Initial commit — StreamStack v1
Five-service streaming platform: auth, catalogue, streaming, ingest, thumbnailer. Includes React frontend served by nginx, NATS JetStream event bus, aiobotocore async S3, PyAV video metadata + thumbnail extraction, service-to-service JWT auth, and a full unit + e2e test suite.
This commit is contained in:
@@ -0,0 +1,232 @@
|
||||
services:
|
||||
|
||||
# ── Infrastructure ──────────────────────────────────────────────────────────
|
||||
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
environment:
|
||||
POSTGRES_USER: streamstack
|
||||
POSTGRES_PASSWORD: streamstack
|
||||
POSTGRES_DB: streamstack
|
||||
ports:
|
||||
- "5432:5432"
|
||||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U streamstack"]
|
||||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 10
|
||||
|
||||
nats:
|
||||
image: nats:2.10-alpine
|
||||
command: ["-js", "-m", "8222"]
|
||||
ports:
|
||||
- "4222:4222"
|
||||
- "8222:8222"
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8222/healthz"]
|
||||
interval: 5s
|
||||
retries: 10
|
||||
|
||||
minio:
|
||||
image: quay.io/minio/minio:latest
|
||||
command: server /data --console-address ":9001"
|
||||
environment:
|
||||
MINIO_ROOT_USER: minioadmin
|
||||
MINIO_ROOT_PASSWORD: minioadmin
|
||||
ports:
|
||||
- "9000:9000"
|
||||
- "9001:9001"
|
||||
volumes:
|
||||
- minio_data:/data
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||||
interval: 5s
|
||||
retries: 10
|
||||
|
||||
minio-init:
|
||||
image: quay.io/minio/mc:latest
|
||||
depends_on:
|
||||
minio:
|
||||
condition: service_healthy
|
||||
entrypoint: >
|
||||
/bin/sh -c "
|
||||
mc alias set local http://minio:9000 minioadmin minioadmin &&
|
||||
mc mb --ignore-existing local/media &&
|
||||
mc mb --ignore-existing local/thumbnails
|
||||
"
|
||||
|
||||
# ── Application services ────────────────────────────────────────────────────
|
||||
|
||||
auth:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
SERVICE: auth
|
||||
environment:
|
||||
SERVICE: auth
|
||||
DATABASE_URL: postgresql+asyncpg://streamstack:streamstack@postgres:5432/streamstack
|
||||
NATS_URL: nats://nats:4222
|
||||
JWT_PRIVATE_KEY_PATH: /run/jwt/private.pem
|
||||
JWT_PUBLIC_KEY_PATH: /run/jwt/public.pem
|
||||
JWT_ALGORITHM: RS256
|
||||
JWT_EXPIRE_MINUTES: "30"
|
||||
JWT_REFRESH_EXPIRE_DAYS: "7"
|
||||
volumes:
|
||||
- ./tests/e2e/keys/private.pem:/run/jwt/private.pem:ro,z
|
||||
- ./tests/e2e/keys/public.pem:/run/jwt/public.pem:ro,z
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
nats:
|
||||
condition: service_healthy
|
||||
deploy:
|
||||
replicas: 2
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
|
||||
interval: 10s
|
||||
retries: 5
|
||||
|
||||
catalogue:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
SERVICE: catalogue
|
||||
environment:
|
||||
SERVICE: catalogue
|
||||
SERVICE_NAME: catalogue
|
||||
SERVICE_SECRET: svc-catalogue-secret
|
||||
DATABASE_URL: postgresql+asyncpg://streamstack:streamstack@postgres:5432/streamstack
|
||||
NATS_URL: nats://nats:4222
|
||||
S3_ENDPOINT_URL: http://minio:9000
|
||||
S3_ACCESS_KEY: minioadmin
|
||||
S3_SECRET_KEY: minioadmin
|
||||
S3_BUCKET_MEDIA: media
|
||||
AUTH_SERVICE_URL: http://auth:8000
|
||||
STREAMING_SERVICE_URL: http://streaming:8000
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
nats:
|
||||
condition: service_healthy
|
||||
auth:
|
||||
condition: service_healthy
|
||||
deploy:
|
||||
replicas: 2
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
|
||||
interval: 10s
|
||||
retries: 5
|
||||
|
||||
streaming:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
SERVICE: streaming
|
||||
environment:
|
||||
SERVICE: streaming
|
||||
SERVICE_NAME: streaming
|
||||
SERVICE_SECRET: svc-streaming-secret
|
||||
NATS_URL: nats://nats:4222
|
||||
S3_ENDPOINT_URL: http://minio:9000
|
||||
S3_ACCESS_KEY: minioadmin
|
||||
S3_SECRET_KEY: minioadmin
|
||||
S3_BUCKET_MEDIA: media
|
||||
AUTH_SERVICE_URL: http://auth:8000
|
||||
CATALOGUE_SERVICE_URL: http://catalogue:8000
|
||||
depends_on:
|
||||
nats:
|
||||
condition: service_healthy
|
||||
minio:
|
||||
condition: service_healthy
|
||||
auth:
|
||||
condition: service_healthy
|
||||
catalogue:
|
||||
condition: service_healthy
|
||||
deploy:
|
||||
replicas: 2
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
|
||||
interval: 10s
|
||||
retries: 5
|
||||
|
||||
ingest:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
SERVICE: ingest
|
||||
environment:
|
||||
SERVICE: ingest
|
||||
SERVICE_NAME: ingest
|
||||
SERVICE_SECRET: svc-ingest-secret
|
||||
NATS_URL: nats://nats:4222
|
||||
S3_ENDPOINT_URL: http://minio:9000
|
||||
S3_ACCESS_KEY: minioadmin
|
||||
S3_SECRET_KEY: minioadmin
|
||||
S3_BUCKET_MEDIA: media
|
||||
S3_BUCKET_THUMBNAILS: thumbnails
|
||||
AUTH_SERVICE_URL: http://auth:8000
|
||||
CATALOGUE_SERVICE_URL: http://catalogue:8000
|
||||
depends_on:
|
||||
nats:
|
||||
condition: service_healthy
|
||||
minio:
|
||||
condition: service_healthy
|
||||
auth:
|
||||
condition: service_healthy
|
||||
catalogue:
|
||||
condition: service_healthy
|
||||
deploy:
|
||||
replicas: 2
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
|
||||
interval: 10s
|
||||
retries: 5
|
||||
|
||||
thumbnailer:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
SERVICE: thumbnailer
|
||||
environment:
|
||||
SERVICE: thumbnailer
|
||||
SERVICE_NAME: thumbnailer
|
||||
SERVICE_SECRET: svc-thumbnailer-secret
|
||||
NATS_URL: nats://nats:4222
|
||||
S3_ENDPOINT_URL: http://minio:9000
|
||||
S3_ACCESS_KEY: minioadmin
|
||||
S3_SECRET_KEY: minioadmin
|
||||
S3_BUCKET_MEDIA: media
|
||||
S3_BUCKET_THUMBNAILS: thumbnails
|
||||
AUTH_SERVICE_URL: http://auth:8000
|
||||
CATALOGUE_SERVICE_URL: http://catalogue:8000
|
||||
depends_on:
|
||||
nats:
|
||||
condition: service_healthy
|
||||
minio:
|
||||
condition: service_healthy
|
||||
catalogue:
|
||||
condition: service_healthy
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
|
||||
interval: 10s
|
||||
retries: 5
|
||||
|
||||
# ── Gateway ──────────────────────────────────────────────────────────────────
|
||||
|
||||
nginx:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.nginx
|
||||
ports:
|
||||
- "8080:80"
|
||||
depends_on:
|
||||
- streaming
|
||||
- catalogue
|
||||
- auth
|
||||
- ingest
|
||||
|
||||
volumes:
|
||||
postgres_data:
|
||||
minio_data:
|
||||
Reference in New Issue
Block a user