-
Notifications
You must be signed in to change notification settings - Fork 11
/
docker-compose-lockbox.yml
126 lines (117 loc) · 3.6 KB
/
docker-compose-lockbox.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# This docker-compose file is an example of how to start the lockbox service and its dependencies.
# First, you start the vault service, if you use it. The command is:
# docker compose -f docker-compose-lockbox.yml --profile hashicorp-container up --build
# Then, you start the Lockbox and Mercury server services. The command is:
# docker compose -f docker-compose-lockbox.yml --profile mercury up --build
# The Mercury service will start the Lockbox service and the Mercury server. The Lockbox service will connect to the vault service to get the seed value.
# If you are not going to use the vault service, you do not need to run the first command.
# Change the environment variables to match your configuration.
services:
vault:
profiles:
- hashicorp-container
image: hashicorp/vault
environment:
- VAULT_DEV_ROOT_TOKEN_ID=2bbz80mr1zm0tfrjwxyq7f48ofgky848
ports:
- "8200:8200"
vault-init:
profiles:
- hashicorp-container
image: curlimages/curl
depends_on:
- vault
command: >
sh -c '
sleep 10 &&
curl --header "X-Vault-Token: 2bbz80mr1zm0tfrjwxyq7f48ofgky848" \
--header "Content-Type: application/json" \
--request POST \
--data '"'"'{"data": {"seed": "8b10a037120cf37441bd7623da2aa488c21889017ffb4f4d303b9dbcbada5bee"}}'"'"' \
http://vault:8200/v1/secret/data/mercury-seed &&
touch /tmp/healthy &&
tail -f /dev/null
'
healthcheck:
test: ["CMD-SHELL", "test -f /tmp/healthy"]
interval: 1s
timeout: 1s
retries: 30
lockbox:
profiles:
- mercury
build:
context: lockbox
dockerfile: ./Dockerfile
depends_on:
- db_lockbox
environment:
- LOCKBOX_DATABASE_URL=postgres://postgres:postgres@db_lockbox:5432/enclave
- LOCKBOX_PORT=18080
- KEY_MANAGER=hashicorp_container
- HASHICORP_CONTAINER_TOKEN=2bbz80mr1zm0tfrjwxyq7f48ofgky848
- HASHICORP_CONTAINER_URL=http://vault:8200
- HASHICORP_CONTAINER_PATH=mercury-seed
- HASHICORP_CONTAINER_MOUNT_POINT=secret
- HASHICORP_CONTAINER_KEY_NAME=seed
ports:
- "18080:18080"
mercury-server:
profiles:
- mercury
build:
context: .
dockerfile: server/Dockerfile
depends_on:
- db_server
- lockbox
environment:
BITCOIN_NETWORK: regtest
LOCKHEIGHT_INIT: 1000
LH_DECREMENT: 10
DB_USER: postgres
DB_PASSWORD: postgres
DB_HOST: db_server
DB_PORT: 5432
DB_NAME: mercury
BATCH_TIMEOUT: 20
ENCLAVES: '[{"url": "http://lockbox:18080", "allow_deposit": true}]'
NOSTR_INFO: '{
"relay_server": "wss://relay.damus.io/",
"relay_interval": 15,
"nostr_privkey": "nsec17e0nvplcze4k7q9nazrw0k3aracwhg6vmuareewjp83ta89njw5spjcgzs",
"server_url": "http://mercury_server.xyz",
"location": "UK",
"active": true,
"onchain_payments": false,
"ln_payments": true,
"fee": 0.0001,
"unit": "BTC"
}'
ports:
- "8000:8000"
db_lockbox:
profiles:
- mercury
image: postgres:16.2
environment:
POSTGRES_PASSWORD: postgres
POSTGRES_DB: enclave
ports:
- "5433:5432"
volumes:
- postgres_lockbox_data:/var/lib/postgresql/data
db_server:
profiles:
- mercury
image: postgres:16.2
environment:
POSTGRES_PASSWORD: postgres
POSTGRES_DB: mercury
ports:
- "5432:5432"
volumes:
- postgres_server_data:/var/lib/postgresql/data
volumes:
postgres_lockbox_data:
postgres_server_data: