Versions Compared

Old Version 1

changes.mady.by.user Matthias Senker (Deactivated)

Saved on

compared with

New Version 2

changes.mady.by.user Mirco Hoffmann (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

Code Block
breakoutModewide
languageyaml
version: '"3.3'"
services:
   # database
   controlplane-backend-db:
    image: mysql:8
    container_name: controlplane-backend-db
    restart: always
    ports:
      - "3309:3306"
    environment:

     - 'MYSQL_ROOT_PASSWORD=: 123'
      - 'MYSQL_DATABASE=: obsidian-backend'
      - 'MYSQL_USER=: obsidian'
      - 'MYSQL_PASSWORD=: 123'
    volumes:
      - controlplane-backend-db-vol:/var/lib/mysql

    # backend

  controlplane-backend:
    image: ghcr.io/apiida/controlplane-backend:latest
    container_name: controlplane-backend
    depends_on:
      - controlplane-backend-db
    ports:
      - "8080:8080"
    environment:
      # The initial admin. You should change the password later.

     - 'initial-admin.username=: admin'
      - 'initial-admin.password=admin': admin
      # The connection to the Developer Portal is created directly at startup. The token can be freely selected but must match the one set in the Developer Portal.
      dev-portal.default.url: https://localhost:3009
      dev-portal.default.token: vpfw2d823h8uQRN
      # It is important that you provide a secure password here! This is used to encrypt secrets like git passwords in the database!

     - 'jasypt.encryptor.password=: Dont4get$1'
      - 'spring.datasource.url=: "jdbc:mysql://controlplane-backend-db:3306/obsidian-backend'
"
     - 'spring.datasource.username=: obsidian'
      - 'spring.datasource.password=: 123'
      # required for CORS

     - 'frontend.url=: https://localhost:3000'
      # you can also configure smtp while ACP is running, so this is optional
      - 'mail.smtp.host=: smtp.mailtrap.io'

     - 'mail.smtp.port=: 25'

     - 'mail.smtp.encryption=: TLS'
      - 'mail.smtp.username=: 49c711575e9ab4'
      - 'mail.smtp.password=: 626cca80501586'
      # currently, we open a database connection for each incomming request, so the pool size determines how many requests we can process in parallel
      # you can reduce this, but don't go too small. I would recommend at the very least 20!
      - 'spring.datasource.hikari.maximum-pool-size=: 50'
      # ssl configuration - if you disable ssl, the other ssl settings are irrelevant.

     - 'server.ssl.enabled=: true'
      - 'server.ssl.key-store-type=: PKCS12'
      # if you want to change the p12, then mount it into the container and set this to the correct absolute path
      - 'server.ssl.key-store=: "classpath:certificates/server.p12'"
      - 'server.ssl.key-store-password=: Dont4get$1'

     - 'server.ssl.protocol=: TLS'
      - 'server.ssl.enabled-protocols=: TLSv1.3'
    volumes:
      - controlplane-backend-files-vol:/application/files
      # you probably want to add another volume, for your SSL certificate (.p12 format!)


     # frontend
   controlplane-frontend:
    image: ghcr.io/apiida/controlplane-frontend:latest
    container_name: controlplane-frontend
    depends_on:
      - controlplane-backend
    ports:
      - "3000:443"
    environment:
      - 'BACKEND_URL=: localhost:8080'
      - '
      # To disable the insertion of the tenant ID the string must not contain 'addTenantIdToBack'.
      INSERT_TENANT_ID=doNotInsertIt': doNotInsertIt
      # ssl configuration - here you can mount your certificate in the container and if you want, also change the whole nginx configuration.
      #  volumes:
      #   - ./frontend.crt:/etc/ssl/certs/frontend.crt
      #   - ./frontend.key:/etc/ssl/private/frontend.key
  #    # http://nginx.org/en/docs/
      #   - ./nginx.conf:/etc/nginx/conf.d/default.conf


     # devportal
   controlplane-devportal:
    image: ghcr.io/apiida/controlplane-devportal:latest
    container_name: controlplane-devportal
    depends_on:
      - controlplane-backend
    ports:
      - "3009:443"
    environment:
      - 'BACKEND_URL=: localhost:8080'
      # To disable the insertion of the tenant ID the string must not contain 'addTenantIdToBack'.

     - 'INSERT_TENANT_ID=doNotInsertIt': doNotInsertIt
      DEV_PORTAL_TOKEN: vpfw2d823h8uQRN
      # ssl configuration - here you can mount your certificate in the container and if you want, also change the whole nginx configuration.
      #  volumes:
      #   - ./frontend.crt:/etc/ssl/certs/frontend.crt
      #   - ./frontend.key:/etc/ssl/private/frontend.key
    #  # http://nginx.org/en/docs/
      #   - ./nginx.conf:/etc/nginx/conf.d/default.conf

networks:
  default:
    name: controlplane

volumes:
  controlplane-backend-db-vol:
  controlplane-backend-files-vol:

Frontend Certificates

To use production SSL certificates you must move your cert components to the following locations:

...

Ensure the following environment variables are set:

wide
Code Block
breakoutMode
languageyaml
      - 'initial-admin.username=admin'
      - 'initial-admin.password=admin'

...