Appendix B: Docker Compose Sample Templates
This appendix contains a collection of Docker Compose templates that you can use to deploy the Platform components in a Docker environment.
tipAs each of these services are deployed in separate Docker Compose files, and may mount volumes to persist data, you may want to create seperate folders for each service to store the configuration and data files.
IMPORTANTAll passwords and sensitive information should be stored in a secure location and not in the Docker Compose files.
We recommend using a secret management tool like HashiCorp Vault or Docker Secrets to store sensitive information securely.
Database Services
This template combines the PostgreSQL, Redis and some management services into a single Docker Compose file.
The services are configured to use the internal network, db and the management tools are also the internet gateway via the proxy network.
warningThis compose file should be started first to ensure that the network and database services are available before starting the other services.
services:
postgres:
container_name: postgres
image: postgres:14-alpine
restart: always
environment:
- POSTGRES_USER=one37id
- POSTGRES_PASSWORD=[password]
ports:
- "5432:5432"
volumes:
- db:/var/lib/postgresql/data
networks:
- db
redis:
container_name: redis
image: redis:alpine
restart: always
ports:
- '6379:6379'
command: redis-server --save 20 1 --loglevel warning --requirepass redisPASS
volumes:
- cache:/data
networks:
- db
pgadmin:
container_name: pgadmin
image: dpage/pgadmin4
environment:
- PGADMIN_DEFAULT_PASSWORD=[ui-password]
- PGADMIN_DEFAULT_EMAIL=pgadmin@email.com
ports:
- 5050:5050
volumes:
- pgadmin-data:/var/lib/pgadmin
networks:
- db
- proxy
rcommander:
container_name: rc
image: ghcr.io/joeferner/redis-commander
environment:
- REDIS_PORT=6379
- REDIS_HOST=redis
- REDIS_PASSWORD=[password]
- HTTP_PASSWORD=[http_password]
- HTTP_USER=redisadmin@email.com
ports:
- 8081:8081
networks:
- db
- proxy
volumes:
db:
driver: local
pgadmin-data:
driver: local
cache:
driver: local
networks:
db:
driver: bridge
name: db
proxy:
driver: bridge
name: proxy
NGINX Proxy Manager
This template deploys the NGINX Proxy Manager service that is used to manage the reverse proxy for the Platform services.
See the NGINX Proxy Manager Guide for more information on how to configure the service.
services:
nginx:
container_name: proxy
image: 'jc21/nginx-proxy-manager:latest'
ports:
- "443:443"
- "81:81"
volumes:
- ${PWD}/data:/data
- ${PWD}/letsencrypt:/etc/letsencrypt
- ${PWD}/nginx/snippets:/config/nginx/snippets:ro
tty: true
stdin_open: true
networks:
- proxy
networks:
proxy:
external: true
name: proxy
Business Studio
This template deploys the Business Studio service.
services:
studio:
container_name: studio
image: registry.gitlab.com/one37id/registry/studio-fe/dev.idnext:latest
ports:
- "8000:8084"
networks:
- db
- proxy
environment:
# #Service to Start
- STUDIO_PG_HOST=postgres
- STUDIO_PG_PORT=5432
- STUDIO_PG_DBNAME=one37_studio
- STUDIO_PG_USER=one37id
- STUDIO_PG_PSWD=[password]
- STUDIO_PG_ADMIN_USER=one37id
- STUDIO_PG_ADMIN_PSWD=[password]
pull_policy: always
restart: always
networks:
db:
external: true
name: db
proxy:
external: true
name: proxy
Config Manager
This template deploys the Config Manager service.
services:
one37-cm:
container_name: one37-cm
image: registry.gitlab.com/one37id/registry/solitaire/idnext:latest
ports:
- "8083:8083"
networks:
- db
- proxy
environment:
#Block Microsoft Telemetry
- DOTNET_CLI_TELEMETRY_OPTOUT=1
# Startup Env
- AGENT_NAME=Agent137
- PG_HOST=postgres
- PG_PORT=5432
- PG_DBNAME=one37_agency
- PG_USER=one37id
- PG_PSWD=[password]
- PG_ADMIN_USER=one37id
- PG_ADMIN_PSWD=[password]
- AGENCY_URL=https://[agent.domain.com]
volumes:
- ${PWD}/workflows:/app/external/workflows
pull_policy: always
restart: always
networks:
db:
external: true
name: db
proxy:
external: true
name: proxy
Business Connector
This template deploys the Business Connector service.
services:
one37-bc:
container_name: one37-bc
image: registry.gitlab.com/one37id/registry/one37id-bc2-js/staging:latest
ports: []
# - 5000:5000
# - 5001:5001
# - 5002:5002
networks:
- db
- proxy
environment:
- NODE_ENV=production
- PORT=5000
# Logs
- LOG_LEVEL=info # [Optional] Set the initial log level: [trace, debug, info (default), warning, error, critical]
- NO_COLOR="false" # Enable/Disable color output in logs
# Initial DATABASE
- PG_HOST=[your-db-host/db-container-name]
- PG_PORT=[your-db-port]
- PG_DB_AGENCY=[your-db-name]
- PG_USER=[your-db-user]
- PG_PSWD=[your-db-password]
- DB_ENCRYPTION_KEY=[your-db-encryption-key]
# METRICS
- LOCAL_METRICS_ENABLED=true # Enable local metrics collection
- STATS_BUFFER_TIME=1 # Metrics collection flush interval in minutes
# ALIAS ROUTING
# Set the alias realm of this business
- ALIAS_REALM="com.[your-business-short-name]"
# Set to the alias realm of the home business if this is a sattelite business else it will be the same as the ALIAS REALM
- HOME_ALIAS_REALM="com.[home-business-short-name]"
# Websocket coordination using REDIS
- WS_REDIS_ENABLED=true
- WS_REDIS_MONITOR_ENABLED=false
pull_policy: always
restart: always
scale: 1
networks:
db:
external: true
name: db
proxy:
external: true
name: proxy
Workflow Engine
This template deploys the Workflow Engine service.
services:
wfstudio:
container_name: wf-studio
image: registry.gitlab.com/one37id/registry/one37id-workflow-ui-fe/dev
restart: always
environment:
- POSTGRES_USER=one37id
- POSTGRES_PASSWORD=[password]
ports:
- 3001:3001
networks:
- db
- proxy
wfengine:
container_name: wf-enging
image:
restart: always
ports:
- 7500:7500
command: node src/index.mjs
volumes:
- ${PWD}/workflows:/app/workflows
networks:
- db
networks:
db:
external: true
name: db
proxy:
external: true
name: proxy