storage-platform.yml 6 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
version: '3'
services:

  sse-db:
    image: postgres:12
    container_name: sse-db
    environment:
      POSTGRES_USER: ${SSE_DB_USER}
      POSTGRES_PASSWORD: ${SSE_DB_PASSWORD}
      POSTGRES_DB: ${SSE_DB_NAME}
    expose:
      - ${INTERNAL_SSE_DB_PORT}
    networks:
      - snet-asclepios
    volumes:
      - ../data/sse-db:/var/lib/postgresql/data

  sse-server:
    image: registry.gitlab.com/asclepios-project/symmetric-searchable-encryption-server:0.6
    container_name: sse-server
    depends_on:
      - sse-db
    environment:
      DJANGO_LOGLEVEL: ${SSE_SERVER_DJANGO_LOGLEVEL}
      DJANGO_DEBUG: ${SSE_SERVER_DJANGO_DEBUG}
      DJANGO_SECRET_KEY: ${SSE_SERVER_DJANGO_SECRET_KEY}
p.jbowden's avatar
p.jbowden committed
27
      ALLOWED_HOSTS: "${ZUUL_HOST} ${INTERNAL_SSE_SERVER_HOST}"
28
29
30
31
32
33
      DB_NAME: ${SSE_DB_NAME}
      DB_USER: ${SSE_DB_USER}
      DB_PASSWORD: ${SSE_DB_PASSWORD}
      DB_HOST: ${INTERNAL_SSE_DB_HOST}
      DB_PORT: ${INTERNAL_SSE_DB_PORT}
      TA_SERVER: ${INTERNAL_SSE_TA_BASE_URL}
34
      MINIO_URL: ${INTERNAL_MINIO_HOST}:${INTERNAL_MINIO_PORT}
35
36
37
38
39
40
41
      MINIO_ACCESS_KEY: ${MINIO_ROOT_USER}
      MINIO_SECRET_KEY: ${MINIO_ROOT_PASSWORD}
      MINIO_BUCKET_NAME: ${SSE_SERVER_MINIO_BUCKET_NAME}
      MINIO_SSL_SECURE: ${SSE_SERVER_MINIO_SSL_SECURE}
      MINIO_EXPIRE_GET: ${SSE_SERVER_MINIO_EXPIRE_GET}
      MINIO_EXPIRE_PUT: ${SSE_SERVER_MINIO_EXPIRE_PUT}
    expose:
p.jbowden's avatar
p.jbowden committed
42
      - ${INTERNAL_SSE_SERVER_PORT}
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
    networks:
      - snet-asclepios

  sse-ta-db:
    image: postgres:12
    container_name: sse-ta-db
    environment:
      POSTGRES_USER: ${SSE_TA_DB_USER}
      POSTGRES_PASSWORD: ${SSE_TA_DB_PASSWORD}
      POSTGRES_DB: ${SSE_TA_DB_NAME}
    expose:
      - ${INTERNAL_SSE_TA_DB_PORT}
    networks:
      - snet-asclepios
    volumes:
      - ../data/sse-ta-db:/var/lib/postgresql/data

  sse-ta:
    image: registry.gitlab.com/asclepios-project/sseta:0.5
    container_name: sse-ta
    depends_on:
      - sse-ta-db
    environment:
      DJANGO_LOGLEVEL: ${SSE_TA_DJANGO_LOGLEVEL}
      DJANGO_DEBUG: ${SSE_TA_DJANGO_DEBUG}
      DJANGO_SECRET_KEY: ${SSE_TA_DJANGO_SECRET_KEY}
      DB_NAME: ${SSE_TA_DB_NAME}
      DB_USER: ${SSE_TA_DB_USER}
      DB_PASSWORD: ${SSE_TA_DB_PASSWORD}
      DB_HOST: ${INTERNAL_SSE_TA_DB_HOST}
      DB_PORT: ${INTERNAL_SSE_TA_DB_PORT}
      HASH_LENGTH: ${SSE_TA_HASH_LENGTH}
      IV: ${SSE_TA_IV}
      MODE: ${SSE_TA_MODE}
      KS: ${SSE_TA_KS}
      TEEP_SERVER: ${INTERNAL_TEEP_SERVER_ENDPOINT}
      SGX: ${SSE_TA_SGX}
p.jbowden's avatar
p.jbowden committed
80
      ALLOWED_HOSTS: "${ZUUL_HOST} ${INTERNAL_SSE_TA_HOST}"
81
82
83
84
85
86
87
88
89
90
    expose:
      - ${INTERNAL_SSE_TA_PORT}
    networks:
      - snet-asclepios

  minio:
    image: minio/minio
    container_name: minio
    entrypoint: >
      sh -c "mkdir -p /data/snet
p.jbowden's avatar
p.jbowden committed
91
      && minio server -console-address ":9001" /data"
92
93
94
    environment:
      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
p.jbowden's avatar
p.jbowden committed
95
96
      VIRTUAL_HOST: ${MINIO_HOST}
      VIRTUAL_PORT: ${INTERNAL_MINIO_PORT}
97
98
    ports:
      - ${INTERNAL_MINIO_PORT}:${INTERNAL_MINIO_PORT}
p.jbowden's avatar
p.jbowden committed
99
      - 9001:9001
100
    expose:
p.jbowden's avatar
p.jbowden committed
101
      - ${INTERNAL_MINIO_PORT}
p.jbowden's avatar
p.jbowden committed
102
      - 9001
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
    networks:
      - snet-asclepios
    volumes:
      - ../data/minio:/data

  xnat-db:
    image: postgres:12.7-alpine
    container_name: xnat-db
    environment:
      POSTGRES_USER: ${XNAT_DATASOURCE_USERNAME}
      POSTGRES_PASSWORD: ${XNAT_DATASOURCE_PASSWORD}
      POSTGRES_DB: ${XNAT_DATASOURCE_DBNAME}
    networks:
      - snet-asclepios
    expose:
      - ${INTERNAL_XNAT_DB_PORT}
    volumes:
      - ../data/xnat-db:/var/lib/postgresql/data
      - ../conf/xnat.sql:/docker-entrypoint-initdb.d/xnat.sql

  xnat:
p.jbowden's avatar
p.jbowden committed
124
    image: gitlab.rz.htw-berlin.de:5050/snet-asclepios-demo/dockerfiles/somnonetz/snet-xnat-asclepios:latest
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
    container_name: xnat
    environment:
      # tomcat web app settings
      XNAT_ROOT: ${XNAT_ROOT}
      XNAT_HOME: ${XNAT_HOME}
      XNAT_DATASOURCE_DRIVER: ${XNAT_DATASOURCE_DRIVER}
      XNAT_DATASOURCE_URL: ${XNAT_DATASOURCE_URL}
      XNAT_DATASOURCE_USERNAME: ${XNAT_DATASOURCE_USERNAME}
      XNAT_DATASOURCE_PASSWORD: ${XNAT_DATASOURCE_PASSWORD}
      XNAT_HIBERNATE_DIALECT: ${XNAT_HIBERNATE_DIALECT}
      TOMCAT_XNAT_FOLDER: ${XNAT_TOMCAT_FOLDER}
      CATALINA_OPTS: ${XNAT_CATALINA_OPTS}
      PGPASSWORD: ${XNAT_DATASOURCE_PASSWORD}
      # browser client settings
      XNAT_API_URL: ${XNAT_API_URL}
p.jbowden's avatar
p.jbowden committed
140
141
142
      KEYCLOAK_HOST: ${KEYCLOAK_BASE_URL} # fix me: asclepio-search/index.html needs to use KEYCLOAK_BASE_URL naming convention
      KEYCLOAK_REALM: ${KEYCLOAK_REALM}
      KEYCLOAK_AUTH_ENDPOINT: ${KEYCLOAK_AUTH_ENDPOINT}
p.jbowden's avatar
p.jbowden committed
143
      KEYCLOAK_PUBLIC_CLIENT: ${KEYCLOAK_PUBLIC_CLIENT}
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
      TA_URL: ${SSE_TA_BASE_URL}
      SSE_URL: ${SSE_SERVER_BASE_URL}
      CP_ABE_URL: ${CPABE_SERVER_BASE_URL}
      SALT: ${SSE_CLIENT_SALT}
      IV: ${SSE_CLIENT_IV}
      ITER: ${SSE_CLIENT_ITER}
      KS: ${SSE_CLIENT_KS}
      TS: ${SSE_CLIENT_TS}
      HASH_LEN: ${SSE_CLIENT_HASH_LEN}
      CHUNK_SIZE: ${SSE_CLIENT_CHUNK_SIZE}
      NO_CHUNKS_PER_UPLOAD: ${SSE_CLIENT_NO_CHUNKS_PER_UPLOAD}
      SALT_TA: ${SSE_CLIENT_SALT_TA}
      IV_TA: ${SSE_CLIENT_IV_TA}
      ITER_TA: ${SSE_CLIENT_ITER_TA}
      KS_TA: ${SSE_CLIENT_KS_TA}
      TS_TA: ${SSE_CLIENT_TS_TA}
      SGX_ENABLE: ${SSE_CLIENT_SGX_ENABLE}
      DEBUG: ${SSE_CLIENT_DEBUG}
      AUTH: ${SSE_CLIENT_AUTH}
      SMALL_FILE: ${SSE_CLIENT_SMALL_FILE}
p.jbowden's avatar
p.jbowden committed
164
165
      VIRTUAL_HOST: ${XNAT_HOST}
      VIRTUAL_PORT: ${INTERNAL_XNAT_PORT}
166
167
168
    networks:
      - snet-asclepios
    expose:
p.jbowden's avatar
p.jbowden committed
169
      - ${INTERNAL_XNAT_PORT}
170
171
172
173
174
175
176
177
178
179
180
181
182
    volumes:
      - ../data/xnat/logs:/data/xnat/home/logs
      - ../data/xnat/archive:/data/xnat/archive
      - ../data/xnat/build:/data/xnat/build
      - ../conf/openid-provider.properties:/data/xnat/home/config/auth/openid-provider.properties
      # - ../snet-asclepios-editor/build:/usr/local/tomcat/webapps/sn-editor
      # - ../snet-asclepios-search/asclepios-search:/usr/local/tomcat/webapps/asclepios-search
      # - ../snet-asclepios-plugin/build/libs/snet-asclepios-plugin-0.1.1.jar:/data/xnat/home/plugins/snet-asclepios-plugin-0.1.1.jar

networks:
  snet-asclepios:
    external:
      name: snet-asclepios