mirror of
https://github.com/apidoorman/doorman.git
synced 2026-02-08 01:58:59 -06:00
91 lines
2.9 KiB
YAML
91 lines
2.9 KiB
YAML
# Doorman API Gateway - Docker Compose
|
|
#
|
|
# Quick Start:
|
|
# 1. Copy .env.example to .env and configure secrets
|
|
# 2. Run: docker compose up
|
|
#
|
|
# With Redis/MongoDB (production):
|
|
# 1. Set MEM_OR_EXTERNAL=REDIS in .env
|
|
# 2. Run: docker compose --profile production up
|
|
|
|
services:
|
|
doorman:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
args:
|
|
NEXT_PUBLIC_PROTECTED_USERS: ${NEXT_PUBLIC_PROTECTED_USERS:-}
|
|
NEXT_PUBLIC_GATEWAY_URL: ${NEXT_PUBLIC_GATEWAY_URL:-}
|
|
image: doorman:latest
|
|
container_name: doorman
|
|
ports:
|
|
- "${PORT:-3001}:${PORT:-3001}" # Backend API
|
|
- "${WEB_PORT:-3000}:${WEB_PORT:-3000}" # Web UI
|
|
env_file:
|
|
- .env
|
|
environment:
|
|
# Memory-mode dump settings (work for localhost and Docker on AWS)
|
|
MEM_DUMP_PATH: ${MEM_DUMP_PATH:-/app/backend-services/generated/memory_dump.bin}
|
|
MEM_AUTO_SAVE_ENABLED: ${MEM_AUTO_SAVE_ENABLED:-true}
|
|
MEM_AUTO_SAVE_FREQ: ${MEM_AUTO_SAVE_FREQ:-300}
|
|
# Encryption key for dumps (set a strong value in .env for real use)
|
|
MEM_ENCRYPTION_KEY: ${MEM_ENCRYPTION_KEY:-change-me-in-prod}
|
|
# Ensure logs are written to a Docker-managed volume, not the image
|
|
LOGS_DIR: /app/backend-services/platform-logs
|
|
volumes:
|
|
- doorman-generated:/app/backend-services/generated
|
|
- doorman-logs:/app/backend-services/platform-logs
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
# Always use HTTP for the internal healthcheck. TLS should be terminated
|
|
# at the reverse proxy (Nginx/Traefik/ALB), and Uvicorn listens in plain HTTP.
|
|
# Using HTTPS here will cause Uvicorn to log 'Invalid HTTP request received.'
|
|
test: ["CMD", "sh", "-c", "curl -fsS http://localhost:$${PORT:-3001}/platform/monitor/liveness"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
|
|
# Redis - Enable with: docker compose --profile production up
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: doorman-redis
|
|
profiles: ["production"]
|
|
ports:
|
|
- "${REDIS_PORT:-6379}:6379"
|
|
volumes:
|
|
- redis-data:/data
|
|
restart: unless-stopped
|
|
command: redis-server --appendonly yes
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 3s
|
|
retries: 3
|
|
|
|
# MongoDB - Enable with: docker compose --profile production up
|
|
mongo:
|
|
image: mongo:7
|
|
container_name: doorman-mongo
|
|
profiles: ["production"]
|
|
ports:
|
|
- "${MONGO_PORT:-27017}:27017"
|
|
environment:
|
|
MONGO_INITDB_ROOT_USERNAME: ${MONGO_DB_USER:-doorman_admin}
|
|
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_DB_PASSWORD:-changeme}
|
|
volumes:
|
|
- mongo-data:/data/db
|
|
restart: unless-stopped
|
|
command: --replSet ${MONGO_REPLICA_SET_NAME:-rs0} --bind_ip_all
|
|
healthcheck:
|
|
test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
volumes:
|
|
redis-data:
|
|
mongo-data:
|
|
doorman-generated:
|
|
doorman-logs:
|