-
Notifications
You must be signed in to change notification settings - Fork 87
/
docker-compose.yml
189 lines (183 loc) · 8.09 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
# This docker-compose file is only for local development purposes.
version: '3'
services:
backend:
build:
context: .
dockerfile: Dockerfile.development
depends_on:
- database
volumes:
- ./:/opt/formsg
- /opt/formsg/node_modules
ports:
- '5001:5000'
- '4566:4566' # localstack ports
- '5156:5156' # mockpass ports
- '9229:9229' # Node debugger port
environment:
- NODE_ENV=development
- DB_HOST=mongodb://database:27017/formsg?directConnection=true
- APP_NAME=FormSG
- APP_URL=http://localhost:5001
- FE_APP_URL=http://localhost:5173
- ATTACHMENT_S3_BUCKET=local-attachment-bucket
- PAYMENT_PROOF_S3_BUCKET=local-payment-proof-bucket
- IMAGE_S3_BUCKET=local-image-bucket
- LOGO_S3_BUCKET=local-logo-bucket
- STATIC_ASSETS_S3_BUCKET=local-static-assets-bucket
- VIRUS_SCANNER_QUARANTINE_S3_BUCKET=local-virus-scanner-quarantine-bucket
- VIRUS_SCANNER_CLEAN_S3_BUCKET=local-virus-scanner-clean-bucket
- FORMSG_SDK_MODE=development
- BOUNCE_LIFE_SPAN=86400000
- AWS_ACCESS_KEY_ID=fakeKey
- AWS_SECRET_ACCESS_KEY=fakeSecret
- SESSION_SECRET=thisisasecret
- AWS_ENDPOINT=http://127.0.0.1:4566
- SECRET_ENV=development
- SUBMISSIONS_RATE_LIMIT=200
- SEND_AUTH_OTP_RATE_LIMIT=60
- SES_PORT=1025
- SES_HOST=maildev
- WEBHOOK_SQS_URL=http://sqs.us-east-1.localhost.localstack.cloud:4566/000000000000/local-webhooks-sqs-main
- INTRANET_IP_LIST_PATH
# This needs to be removed and replaced with a real tracking ID in a local .env file
# in order to enable GA in a local environment
# Test credentials from reCAPTCHA docs
# https://developers.google.com/recaptcha/docs/faq#id-like-to-run-automated-tests-with-recaptcha.-what-should-i-do
- GOOGLE_CAPTCHA=6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe
- GOOGLE_CAPTCHA_PUBLIC=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
# Keep in sync with the development key in
# https://github.com/opengovsg/formsg-javascript-sdk/blob/develop/src/resource/verification-keys.ts
- VERIFICATION_SECRET_KEY=iGkfOuI6uxrlfw+7CZFFUZBwk86I+pu6v+g7EWA6qJpJnilXQleCPx2EVTr24eWWphzFO2WJiaL53oyXnqWdBQ==
# Keep in sync with the development key in
# https://github.com/opengovsg/formsg-javascript-sdk/blob/develop/src/resource/signing-keys.ts
- SIGNING_SECRET_KEY=HDBXpu+2/gu10bLHpy8HjpN89xbA6boH9GwibPGJA8BOXmB+zOUpxCP33/S5p8vBWlPokC7gLR0ca8urVwfMUQ==
- SP_OIDC_NDI_DISCOVERY_ENDPOINT=http://localhost:5156/singpass/v2/.well-known/openid-configuration
- SP_OIDC_NDI_JWKS_ENDPOINT=http://localhost:5156/singpass/v2/.well-known/keys
- SP_OIDC_RP_CLIENT_ID=rpClientId
- SP_OIDC_RP_REDIRECT_URL=http://localhost:5001/api/v3/singpass/login
- SP_OIDC_RP_JWKS_PUBLIC_PATH=./__tests__/setup/certs/test_sp_rp_public_jwks.json
- SP_OIDC_RP_JWKS_SECRET_PATH=./__tests__/setup/certs/test_sp_rp_secret_jwks.json
- CP_OIDC_NDI_DISCOVERY_ENDPOINT=http://localhost:5156/corppass/v2/.well-known/openid-configuration
- CP_OIDC_NDI_JWKS_ENDPOINT=http://localhost:5156/corppass/v2/.well-known/keys
- CP_OIDC_RP_CLIENT_ID=rpClientId
- CP_OIDC_RP_REDIRECT_URL=http://localhost:5001/api/v3/corppass/login
- CP_OIDC_RP_JWKS_PUBLIC_PATH=./__tests__/setup/certs/test_cp_rp_public_jwks.json
- CP_OIDC_RP_JWKS_SECRET_PATH=./__tests__/setup/certs/test_cp_rp_secret_jwks.json
- IS_SP_MAINTENANCE
- IS_CP_MAINTENANCE
- SINGPASS_ESRVC_ID=spEsrvcId #Needed for MyInfo
- MYINFO_BANNER_CONTENT
- MYINFO_CLIENT_CONFIG=dev
# Use mockpass key pairs and endpoints
- MYINFO_FORMSG_KEY_PATH=./node_modules/@opengovsg/mockpass/static/certs/key.pem
- MYINFO_CERT_PATH=./node_modules/@opengovsg/mockpass/static/certs/spcp.crt
- MYINFO_CLIENT_ID=mockClientId
- MYINFO_CLIENT_SECRET=mockClientSecret
- MYINFO_JWT_SECRET=mockJwtSecret
- SGID_HOSTNAME=http://localhost:5156
- SGID_CLIENT_ID=sgidclientid
- SGID_CLIENT_SECRET=sgidclientsecret
- SGID_JWT_SECRET=sgidjwtsecret
- SGID_ADMIN_LOGIN_REDIRECT_URI=http://localhost:5001/api/v3/auth/sgid/login/callback
- SGID_FORM_LOGIN_REDIRECT_URI=http://localhost:5001/sgid/login
- SGID_PRIVATE_KEY=./node_modules/@opengovsg/mockpass/static/certs/key.pem
- SGID_PUBLIC_KEY=./node_modules/@opengovsg/mockpass/static/certs/server.crt
- SES_PASS
- SES_USER
- OTP_LIFE_SPAN
- AWS_REGION
# this needs to be replaced with the ID of a feedback form that you create
# in your local environment
- REACT_SWITCH_ENV_FEEDBACK_FORM_ID_ADMIN=6386ecc0bdf691005457c67e
- REACT_SWITCH_ENV_FEEDBACK_FORM_ID_RESPONDENT=6386e4ba847f280069797a54
- REACT_MIGRATION_ANGULAR_END_DATE=15 September 2022
- REACT_MIGRATION_RESP_ROLLOUT_EMAIL=100
- REACT_MIGRATION_RESP_ROLLOUT_STORAGE=100
- REACT_MIGRATION_ADMIN_ROLLOUT=100
- REACT_MIGRATION_REMOVE_INFOBOX_THRESHOLD_ADMIN=101
- REACT_MIGRATION_REMOVE_INFOBOX_THRESHOLD_RESPONDENT=101
- REACT_MIGRATION_USE_FETCH_FOR_SUBMISSIONS=false
# env vars for stripe payment integration
- PAYMENT_STRIPE_PUBLISHABLE_KEY
# duplicate PAYMENT_STRIPE_SECRET_KEY to STRIPE_API_KEY in stripe-webhook-listener container
- PAYMENT_STRIPE_SECRET_KEY
- PAYMENT_STRIPE_CLIENT_ID
- PAYMENT_STRIPE_WEBHOOK_SECRET
- PAYMENT_MAX_PAYMENT_AMOUNT_CENTS
- PAYMENT_MIN_PAYMENT_AMOUNT_CENTS=50
- SSM_ENV_SITE_NAME=development
- PAYMENT_GUIDE_LINK
- PAYMENT_LANDING_GUIDE_LINK
# Cron secrets
- CRON_PAYMENT_API_SECRET=secretKey
# env vars for go integration
- GOGOV_API_KEY
# Bearer token API key format
- API_KEY_VERSION=v1
# env vars for growthbook
- GROWTHBOOK_CLIENT_KEY=growthbook_client_key
# env vars for virus scanner
- VIRUS_SCANNER_LAMBDA_FUNCTION_NAME=function
- WOGAA_SECRET_KEY
- WOGAA_START_ENDPOINT
- WOGAA_SUBMIT_ENDPOINT
- WOGAA_FEEDBACK_ENDPOINT
- POSTMAN_MOP_CAMPAIGN_ID=campaign_test
- POSTMAN_MOP_CAMPAIGN_API_KEY=key_test_123
- POSTMAN_INTERNAL_CAMPAIGN_ID=campaign_test_2
- POSTMAN_INTERNAL_CAMPAIGN_API_KEY=key_test_456
- POSTMAN_BASE_URL=https://test.postman.gov.sg/api/v2
- DOWNLOAD_FORM_WHITELIST_RATE_LIMIT
- UPLOAD_FORM_WHITELIST_RATE_LIMIT
mockpass:
build: https://github.com/opengovsg/mockpass.git#v4.3.1
depends_on:
- backend
environment:
- MOCKPASS_NRIC=S6005038D
- MOCKPASS_UEN=123456789A
- SHOW_LOGIN_PAGE=true
- SP_RP_JWKS_ENDPOINT=http://localhost:5000/sp/.well-known/jwks.json
- CP_RP_JWKS_ENDPOINT=http://localhost:5000/api/v3/corppass/.well-known/jwks.json
network_mode: 'service:backend' # reuse backend service's network stack so that it can resolve localhost:5156 to mockpass:5156
database:
image: 'bitnami/mongodb:4.4'
environment:
- MONGODB_DATABASE=formsg
- MONGODB_ADVERTISED_HOSTNAME=database
- MONGODB_REPLICA_SET_MODE=primary
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- mongodb_data:/bitnami/mongodb
- ./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
ports:
- '27017:27017'
localstack:
image: localstack/localstack:3.3
depends_on:
- backend
environment:
- SERVICES=s3,sqs
- DNS_ADDRESS=0
- EXTRA_CORS_ALLOWED_ORIGINS=http://localhost:5173
volumes:
- ./.localstack/volume:/var/lib/localstack
- /var/run/docker.sock:/var/run/docker.sock
network_mode: 'service:backend' # reuse backend service's network stack so that it can resolve localhost:4566 to localstack:4566
logging:
driver: none
maildev:
image: maildev/maildev
ports:
- '1080:1080'
stripe-cli:
image: stripe/stripe-cli
command: 'listen --api-key ${STRIPE_API_KEY} --device-name ${STRIPE_DEVICE_NAME} --forward-to host.docker.internal:5001/api/v3/notifications/stripe'
environment:
- STRIPE_API_KEY
- STRIPE_DEVICE_NAME=StripeWebhookListener
volumes:
mongodb_data:
driver: local