S3-Ferry/docker-compose-dev.yml at dev · rootcodelabs/S3-Ferry · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
services:
  minio:
    image: minio/minio:latest
    container_name: buerokratt-minio
    ports:
      - "9000:9000"      # API
      - "9001:9001"      # Console
    environment:
      MINIO_ROOT_USER: minioadmin
      MINIO_ROOT_PASSWORD: minioadmin
    command: server /data --console-address ":9001"
    volumes:
      - ./minio-data:/data
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3
    networks:
      - buerokratt-network

  # MinIO Client - Initialize buckets on startup
  minio-init:
    image: minio/mc:latest
    container_name: buerokratt-minio-init
    depends_on:
      - minio
    entrypoint: >
      /bin/sh -c "
      sleep 10;
      /usr/bin/mc alias set myminio http://minio:9000 minioadmin minioadmin;
      /usr/bin/mc mb myminio/quarantined --ignore-existing;
      /usr/bin/mc mb myminio/validated --ignore-existing;
      /usr/bin/mc mb myminio/flagged --ignore-existing;
      /usr/bin/mc anonymous set download myminio/validated;
      echo 'MinIO buckets initialized successfully';
      exit 0;
      "
    networks:
      - buerokratt-network

  clamav:
      image: clamav/clamav:stable
      container_name: buerokratt-clamav
      ports:
        - "3310:3310"
      volumes:
        - clamav-db:/var/lib/clamav
        #- ./config/clamd.conf:/etc/clamav/clamd.conf:ro
        - ./logs/clamav:/var/log/clamav
      environment:
        - CLAMAV_NO_FRESHCLAM=false  # Ensure virus definitions update
      healthcheck:
        test: ["CMD", "/usr/local/bin/clamdcheck.sh"]
        interval: 60s
        timeout: 30s
        retries: 3
        start_period: 120s  # Give time for initial DB load
      restart: unless-stopped
      networks:
        - buerokratt-network

  # NATS JetStream Message Broker
  nats:
    image: nats:latest
    container_name: buerokratt-nats
    ports:
      - "4222:4222"      # Client connections
      - "8222:8222"      # HTTP monitoring
    command: "-js -m 8222 -sd /data"  # Enable JetStream, monitoring, and set storage directory
    volumes:
      - ./nats-data:/data
    networks:
      - buerokratt-network
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "http://localhost:8222/healthz"]
      interval: 10s
      timeout: 5s
      retries: 3

  s3-ferry:
    build: "./"
    container_name: s3-ferry
    ports:
      - "3000:3000"
    depends_on:
      - minio
      - clamav
      - nats
    environment:
      - NODE_ENV=development
      - S3_ENDPOINT=http://host.docker.internal:9000
      - S3_ACCESS_KEY_ID=minioadmin
      - S3_SECRET_ACCESS_KEY=minioadmin
      - S3_REGION=us-east-1
      - S3_DATA_BUCKET_NAME=validated
      - S3_QUARANTINED_BUCKET_NAME=quarantined
      - S3_FLAGGED_BUCKET_NAME=flagged
      - CLAMAV_HOST=clamav
      - CLAMAV_PORT=3310
      - NATS_URL=nats://nats:4222
    networks:
      - buerokratt-network
    volumes:
      - ./S3-Ferry/data:/api/data
    restart: unless-stopped

  # Prometheus - Metrics collection and storage
  prometheus:
    image: prom/prometheus:latest
    container_name: buerokratt-prometheus
    ports:
      - "9090:9090"
    volumes:
      - ./config/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - prometheus-data:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
      - '--web.console.templates=/usr/share/prometheus/consoles'
      - '--storage.tsdb.retention.time=15d'
      - '--web.enable-lifecycle'
    networks:
      - buerokratt-network
    restart: unless-stopped
    extra_hosts:
      - "host.docker.internal:host-gateway"

  # Grafana - Metrics visualization and dashboards
  grafana:
    image: grafana/grafana:latest
    container_name: buerokratt-grafana
    ports:
      - "3001:3000"
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=admin
      - GF_USERS_ALLOW_SIGN_UP=false
      - GF_SERVER_ROOT_URL=http://localhost:3001
      - GF_INSTALL_PLUGINS=grafana-piechart-panel
    volumes:
      - grafana-data:/var/lib/grafana
      - ./config/grafana-provisioning:/etc/grafana/provisioning:ro
    depends_on:
      - prometheus
    networks:
      - buerokratt-network
    restart: unless-stopped

volumes:
  clamav-db:
  prometheus-data:
  grafana-data:

networks:
  buerokratt-network:
    driver: bridge