zgw-office-addin/docker-compose.yml at main · infonl/zgw-office-addin · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# SPDX-FileCopyrightText: 2025 INFO.nl
# SPDX-License-Identifier: EUPL-1.2+

# Local development setup
# Requires .env file with MSAL configuration - see .env.example

services:
  frontend:
    image: ghcr.io/infonl/zgw-office-add-in-frontend:dev
    ports:
      - "3000:443"
    environment:
      - APP_ENV=local
      - FRONTEND_URL=https://localhost:3000
      - BACKEND_URL=https://localhost:3003
      - MAX_BODY_SIZE=20M
      - ENABLE_HTTPS=true
      - MSAL_CLIENT_ID=${MSAL_CLIENT_ID}
      - MSAL_AUTHORITY=${MSAL_AUTHORITY}
      - MSAL_REDIRECT_URI=https://localhost:3000
      - MSAL_SCOPES=${MSAL_SCOPES}
    volumes:
      - ./office-add-in/ssl-certs:/etc/nginx/certs:ro
    healthcheck:
      test: ["CMD-SHELL", "curl -f -k https://localhost:443/health || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 10s
    depends_on:
      backend:
        condition: service_healthy

  backend:
    image: ghcr.io/infonl/zgw-office-add-in-backend:dev
    ports:
      - "3003:3003"
    environment:
      - APP_ENV=local
      - JWT_SECRET=${JWT_SECRET:-dev-secret-key}
      - API_BASE_URL=http://openzaak.local:8000
      - FRONTEND_URL=https://localhost:3000
      - MSAL_CLIENT_ID=${MSAL_CLIENT_ID}
      - MSAL_AUTHORITY=${MSAL_AUTHORITY}
      - MSAL_SECRET=${MSAL_SECRET}
    healthcheck:
      test: ["CMD-SHELL", "wget -O- -q http://127.0.0.1:3003/health || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 10s

  prometheus:
    image: prom/prometheus@sha256:dda13e28bf95a5e5ca5b8ed56852006094c1c8e8871d9c9dbeed30aa6e55271f
    volumes:
      - ./scripts/docker-compose/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
      - ./office-add-in/ssl-certs:/etc/prometheus/certs:ro
    ports:
      - "9090:9090"


  openzaak-database:
    image: docker.io/postgis/postgis:17-3.4@sha256:d0b5a6ecab18997637f55a83cb4a9467391de5645916cfa1b6f2a8d19eee7be5
    ports:
      - "15432:5432"
    platform: linux/amd64
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
      interval: 10s
      timeout: 10s
      retries: 10
      start_period: 30s
    environment:
      - POSTGRES_USER=openzaak
      - POSTGRES_PASSWORD=openzaak
      - POSTGRES_DB=openzaak
    volumes:
      - ./scripts/docker-compose/open-zaak/openzaak-database:/docker-entrypoint-initdb.d
      - ./scripts/docker-compose/open-zaak/openzaak-database-data:/var/lib/postgresql/data


  openzaak.local:
    image: docker.io/openzaak/open-zaak:1.27.0@sha256:01cb8af4accc9d0c64a12565acbbaae5b93578f247ef30e223797d3d3f98c609
    platform: linux/amd64
    environment:
      - ALLOWED_HOSTS="*"
      - DB_HOST=openzaak-database
      - DB_NAME=openzaak
      - DB_PASSWORD=openzaak
      - DB_USER=openzaak
      - CACHE_DEFAULT=redis:6379/0
      - CACHE_AXES=redis:6379/0
      - DEBUG=true
      - DISABLE_2FA=true
      - DJANGO_SETTINGS_MODULE=openzaak.conf.docker
      - DJANGO_SUPERUSER_PASSWORD=admin
      - LOG_LEVEL=DEBUG
      # uncomment to enable logging of outgoing requests; can be helpful for debugging
      #- LOG_REQUESTS=true
      - NOTIFICATIONS_DISABLED=${OPENZAAK_NOTIFICATIONS_DISABLED:-true}
      - OPENZAAK_SUPERUSER_USERNAME=admin
      - OPENZAAK_SUPERUSER_EMAIL=noreply@example.com
      - SECRET_KEY=openZaakSecretKey
      - SENDFILE_BACKEND=django_sendfile.backends.simple
    ports:
      - "8020:8000"
    healthcheck:
      test: [ "CMD", "python", "-c", "import requests; exit(requests.head('http://localhost:8000/admin/').status_code not in [200, 302])" ]
      interval: 30s
      timeout: 10s
      retries: 5
      # This should allow for enough time for migrations to run before the max
      # retries have passed. This healthcheck in turn allows other containers
      # to wait for the database migrations.
      start_period: 30s
    depends_on:
      openzaak-database:
        condition: service_healthy
      redis:
        condition: service_started

  redis:
    image: redis:8.6.2@sha256:009cc37796fbdbe1b631b4cc0582bed167e5e403ed8bcd06f77eb6cb5aeb6f93