TAG:-latest} + environment: + - POSTGRES_PASSWORD=${DB_PASSWORD} + - POSTGRES_DB=${DB_NAME} + - POSTGRES_USER=${DB_USER} + - INIT_MODE=${INIT_MODE} + healthcheck: + test: pg_isready -U ${DB_USER} -d ${DB_NAME} + interval: 10s + timeout: 5s + retries: 5 + start_period: 30s + volumes: + - database:/var/lib/postgresql/data + restart: always + networks: + openimis-net: diff --git a/docker-compose.yml b/docker-compose.yml index ed3cf07..5357979 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,89 +1,20 @@ -version: "3.7" -x-api: &default-api - image: ghcr.io/openimis/openimis-be:${BE_TAG:-develop} - environment: - - DB_HOST=${DB_HOST} - - DB_PORT=${DB_PORT} - - DB_NAME=${DB_NAME} - - DB_USER=${DB_USER} - - DB_PASSWORD=${DB_PASSWORD} - - SITE_ROOT=api - - SITE_URL=${NEW_OPENIMIS_HOST} - - CELERY_BROKER_URL=amqp://rabbitmq - - DB_ENGINE=${DB_ENGINE} - - DJANGO_LOG_LEVEL=DEBUG - - DEBUG=True - volumes: - - photos:/openimis-be/openIMIS/images/insurees - depends_on: - db: - condition: service_healthy - networks: - openimis-net: - restart: always +include: + - path: docker-compose.psql.yml + env_file: .env + - path: docker-compose.base.yml + env_file: .env + - path: docker-compose.openSearch.yml + env_file: + - .env + - .env.openSearch + - path: docker-compose.lightning.yml + env_file: + - .env + - .env.lightning +# - path: docker-compose.certbot.yml + + + + -services: - db: - container_name: ${PROJECT_NAME:-openimis}-db - image: ghcr.io/openimis/openimis-pgsql:${DB_TAG:-latest} - build: - target: ${INIT_MODE:-base} - environment: - - POSTGRES_PASSWORD=${DB_PASSWORD} - - POSTGRES_DB=${DB_NAME} - - POSTGRES_USER=${DB_USER} - - INIT_MODE=${INIT_MODE} - healthcheck: - test: pg_isready -U ${DB_USER} -d ${DB_NAME} - interval: 10s - timeout: 5s - retries: 5 - start_period: 30s - volumes: - - database:/var/lib/postgresql/data - restart: always - networks: - openimis-net: - frontend: - container_name: ${PROJECT_NAME:-openimis}-frontend - image: ghcr.io/openimis/openimis-fe:${FE_TAG:-develop} - restart: always - environment: - - REACT_APP_API_URL=api - - NEW_OPENIMIS_HOST=${NEW_OPENIMIS_HOST} - - OPENIMIS_CONF_JSON=${OPENIMIS_FE_CONF_JSON} - - OPENSEARCH_BASIC_TOKEN=${OPENSEARCH_BASIC_TOKEN} - networks: - openimis-net: - ports: - - ${HTTP_PORT:-80}:80 - - ${HTTPS_PORT:-443}:443 - depends_on: - - backend - volumes: - - ./data/certbot/conf:/etc/letsencrypt - - ./data/certbot/www:/var/www/certbot - # uncomment to use custom openimis.conf - #- ./conf/nginx:/conf/ - backend: - <<: *default-api - container_name: ${PROJECT_NAME:-openimis}-api - command: start - - worker: - <<: *default-api - container_name: ${PROJECT_NAME:-openimis}-worker - command: worker - rabbitmq: - container_name: ${PROJECT_NAME:-openimis}-rabbitmq - image: rabbitmq:3-management - restart: always - networks: - openimis-net: -networks: - openimis-net: - name: "${PROJECT_NAME:-openimis}-net" -volumes: - database: - photos: From 17f44cdc81c8c8309f1f5a1db845e31e99105363 Mon Sep 17 00:00:00 2001 From: Patrick Delcroix Date: Wed, 17 Apr 2024 21:09:29 +0200 Subject: [PATCH 5/5] Feature/modular docker compose (#58) * modular config * modular compose