ota-ce.yaml

# version: '3.8'

# TODO: Some proxy for reposerver.ota.ce and such so don't have to use proxies

# TODO: Kafka

services:
  reverse-proxy:
    # The official v2 Traefik docker image
    image: traefik:v2.3
    # Enables the web UI and tells Traefik to listen to docker
    command: --api.insecure=true --providers.docker --providers.docker.exposedbydefault=false
    ports:
      # The HTTP port
      - "80:80"
      # The Web UI (enabled by --api.insecure=true)
      - "8080:8080"
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock

  gateway:
    image: nginx:1.13.7
    restart: always
    command: ["nginx-debug", "-g", "daemon off;"]      
    expose:
      - '80'
      - '443'
      - '8443'
    ports:
#      - '80'
      - '8443'
      - '30443:8443'
    depends_on:
      - ota-lith
      - reverse-proxy
    volumes:
      - ./ota-ce/gateway.conf:/etc/nginx/conf.d/gateway.conf:ro
      - ./ota-ce-gen/server.chain.pem:/etc/ssl/gateway/server.chain.pem:ro
      - ./ota-ce-gen/server.key:/etc/ssl/gateway/server.key:ro
      - ./ota-ce-gen/devices/ca.crt:/etc/ssl/gateway/ca.crt:ro

  db:
    image: mariadb:10.4
    #restart: always
    environment:
      MYSQL_DATABASE: 'ota'
      MYSQL_USER: 'ota'
      MYSQL_PASSWORD: 'ota'
      MYSQL_ROOT_PASSWORD: 'root'
    command:
      - docker-entrypoint.sh
      - --max-connections=10000
    ports:
      - '3306:3306'
    expose:
      - '3306'
    volumes:
      - ./db-bootstrap:/docker-entrypoint-initdb.d:ro
      - ota-db:/var/lib/mysql

  ota-lith:
    image: uptane/ota-lith:latest
    restart: always
    depends_on:
      - db
    command:
       - "/opt/ota-lith/bin/ota-lith"
       - "-Dconfig.file=/tmp/ota-lith.conf"
    labels:
      - traefik.enable=true
      - traefik.http.routers.reposerver.service=reposerver
      - traefik.http.routers.reposerver.rule=Host(`reposerver.ota.ce`)
      - traefik.http.services.reposerver.loadbalancer.server.port=7100
      - traefik.http.routers.keyserver.service=keyserver
      - traefik.http.routers.keyserver.rule=Host(`keyserver.ota.ce`)
      - traefik.http.services.keyserver.loadbalancer.server.port=7200
      - traefik.http.routers.director.service=director
      - traefik.http.routers.director.rule=Host(`director.ota.ce`)
      - traefik.http.services.director.loadbalancer.server.port=7300
      - traefik.http.routers.treehub.service=treehub
      - traefik.http.routers.treehub.rule=Host(`treehub.ota.ce`)
      - traefik.http.services.treehub.loadbalancer.server.port=7400
      - traefik.http.routers.deviceregistry.service=deviceregistry
      - traefik.http.routers.deviceregistry.rule=Host(`deviceregistry.ota.ce`)
      - traefik.http.services.deviceregistry.loadbalancer.server.port=7500
    volumes:
      - ./ota-lith-ce.conf:/tmp/ota-lith.conf
      - objects:/var/lib/ota-lith
     
  ota-lith-daemons:
    image: uptane/ota-lith:latest
    restart: always
    depends_on:
      - db
      - ota-lith
    command:
       - "/opt/ota-lith/bin/ota-lith"
       - "-main"
       - "com.advancedtelematic.ota_lith.OtaLithDaemonBoot"
       - "-Dconfig.file=/tmp/ota-lith.conf"
    volumes:
      - ./ota-lith-ce.conf:/tmp/ota-lith.conf

  zookeeper:
    image: wurstmeister/zookeeper
    ports:
      - "2181:2181"
  kafka:
    image: wurstmeister/kafka:2.13-2.7.1
    ports:
      - "9092:9092"
    environment:
      KAFKA_ADVERTISED_HOST_NAME: kafka
      KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

volumes:
  ota-db:
  objects: