diff --git a/openremote/docker-compose.yml b/openremote/docker-compose.yml new file mode 100644 index 00000000..8451bb49 --- /dev/null +++ b/openremote/docker-compose.yml @@ -0,0 +1,95 @@ +# OpenRemote v3 - Smart City Martinique +# Déployé derrière Traefik sur openremote.digitribe.fr +# Basé sur https://github.com/openremote/openremote/blob/master/docker-compose.yml + +volumes: + postgresql-data: + manager-data: + +services: + + postgresql: + restart: always + image: timescale/timescaledb-ha:pg15 + container_name: openremote-postgresql + shm_size: 256mb + volumes: + - postgresql-data:/var/lib/postgresql/data + - manager-data:/storage + environment: + POSTGRES_DB: openremote + POSTGRES_USER: openremote + POSTGRES_PASSWORD: openremote + networks: + - smartcity-shared + healthcheck: + test: ["CMD-SHELL", "pg_isready -U openremote -d openremote"] + interval: 10s + timeout: 5s + retries: 30 + start_period: 120s + + keycloak: + restart: always + image: openremote/keycloak:latest + container_name: openremote-keycloak + depends_on: + postgresql: + condition: service_healthy + volumes: + - ./deployment:/deployment + networks: + - smartcity-shared + environment: + KEYCLOAK_ADMIN: admin + KEYCLOAK_ADMIN_PASSWORD: ${OR_ADMIN_PASSWORD:-Digitribe972} + KC_DB: postgres + KC_DB_URL_HOST: openremote-postgresql + KC_DB_URL_PORT: 5432 + KC_DB_URL_DATABASE: openremote + KC_DB_USERNAME: openremote + KC_DB_PASSWORD: openremote + KC_HOSTNAME: ${OR_HOSTNAME:-openremote.digitribe.fr} + KC_HOSTNAME_PORT: ${OR_SSL_PORT:--1} + healthcheck: + test: ["CMD-SHELL", "exec 3<>/dev/tcp/localhost/8080"] + interval: 30s + timeout: 10s + retries: 100 + start_period: 300s + + manager: + restart: always + image: openremote/manager:${MANAGER_VERSION:-latest} + container_name: openremote-manager + depends_on: + keycloak: + condition: service_healthy + volumes: + - manager-data:/storage + - ./deployment:/deployment + networks: + - smartcity-shared + environment: + OR_ADMIN_PASSWORD: ${OR_ADMIN_PASSWORD:-Digitribe972} + OR_HOSTNAME: ${OR_HOSTNAME:-openremote.digitribe.fr} + OR_SSL_PORT: ${OR_SSL_PORT:-443} + OR_DEV_MODE: ${OR_DEV_MODE:-false} + OR_METRICS_ENABLED: ${OR_METRICS_ENABLED:-true} + OR_DB_VENDOR: postgres + OR_DB_HOST: postgresql + OR_DB_PORT: "5432" + OR_DB_NAME: openremote + OR_DB_SCHEMA: openremote + OR_DB_USER: openremote + OR_DB_PASSWORD: openremote + healthcheck: + test: ["CMD-SHELL", "exec 3<>/dev/tcp/localhost/8080"] + interval: 30s + timeout: 10s + retries: 100 + start_period: 300s + +networks: + smartcity-shared: + external: true diff --git a/openremote/traefik-openremote.yml b/openremote/traefik-openremote.yml new file mode 100644 index 00000000..08836a70 --- /dev/null +++ b/openremote/traefik-openremote.yml @@ -0,0 +1,48 @@ +# OpenRemote via Traefik (HTTPS) +# openremote.digitribe.fr +http: + routers: + # Keycloak auth routes — HIGHER priority (matched first) + openremote-keycloak: + rule: "Host(`openremote.digitribe.fr`) && PathPrefix(`/auth`)" + entryPoints: + - websecure + service: openremote-keycloak + tls: + certResolver: letsencrypt + priority: 200 + # OpenRemote Manager — catches everything else on this host + openremote-manager: + rule: "Host(`openremote.digitribe.fr`)" + entryPoints: + - websecure + middlewares: + - openremote-headers + service: openremote-manager + tls: + certResolver: letsencrypt + priority: 100 + openremote-manager-http: + rule: "Host(`openremote.digitribe.fr`)" + entryPoints: + - web + middlewares: + - openremote-headers + service: openremote-manager + priority: 100 + middlewares: + openremote-headers: + headers: + customRequestHeaders: + X-Forwarded-Proto: "https" + X-Forwarded-Host: "openremote.digitribe.fr" + X-Forwarded-Port: "443" + services: + openremote-manager: + loadBalancer: + servers: + - url: "http://openremote-manager:8080" + openremote-keycloak: + loadBalancer: + servers: + - url: "http://openremote-keycloak:8080"