Newer
Older
reseda-search / docker-compose.yml
@wilmouths wilmouths on 28 Jun 4 KB fix: add default port
# Fichier de base de l'application en docker
# /!\ Ne pas modifier la version de docker-compose, c'est gérer par puppet et la modification doit passer par une demande à iProd.
######################################
version: "3.9"

services:
  reseda-search_api:
    container_name: reseda-search_api
    image: vxnexus-registry.intra.inist.fr:8083/metadore/reseda-search:${IPROD_VERSION_NEXUS_RESEDASEARCH}
    profiles: ["vpreseda-search", "vireseda-search", "vdreseda-search"]
    ports:
      - ${IPROD_RESEDA_SEARCH_PORT:-3000}:3000
    environment:
      - NODE_ENV=${GITREPO_NODE_ENV}
      - ELASTICSEARCH_SCHEME=${GITREPO_ES_SCHEME}
      - ELASTICSEARCH_HOST=${IPROD_ES1_NODE_HOST}
      - ELASTICSEARCH_PORT=${IPROD_ES1_PORT}
      - ELASTICSEARCH_USERNAME=${IPROD_ES_USER_ELASTIC} #user ezmeta (vp), superuser (vi, vd)
      - ELASTICSEARCH_PASSWORD=${IPROD_ES_PWD_ELASTIC}
      - RESEDA_EMPLOYEES_INDEX=${IPROD_RESEDA_EMPLOYEES_INDEX}
      - RESEDA_STRUCTURES_INDEX=${IPROD_RESEDA_STRUCTURES_INDEX}
      - PARAMS_MAX_SIZE=${GITREPO_PARAMS_MAX_SIZE}
      - PARAMS_DEFAULT_SIZE=${GITREPO_PARAMS_DEFAULT_SIZE}
      - RESEDA_DOC_URL=${GITREPO_RESEDA_DOC_URL}
    volumes:
      - ../var/log/collect/reseda-search_api/reseda-search_api_access.log:/app/log/server/access.log
      - ../var/log/collect/reseda-search_api/reseda-search_api_error.log:/app/log/server/error.log
      - ../var/log/local/reseda-search_api/reseda-search_api_combined.log:/app/log/app/combined.log
      - ../var/log/local/reseda-search_api/reseda-search_api_error.log:/app/log/app/error.log
    restart: always
    networks:
      - reseda-search_net
    
  reseda-search_elastic1:
    container_name: reseda-search_elastic1
    image: docker.elastic.co/elasticsearch/elasticsearch:${IPROD_VERSION_ELASTIC}
    profiles: ["vireseda-search", "vdreseda-search"]
    restart: always
    ports:
      - ${IPROD_ES1_PORT:-9200}:9200
    healthcheck:
      test: curl --cacert /usr/share/elasticsearch/config/x-pack/certificates/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi
      interval: 30s
      timeout: 10s
      retries: 5
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - ../etc/certif/elastic:/usr/share/elasticsearch/config/x-pack/certificates
      - ../data/reseda-search_elastic1/data:/user/share/elasticsearch/data
    environment:
      - bootstrap.memory_lock=true
      - IPROD_HOSTNAME=${IPROD_HOSTNAME}
      - cluster.name=${IPROD_ES_CLUSTER_NAME}
      - discovery.type=${IPROD_ES_DISCOVERY_TYPE}
      - node.name=${IPROD_ES1_NODE_HOST}
      # - discovery.seed_hosts=${IPROD_ES2_NODE_HOST},${IPROD_ES3_NODE_HOST}
      # - cluster.initial_master_nodes=["reseda-search_elastic1","reseda-search_elastic2","reseda-search_elastic3"]
      - network.host=0.0.0.0 
      - path.logs=/usr/share/elasticsearch/logs
      - search.max_buckets=10000
      - xpack.monitoring.enabled=true
      - xpack.security.authc.api_key.enabled=true
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.verification_mode=certificate
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/x-pack/certificates/${IPROD_HOSTNAME}/${IPROD_HOSTNAME}.key
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/x-pack/certificates/ca/ca.crt
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/x-pack/certificates/${IPROD_HOSTNAME}/${IPROD_HOSTNAME}.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/x-pack/certificates/ca/ca.crt
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/x-pack/certificates/${IPROD_HOSTNAME}/${IPROD_HOSTNAME}.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/x-pack/certificates/${IPROD_HOSTNAME}/${IPROD_HOSTNAME}.key
      - network.publish_host=${IPROD_ES1_NODE_HOST} 
    networks:
      - reseda-search_net

networks:
  reseda-search_net:
    driver: bridge