docker-compose.yml

volumes:
  consuldata:
  vaultdata:
  miniodata:
  postgresdata:
  redisdata:

services:
  db:
    image: postgres:16
    restart: always
    environment:
      POSTGRES_DB: cabotage_dev
      POSTGRES_HOST_AUTH_METHOD: trust
    ports:
      - "5432:5432"
    volumes:
      - postgresdata:/var/lib/postgresql/data/
      - ./docker-compose/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
  redis:
    image: redis:7
    restart: always
    ports:
      - "6379:6379"
    volumes:
      - redisdata:/var/lib/redis/
  consul:
    image: hashicorp/consul:1.18
    restart: always
    environment:
      CONSUL_CLIENT_INTERFACE: eth0
    ports:
      - "8500:8500"
    volumes:
      - consuldata:/consul/data
  vault:
    image: hashicorp/vault:1.17
    restart: always
    entrypoint: /bin/sh
    command: /etc/vault/entry.sh
    stop_signal: SIGINT
    environment:
      VAULT_DEV_LISTEN_ADDRESS: 0.0.0.0:8200
      VAULT_DEV_ROOT_TOKEN_ID: deadbeef-dead-beef-dead-beefdeadbeef
    ports:
      - "8200:8200"
    cap_add:
      - IPC_LOCK
    volumes:
      - vaultdata:/vault/file
      - ./docker-compose/vault:/etc/vault
    links:
      - db
  registry:
    image: registry:2
    restart: always
    command: ["/etc/docker/registry-local/config.yml"]
    environment:
      REGISTRY_STORAGE_S3_ACCESSKEY: MINIOACCESSKEY
      REGISTRY_STORAGE_S3_SECRETKEY: MINIOSECRETKEY
      REGISTRY_STORAGE_S3_REGION: us-east-1
      REGISTRY_STORAGE_S3_REGIONENDPOINT: http://minio:9000
      REGISTRY_STORAGE_S3_BUCKET: cabotage-registry
      REGISTRY_STORAGE_S3_SECURE: "true"
      REGISTRY_STORAGE_S3_V4AUTH: "true"
      REGISTRY_STORAGE_S3_CHUNKSIZE: 5242880
      REGISTRY_STORAGE_DELETE_ENABLED: true
    ports:
      - "5001:5001"
    volumes:
      - ./docker-compose/registry:/etc/docker/registry-local
  cabotage-buildkitd:
    image: moby/buildkit:v0.13.0-beta1-rootless
    command: --addr tcp://0.0.0.0:1234
    restart: always
    ports:
      - "1234:1234"
    privileged: true
    volumes:
      - ./docker-compose/buildkitd:/home/user/.config/buildkit
  minio:
    image: minio/minio
    entrypoint: sh
    command: -c 'mkdir -p /export/cabotage-registry && /usr/bin/docker-entrypoint.sh server /export --console-address ":9001"'
    restart: always
    environment:
      MINIO_ROOT_USER: MINIOACCESSKEY
      MINIO_ROOT_PASSWORD: MINIOSECRETKEY
      MINIO_REGION: us-east-1
    ports:
      - "9000:9000"
      - "9001:9001"
    volumes:
      - miniodata:/export
  base:
    build:
      context: .
      args:
        DEVEL: yes
    image: cabotage-app:docker-compose
    environment: &base_environment
      # Runs as `nobody`, override the home directory
      - PIP_CACHE_DIR=/opt/cabotage-app/src/dev/.pip-cache
      - PIP_TOOLS_CACHE_DIR=/opt/cabotage-app/src/dev/.pip-tools-cache
      # Application configuration
      - CABOTAGE_BCRYPT_LOG_ROUNDS=4
      - CABOTAGE_DEBUG=True
      - CABOTAGE_DEBUG_TB_ENABLED=True
      - CABOTAGE_GITHUB_APP_ID=
      - CABOTAGE_GITHUB_APP_PRIVATE_KEY=
      - CABOTAGE_GITHUB_APP_URL=https://github.com/apps/cabotage-local
      - CABOTAGE_GITHUB_WEBHOOK_SECRET=
      - CABOTAGE_KUBERNETES_CONTEXT=minikube
      - CABOTAGE_KUBERNETES_ENABLED=False
      - CABOTAGE_SECURITY_CONFIRMABLE=False
      - CABOTAGE_SQLALCHEMY_DATABASE_URI=postgresql://postgres@db/cabotage_dev
      - CABOTAGE_TESTING=True
      - CABOTAGE_VAULT_TOKEN=deadbeef-dead-beef-dead-beefdeadbeef
      - CABOTAGE_WTF_CSRF_ENABLED=False
      - C_FORCE_ROOT=1
      - FLASK_APP=cabotage.server.wsgi
      - KUBECONFIG=/var/run/kube/config
    volumes:
      - .:/opt/cabotage-app/src:z

  cabotage-app:
    image: cabotage-app:docker-compose
    command: hupper -m gunicorn.app.wsgiapp -c gunicorn.conf -w 4 --threads 100 -b 0.0.0.0:8000 cabotage.server.wsgi:app
    environment: *base_environment
    volumes:
      - .:/opt/cabotage-app/src:z
      - $HOME/.kube:/var/run/kube
    ports:
      - "8000:8000"
    links:
      - db
      - redis
      - vault

  cabotage-app-worker:
    image: cabotage-app:docker-compose
    command: hupper -m celery -A cabotage.celery.worker.celery_app worker -E --loglevel=INFO
    environment: *base_environment
    volumes:
      - .:/opt/cabotage-app/src:z
      - $HOME/.kube:/var/run/kube
    links:
      - db
      - redis
      - vault