This repository has been archived by the owner on Sep 12, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdocker-compose-prod.yaml
118 lines (112 loc) · 3.93 KB
/
docker-compose-prod.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
services:
reverse-proxy:
build:
context: ..
dockerfile: docker/Caddy/Dockerfile
environment:
- APPLICATION_DOMAIN=${APPLICATION_DOMAIN}
- CONTROLLER_HOST=controller
- CONTROLLER_PORT=5000
- AGENT_HOST=aca-py
- AGENT_PORT=8030
- EMAIL_CONTACT=${EMAIL_CONTACT}
- CA_ENDPOINT=${CA_ENDPOINT:-https://acme-staging-v02.api.letsencrypt.org/directory}
- RATE_LIMIT_WINDOW=${RATE_LIMIT_WINDOW:-1s}
- RATE_LIMIT_EVENTS=${RATE_LIMIT_EVENTS:-150}
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
- ./caddy/certs:/root/.local/share/caddy/certificates
ports:
- ${HTTP_PORT:-80}:80
- ${HTTPS_PORT:-443}:443
networks:
- dav_controller
controller:
build:
context: ..
dockerfile: docker/dav-controller/Dockerfile
environment:
- LOG_LEVEL=INFO
- LOG_WITH_JSON=true
- DB_HOST=controller-db
- DB_PORT=27017
- DB_NAME=dav_db
- DAV_CONTROLLER_DB_USER=dav_verifier
- CONTROLLER_CAMERA_REDIRECT_URL=wallet_howto
- CONTROLLER_PRESENTATION_EXPIRE_TIME=${QR_CODE_EXPIRY_SECONDS:-60}
- ACAPY_TENANCY=single
- ACAPY_ADMIN_URL=http://aca-py:8077
- ST_ACAPY_ADMIN_API_KEY_NAME=x-api-key
- USE_OOB_PRESENT_PROOF=False
- DAV_PROOF_CONFIG_ID=age-verification-bc-person-credential
- ST_ACAPY_ADMIN_API_KEY=${AGENT_ADMIN_API_KEY}
- DAV_CONTROLLER_DB_USER_PWD=${DAV_CONTROLLER_DB_PWD}
- CONTROLLER_URL=${APPLICATION_DOMAIN}/dav
- ACAPY_AGENT_URL=${APPLICATION_DOMAIN}/agent
volumes:
- ../dav-controller:/app:rw
- ./dav-controller/proof_config_prod.yaml:/app/api/proof_config.yaml
networks:
- dav_controller
controller-db:
image: mongo:6.0
environment:
- MONGO_INITDB_ROOT_USERNAME=dav_verifier
- MONGO_INITDB_DATABASE=dav_db
- MONGO_INITDB_ROOT_PASSWORD=${DAV_CONTROLLER_DB_PWD}
volumes:
- controller-db-data:/data/db
- ./mongo/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
restart: unless-stopped
networks:
- dav_controller
aca-py:
image: ghcr.io/hyperledger/aries-cloudagent-python:py3.9-0.12.1
environment:
- ACAPY_WALLET_NAME=dav_agent_wallet
- ACAPY_WALLET_TYPE=askar
- ACAPY_WALLET_LOCAL_DID=true
- ACAPY_AUTO_VERIFY_PRESENTATION=true
- ACAPY_WALLET_STORAGE_TYPE=postgres_storage
- ACAPY_READ_ONLY_LEDGER=true
- ACAPY_GENESIS_TRANSACTIONS_LIST=/tmp/ledgers.yaml
- ACAPY_LOG_LEVEL=info
- ACAPY_WEBHOOK_URL=http://controller:5000/webhooks
- ACAPY_AUTO_PROVISION=true
- POSTGRESQL_WALLET_HOST=wallet-db
- POSTGRESQL_WALLET_PORT=5432
- POSTGRESQL_WALLET_USER=dav_agent
- ACAPY_LABEL=${AGENT_NAME}
- ACAPY_ENDPOINT=${APPLICATION_DOMAIN}/agent
- AGENT_ADMIN_API_KEY=${AGENT_ADMIN_API_KEY}
- ACAPY_WALLET_KEY=${AGENT_WALLET_ENCRYPTION_KEY}
- ACAPY_WALLET_SEED=${AGENT_WALLET_SEED}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- dav_controller
volumes:
- ./agent/config/ledgers-prod.yaml:/tmp/ledgers.yaml
depends_on:
- wallet-db
entrypoint: /bin/bash
command:
[
"-c",
'sleep 15; aca-py start --inbound-transport http ''0.0.0.0'' 8030 --outbound-transport http --wallet-storage-config ''{"url":"wallet-db:5432","max_connections":5}'' --wallet-storage-creds ''{"account":"dav_agent","password":"${POSTGRES_PASSWORD}","admin_account":"dav_agent","admin_password":"${POSTGRES_PASSWORD}"}'' --admin ''0.0.0.0'' 8077 --admin-api-key ${AGENT_ADMIN_API_KEY}',
]
wallet-db:
image: postgres:15.1-alpine
environment:
- POSTGRES_USER=dav_agent
- POSTGRES_DB=dav_wallet
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- dav_controller
volumes:
- agent-wallet-db:/var/lib/pgsql/data
networks:
dav_controller:
driver: bridge
volumes:
controller-db-data:
agent-wallet-db: