version: '3.8' x-app-common: &jitsi_admin_app image: h2invent/jitsi-admin-main:latest # build: . environment: APACHE_DOCUMENT_ROOT: "public/" PHP_EXTENSION_XDEBUG: "1" PHP_INI_MEMORY_LIMIT: "1G" PHP_EXTENSION_LDAP: 1 PHP_EXTENSION_INTL: 1 services: traefik-ja: image: "traefik:v2.5" env_file: - ./.env - ./.env.local - ./.env.custom command: #- "--log.level=DEBUG" - "--api.insecure=false" - "--providers.docker=true" #- "--api.dashboard=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.unsecure.address=:80" - "--entrypoints.web.address=:443" # Global HTTP -> HTTPS - "--entrypoints.unsecure.http.redirections.entryPoint.to=web" - "--entrypoints.unsecure.http.redirections.entryPoint.scheme=https" # SSL configuration - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=unsecure" - "--certificatesresolvers.letsencrypt.acme.email=${registerEmailAdress}" - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" labels: - "traefik.enable=true" - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" - "traefik.http.routers.http-catchall.entrypoints=unsecure" - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker" - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - "traefik.http.routers.traefik-ja.rule=Host(`traefik.${PUBLIC_URL}`)" - "traefik.http.routers.traefik-ja.entrypoints=web" - "traefik.http.routers.traefik-ja.tls.certresolver=letsencrypt" - "traefik.http.routers.traefik-ja.service=api@internal" - "traefik.http.routers.traefik-ja.middlewares=traefik-auth" - "traefik.http.middlewares.traefik-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/" # test:test networks: - external restart: unless-stopped ports: - "80:80" - "443:443" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - ./data/letsencrypt:/letsencrypt - ./tools/traefik/config.yml:/etc/traefik/dynamic_conf/conf.yml:ro #Here is the websocket hub websocket-ja: hostname: websocket-ja image: h2invent/jitsi-admin-websocket:latest # build: nodejs restart: unless-stopped depends_on: - traefik-ja env_file: - ./.env - ./.env.local - ./.env.custom healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/healthz"] interval: 10s retries: 5 timeout: 10s start_period: 10s labels: - "traefik.enable=true" - "traefik.http.routers.websocket-ja.rule=Host(`${PUBLIC_URL}`) && PathPrefix(`/ws`)" - "traefik.http.routers.websocket-ja.entrypoints=web" - "traefik.http.routers.websocket-ja.tls=true" - "traefik.http.services.websocket-ja.loadbalancer.server.port=3000" - "traefik.http.routers.websocket-ja.tls.certresolver=letsencrypt" - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=http" - "traefik.http.routers.app-secure.middlewares=sslheader@docker" networks: - external - internal volumes: - caddy_data:/data - caddy_config:/config #Here is the Jitsi-Admin app app-ja: <<: *jitsi_admin_app depends_on: db-ja: condition: service_healthy restart: unless-stopped healthcheck: test: [ "CMD", "curl", "-s", "-f", "-i", "http://localhost:80/health/check" ] interval: 20s timeout: 10s start_period: 30s retries: 10 env_file: - ./.env - ./.env.local - ./.env.custom environment: APACHE_DOCUMENT_ROOT: "public/" PHP_EXTENSION_XDEBUG: "1" PHP_INI_MEMORY_LIMIT: "1G" PHP_EXTENSION_LDAP: 1 PHP_EXTENSION_INTL: 1 PHP_INI_UPLOAD_MAX_FILESIZE: 8M PHP_INI_POST_MAX_SIZE: 8M MAILER_TRANSPORT: smtp OAUTH_KEYCLOAK_CLIENT_ID: jitsiadmin OAUTH_KEYCLOAK_REALM: jitsiadmin input_settings_allow_timezone: 1 allowTimeZoneSwitch: 1 CRON_USER_1: root CRON_SCHEDULE_1: "* * * * *" CRON_COMMAND_1: "php /var/www/html/bin/console cron:run" labels: - "traefik.enable=true" - "traefik.http.routers.app-ja.tls=true" - "traefik.http.routers.app-ja.rule=Host(`${PUBLIC_URL}`)" - "traefik.http.routers.app-ja.entrypoints=web" - "traefik.http.services.app-ja.loadbalancer.server.port=80" - "traefik.http.routers.app-ja.tls.certresolver=letsencrypt" - "traefik.http.services.app-ja.loadbalancer.sticky=true" - "traefik.http.services.app-ja.loadbalancer.sticky.cookie.name=jad" - "traefik.http.services.app-ja.loadbalancer.sticky.cookie.secure=true" volumes: - theme_data:/var/www/html/theme - image_upload:/var/www/html/public/uploads/images - theme_assests_data:/var/www/html/public/theme networks: - external - internal app-queu: <<: *jitsi_admin_app restart: unless-stopped deploy: mode: replicated replicas: 2 env_file: - ./.env - ./.env.local - ./.env.custom depends_on: app-ja: condition: service_healthy command: php /var/www/html/bin/console messenger:consume async --memory-limit=126m volumes: - theme_data:/var/www/html/theme networks: - internal db-ja: image: mariadb:latest hostname: db-ja healthcheck: test: [ "CMD", "mariadb-admin" ,"ping", "-h", "localhost","-ptest" ] timeout: 20s retries: 10 env_file: - ./.env - ./.env.local - ./.env.custom restart: unless-stopped environment: MARIADB_ROOT_PASSWORD: test volumes: - mariadb:/var/lib/mysql - ./docker/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d networks: - internal keycloak-ja: image: quay.io/keycloak/keycloak:22.0.3 depends_on: app-ja: condition: service_healthy env_file: - ./.env - ./.env.local - ./.env.custom environment: KEYCLOAK_ADMIN: admin KC_DB: mariadb KC_DB_USERNAME: keycloak KC_HTTP_RELATIVE_PATH: /keycloak KC_PROXY: passthrough restart: unless-stopped command: - start-dev - --import-realm labels: - "traefik.enable=true" - "traefik.http.routers.keycloak-ja.tls=true" - "traefik.http.routers.keycloak-ja.rule=Host(`${PUBLIC_URL}`) && PathPrefix(`/keycloak`)" - "traefik.http.routers.keycloak-ja.entrypoints=web" - "traefik.http.services.keycloak-ja.loadbalancer.server.port=8080" - "traefik.http.routers.keycloak-ja.tls.certresolver=letsencrypt" volumes: - ./docker/keycloak/:/opt/keycloak/data/import networks: - external - internal networks: external: internal: volumes: mariadb: caddy_data: caddy_config: image_upload: theme_data: theme_assests_data: