forked from HHS/TANF-app
-
Notifications
You must be signed in to change notification settings - Fork 4
/
docker-compose.yml
143 lines (132 loc) · 3.46 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
# Base Docker compose for all environments
version: "3.4"
services:
zaproxy:
image: softwaresecurityproject/zap-stable:2.13.0
command: sleep 3600
depends_on:
- web
volumes:
- ./reports:/zap/wrk/:rw
- ../scripts/zap-hook.py:/zap/scripts/zap-hook.py:ro
postgres:
image: postgres:11.6
environment:
- PGDATA=/var/lib/postgresql/data/
- POSTGRES_DB=tdrs_test
- POSTGRES_PASSWORD=something_secure
- POSTGRES_PORT=5432
- POSTGRES_USER=tdpuser
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data/:rw
clamav-rest:
image: rafttech/clamav-rest:0.103.2
environment:
- MAX_FILE_SIZE=200M
ports:
- "9000:9000"
localstack:
image: localstack/localstack:0.13.3
environment:
- SERVICES=s3
- DATA_DIR=/tmp/localstack/data
- AWS_BUCKET=tdp-datafiles-localstack
- AWS_REGION_NAME=us-gov-west-1
ports:
- "4566:4566"
volumes:
- localstack_data:/tmp/localstack
# Copy in the Localstack setup script to configure any buckets needed
- ../scripts/localstack-setup.sh:/docker-entrypoint-initaws.d/localstack-setup.sh
kibana:
image: docker.elastic.co/kibana/kibana-oss:7.4.2
ports:
- 5601:5601
environment:
- ELASTICSEARCH_HOSTS="http://elastic:9200"
- SERVER_HOST=kibana
- SERVER_BASEPATH=/kibana
- SERVER_SECURITYRESPONSEHEADERS_REFERRERPOLICY=no-referrer
- CSP_WARNLEGACYBROWSERS=false
depends_on:
- elastic
elastic:
image: elasticsearch:7.17.6
environment:
- discovery.type=single-node
- logger.discovery.level=debug
- xpack.security.enabled=false
ports:
- 9200:9200
- 9300:9300
volumes:
- elastic_data:/usr/share/elasticsearch/data
web:
restart: always
environment:
- CLAMAV_NEEDED
- AV_SCAN_URL=http://clamav-rest:9000/scan
- DB_HOST=postgres
- DB_NAME=tdrs_test
- DB_PASSWORD=something_secure
- DB_PORT=5432
- DB_USER=tdpuser
- DJANGO_CONFIGURATION=${DJANGO_CONFIGURATION:-Local}
- DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY:-tdp-dev-insecure}
- DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-tdpservice.settings.local}
- LOCALSTACK_HOST=localstack
- DJANGO_SU_NAME
- JWT_CERT_TEST
- JWT_KEY
- USE_LOCALSTACK
- LOGGING_LEVEL
- AMS_CLIENT_ID
- AMS_CLIENT_SECRET
- AMS_CONFIGURATION_ENDPOINT
- ACFTITAN_HOST
- ACFTITAN_KEY
- ACFTITAN_USERNAME
- REDIS_URI=redis://redis-server:6379
- REDIS_SERVER_LOCAL=TRUE
- ACFTITAN_SFTP_PYTEST
- CYPRESS_TOKEN
- DJANGO_DEBUG
- SENDGRID_API_KEY
- GENERATE_TRAILER_ERRORS=True
- BYPASS_KIBANA_AUTH
volumes:
- .:/tdpapp
image: tdp
build: .
command: >
bash -c "./wait_for_services.sh &&
./manage.py makemigrations &&
./manage.py migrate &&
./manage.py populate_stts &&
./gunicorn_start.sh && celery -A tdpservice.settings worker -l info"
ports:
- "5555:5555"
tty: true
depends_on:
- clamav-rest
- localstack
- postgres
- redis-server
- elastic
redis-server:
image: "redis:alpine"
command: redis-server /tdpapp/redis.conf
ports:
- "6379:6379"
volumes:
- .:/tdpapp
volumes:
localstack_data:
postgres_data:
elastic_data:
networks:
default:
name: external-net
external: true