Files
streamstack/docker-compose.yml
unkinben 2309e9f43a Initial commit — StreamStack v1
Five-service streaming platform: auth, catalogue, streaming, ingest, thumbnailer.
Includes React frontend served by nginx, NATS JetStream event bus, aiobotocore
async S3, PyAV video metadata + thumbnail extraction, service-to-service JWT auth,
and a full unit + e2e test suite.
2026-05-04 22:16:39 +10:00

233 lines
6.3 KiB
YAML

services:
# ── Infrastructure ──────────────────────────────────────────────────────────
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: streamstack
POSTGRES_PASSWORD: streamstack
POSTGRES_DB: streamstack
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U streamstack"]
interval: 5s
timeout: 5s
retries: 10
nats:
image: nats:2.10-alpine
command: ["-js", "-m", "8222"]
ports:
- "4222:4222"
- "8222:8222"
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8222/healthz"]
interval: 5s
retries: 10
minio:
image: quay.io/minio/minio:latest
command: server /data --console-address ":9001"
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
ports:
- "9000:9000"
- "9001:9001"
volumes:
- minio_data:/data
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 5s
retries: 10
minio-init:
image: quay.io/minio/mc:latest
depends_on:
minio:
condition: service_healthy
entrypoint: >
/bin/sh -c "
mc alias set local http://minio:9000 minioadmin minioadmin &&
mc mb --ignore-existing local/media &&
mc mb --ignore-existing local/thumbnails
"
# ── Application services ────────────────────────────────────────────────────
auth:
build:
context: .
args:
SERVICE: auth
environment:
SERVICE: auth
DATABASE_URL: postgresql+asyncpg://streamstack:streamstack@postgres:5432/streamstack
NATS_URL: nats://nats:4222
JWT_PRIVATE_KEY_PATH: /run/jwt/private.pem
JWT_PUBLIC_KEY_PATH: /run/jwt/public.pem
JWT_ALGORITHM: RS256
JWT_EXPIRE_MINUTES: "30"
JWT_REFRESH_EXPIRE_DAYS: "7"
volumes:
- ./tests/e2e/keys/private.pem:/run/jwt/private.pem:ro,z
- ./tests/e2e/keys/public.pem:/run/jwt/public.pem:ro,z
depends_on:
postgres:
condition: service_healthy
nats:
condition: service_healthy
deploy:
replicas: 2
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
interval: 10s
retries: 5
catalogue:
build:
context: .
args:
SERVICE: catalogue
environment:
SERVICE: catalogue
SERVICE_NAME: catalogue
SERVICE_SECRET: svc-catalogue-secret
DATABASE_URL: postgresql+asyncpg://streamstack:streamstack@postgres:5432/streamstack
NATS_URL: nats://nats:4222
S3_ENDPOINT_URL: http://minio:9000
S3_ACCESS_KEY: minioadmin
S3_SECRET_KEY: minioadmin
S3_BUCKET_MEDIA: media
AUTH_SERVICE_URL: http://auth:8000
STREAMING_SERVICE_URL: http://streaming:8000
depends_on:
postgres:
condition: service_healthy
nats:
condition: service_healthy
auth:
condition: service_healthy
deploy:
replicas: 2
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
interval: 10s
retries: 5
streaming:
build:
context: .
args:
SERVICE: streaming
environment:
SERVICE: streaming
SERVICE_NAME: streaming
SERVICE_SECRET: svc-streaming-secret
NATS_URL: nats://nats:4222
S3_ENDPOINT_URL: http://minio:9000
S3_ACCESS_KEY: minioadmin
S3_SECRET_KEY: minioadmin
S3_BUCKET_MEDIA: media
AUTH_SERVICE_URL: http://auth:8000
CATALOGUE_SERVICE_URL: http://catalogue:8000
depends_on:
nats:
condition: service_healthy
minio:
condition: service_healthy
auth:
condition: service_healthy
catalogue:
condition: service_healthy
deploy:
replicas: 2
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
interval: 10s
retries: 5
ingest:
build:
context: .
args:
SERVICE: ingest
environment:
SERVICE: ingest
SERVICE_NAME: ingest
SERVICE_SECRET: svc-ingest-secret
NATS_URL: nats://nats:4222
S3_ENDPOINT_URL: http://minio:9000
S3_ACCESS_KEY: minioadmin
S3_SECRET_KEY: minioadmin
S3_BUCKET_MEDIA: media
S3_BUCKET_THUMBNAILS: thumbnails
AUTH_SERVICE_URL: http://auth:8000
CATALOGUE_SERVICE_URL: http://catalogue:8000
depends_on:
nats:
condition: service_healthy
minio:
condition: service_healthy
auth:
condition: service_healthy
catalogue:
condition: service_healthy
deploy:
replicas: 2
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
interval: 10s
retries: 5
thumbnailer:
build:
context: .
args:
SERVICE: thumbnailer
environment:
SERVICE: thumbnailer
SERVICE_NAME: thumbnailer
SERVICE_SECRET: svc-thumbnailer-secret
NATS_URL: nats://nats:4222
S3_ENDPOINT_URL: http://minio:9000
S3_ACCESS_KEY: minioadmin
S3_SECRET_KEY: minioadmin
S3_BUCKET_MEDIA: media
S3_BUCKET_THUMBNAILS: thumbnails
AUTH_SERVICE_URL: http://auth:8000
CATALOGUE_SERVICE_URL: http://catalogue:8000
depends_on:
nats:
condition: service_healthy
minio:
condition: service_healthy
catalogue:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8000/v1/health"]
interval: 10s
retries: 5
# ── Gateway ──────────────────────────────────────────────────────────────────
nginx:
build:
context: .
dockerfile: Dockerfile.nginx
ports:
- "8080:80"
depends_on:
- streaming
- catalogue
- auth
- ingest
volumes:
postgres_data:
minio_data: