-
Notifications
You must be signed in to change notification settings - Fork 56
/
Copy pathdocker-compose.yml
127 lines (107 loc) · 5.11 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
services:
# Nutrient Document Engine requires a PostgreSQL database. We use the postgres docker
# container to set this up.
db:
image: postgres:17
environment:
POSTGRES_USER: nutrient
POSTGRES_PASSWORD: password
POSTGRES_DB: nutrient
POSTGRES_INITDB_ARGS: --data-checksums
PGDATA: /var/lib/postgresql/data/pgdata
volumes:
- pgdata:/var/lib/postgresql/data
# Next, we download and start an instance of Nutrient Document Engine.
# https://www.nutrient.io/guides/document-engine/intro/
document_engine:
image: "${DOCUMENT_ENGINE_IMAGE:-pspdfkit/document-engine:latest}"
environment:
PGUSER: nutrient
PGPASSWORD: password
PGDATABASE: nutrient
PGHOST: db
PGPORT: 5432
# Activation key for your Nutrient Document Engine installation
ACTIVATION_KEY: ${ACTIVATION_KEY}
# Secret token used for authenticating API requests.
API_AUTH_TOKEN: secretValueToReplaceInProduction
# Base key used for deriving secret keys for the purposes of authentication.
SECRET_KEY_BASE: secret-key-base-replace-in-production
# Public key used for verification of JWTs from web clients. It has to be in the PEM format.
JWT_PUBLIC_KEY: |
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALd41vG5rMzG26hhVxE65kzWC+bYQ94t
OxsSxIQZMOc1GY8ubuqu2iku5/5isaFfG44e+VAe+YIdVeQY7cUkaaUCAwEAAQ==
-----END PUBLIC KEY-----
JWT_ALGORITHM: RS256
# Credentials to access the admin dashboard
DASHBOARD_USERNAME: dashboard
DASHBOARD_PASSWORD: secret
# Asset storage backend that is used by Nutrient Document Engine
ASSET_STORAGE_BACKEND: built-in
# A microservice used for completing the signing of the PDF data.
# This service can be found at https://github.com/PSPDFKit/pspdfkit-web-signing-service-example
SIGNING_SERVICE_URL: http://signing_service:6001/sign
depends_on:
- db
ports:
- "5000:5000"
# Now we can start our Examples Catalog. It uses the Dockerfile
# provided in this repository to set up the necessary environment.
example:
build: .
depends_on:
- document_engine
- signing_service
ports:
- "3000:3000"
environment:
# The internal URL is used by the Examples Catalog server to connect to
# Nutrient Document Engine. By default, we want it to talk to the Document Engine instance
# server declared in this docker-compose.yml file.
DOCUMENT_ENGINE_INTERNAL_URL: http://document_engine:5000
# Secret token value used for authenticating API requests.
# Must correspond to the value set in the Document Engine configuration (`API_AUTH_TOKEN`).
DOCUMENT_ENGINE_API_AUTH_TOKEN: secretValueToReplaceInProduction
# The external URL is used by the browser to connect to Document Engine.
# By default, it uses the same host as the browser is currently serving
# and adds port 5000 (the default Document Engine port).
#
# In some situations, this URL needs to be manually overwritten. This is
# usually the case when you want to deploy the Examples Catalog to
# production and have a different hostname for the Document Engine.
# DOCUMENT_ENGINE_EXTERNAL_URL: https://my-pspdfkit-server.example.com/
# To protect the /upload endpoint you can set those two variables
# which will be used to protect you that users can upload anything
# if they don't have the username/password combination.
# UPLOAD_AUTH_USERNAME: username
# UPLOAD_AUTH_PASSWORD: password
# This is the license key for the Web SDK.
WEB_SDK_LICENSE_KEY: >-
YOUR_LICENSE_KEY_GOES_HERE
# This is a pre-generated JSON Web Token (JWT) to make it easy for you to test our example catalog.
# In a production environment, you should never hard-code a private key like this into your repository.
# Instead, you should employ a secrets management tool appropriate to your deployment infrastructure.
JWT_PRIVATE_KEY: |
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBALd41vG5rMzG26hhVxE65kzWC+bYQ94tOxsSxIQZMOc1GY8ubuqu
2iku5/5isaFfG44e+VAe+YIdVeQY7cUkaaUCAwEAAQJAHfi9lEtysRkjNQSBxqzK
hm7JDvLxU1AsQaX1OGctF/fLXzkWiMLsBZ3yLHdPSvl/izbKyGrADv7wrQJrPPhg
gQIhAPQrw5Uh7pQ4RMvkDJff7aHWwWTUuqgsiS/r1/7KHl8VAiEAwFxH2YA3MR/5
Rl5/VJJp6Cv/2IGSgQVCSDZyL5rcBFECIQDc3eGTOxhmtud0T5scnpCD/pD9tngJ
vA90a6/8Z7RFaQIhAIBOjVZUoXvQ+fKoIYKFzsKgZp1BgDkzCs0kE/IQ92ShAiEA
7f4XIbGgIFaSJRpBfa168aeP162EV5oOW+Gyv2IIyK8=
-----END RSA PRIVATE KEY-----
SIGNING_SERVICE_URL: "http://signing_service:6001/sign"
# Build in production mode for yarn start
NODE_ENV: production
# This tells the Examples Catalog to serve the SDK locally.
WEB_SDK_LIB_SERVE_STRATEGY: static
signing_service:
build: https://github.com/PSPDFKit/pspdfkit-web-signing-service-example.git
environment:
SIGNING_SERVICE_PORT: 6001
# We configure the volumes that our services have access to. In the case
# of our Examples Catalog, all we need is the pgdata volume.
volumes:
pgdata: