Graph-risk/docker-compose.yml at main · theChefEngineer/Graph-risk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
networks:
  riskgraph-net:
    driver: bridge

volumes:
  neo4j_data:
  neo4j_logs:
  neo4j_plugins:
  postgres_data:

services:
  neo4j:
    image: neo4j:5.20-community
    container_name: riskgraph-neo4j
    restart: unless-stopped
    ports:
      - "7474:7474"
      - "7687:7687"
    environment:
      NEO4J_AUTH: neo4j/${NEO4J_PASSWORD:-riskgraph123}
      NEO4J_PLUGINS: '["apoc"]'
      NEO4J_dbms_security_procedures_unrestricted: apoc.*
      NEO4J_dbms_security_procedures_allowlist: apoc.*
      NEO4J_apoc_export_file_enabled: "true"
      NEO4J_apoc_import_file_enabled: "true"
    volumes:
      - neo4j_data:/data
      - neo4j_logs:/logs
      - neo4j_plugins:/plugins
    healthcheck:
      test: ["CMD-SHELL", "wget -q -O /dev/null http://localhost:7474 || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 10
    networks:
      - riskgraph-net

  postgres:
    image: postgres:16-alpine
    container_name: riskgraph-postgres
    restart: unless-stopped
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: keycloak
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U keycloak"]
      interval: 10s
      timeout: 5s
      retries: 10
    networks:
      - riskgraph-net

  keycloak:
    image: quay.io/keycloak/keycloak:24.0
    container_name: riskgraph-keycloak
    restart: unless-stopped
    command: ["start-dev", "--import-realm", "--http-port=8180"]
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: keycloak
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
      KC_HOSTNAME_STRICT: "false"
      KC_HOSTNAME_STRICT_HTTPS: "false"
      KC_HTTP_ENABLED: "true"
      KC_HEALTH_ENABLED: "true"
    ports:
      - "8180:8180"
    volumes:
      - ./keycloak/realm-export.json:/opt/keycloak/data/import/realm-export.json:ro
    depends_on:
      postgres:
        condition: service_healthy
    networks:
      - riskgraph-net

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    container_name: riskgraph-backend
    restart: unless-stopped
    environment:
      NEO4J_URI: bolt://neo4j:7687
      NEO4J_USER: neo4j
      NEO4J_PASSWORD: ${NEO4J_PASSWORD:-riskgraph123}
      KEYCLOAK_URL: http://keycloak:8180
      OPENAI_API_KEY: ${OPENAI_API_KEY:-}
      SPRING_PROFILES_ACTIVE: docker
    ports:
      - "8080:8080"
    depends_on:
      neo4j:
        condition: service_healthy
      keycloak:
        condition: service_started
    networks:
      - riskgraph-net

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
    container_name: riskgraph-frontend
    restart: unless-stopped
    ports:
      - "4200:80"
    depends_on:
      - backend
    networks:
      - riskgraph-net