# ============================================================================= # tOS Docker Compose Configuration # ============================================================================= # Usage: # Start: docker compose up -d # Stop: docker compose down # Logs: docker compose logs -f [service] # Reset: docker compose down -v && docker compose up -d # ============================================================================= name: tos services: # --------------------------------------------------------------------------- # PostgreSQL Database # --------------------------------------------------------------------------- postgres: image: postgres:16-alpine container_name: tos-postgres restart: unless-stopped environment: POSTGRES_USER: ${POSTGRES_USER:-tos_user} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-tos_secret_password} POSTGRES_DB: ${POSTGRES_DB:-tos_db} POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C" ports: - "${POSTGRES_PORT:-5432}:5432" volumes: - postgres_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-tos_user} -d ${POSTGRES_DB:-tos_db}"] interval: 10s timeout: 5s retries: 5 start_period: 10s networks: - tos-network # --------------------------------------------------------------------------- # Redis Cache & Queue # --------------------------------------------------------------------------- redis: image: redis:7-alpine container_name: tos-redis restart: unless-stopped command: > redis-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru ports: - "${REDIS_PORT:-6379}:6379" volumes: - redis_data:/data healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 5s retries: 5 start_period: 5s networks: - tos-network # --------------------------------------------------------------------------- # Keycloak Identity & Access Management # --------------------------------------------------------------------------- keycloak: image: quay.io/keycloak/keycloak:24.0 container_name: tos-keycloak restart: unless-stopped command: - start-dev - --import-realm environment: KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin} KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin} KC_DB: postgres KC_DB_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB:-tos_db} KC_DB_USERNAME: ${POSTGRES_USER:-tos_user} KC_DB_PASSWORD: ${POSTGRES_PASSWORD:-tos_secret_password} KC_HOSTNAME: localhost KC_HOSTNAME_PORT: ${KEYCLOAK_PORT:-8080} KC_HOSTNAME_STRICT: "false" KC_HOSTNAME_STRICT_HTTPS: "false" KC_HTTP_ENABLED: "true" KC_HEALTH_ENABLED: "true" KC_METRICS_ENABLED: "true" KC_LOG_LEVEL: INFO ports: - "${KEYCLOAK_PORT:-8080}:8080" volumes: - ./keycloak/realm-export.json:/opt/keycloak/data/import/realm-export.json:ro healthcheck: # Keycloak 24+ nutzt /health/ready Endpoint # Verwendet bash redirect da curl nicht in UBI9 enthalten ist test: > bash -c 'exec 3<>/dev/tcp/localhost/8080 && echo -e "GET /health/ready HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n" >&3 && timeout 2 cat <&3 | grep -q "200 OK"' interval: 30s timeout: 15s retries: 5 start_period: 90s depends_on: postgres: condition: service_healthy networks: - tos-network volumes: postgres_data: name: tos-postgres-data redis_data: name: tos-redis-data networks: tos-network: name: tos-network driver: bridge