This repository aims to provide a ready-to-go Docker Compose setup for managing the complete FAF stack (or parts of it) with simple commands.
The FAF production and test server use this repository and therefore guarantee close-to-production readyness.
The FAF stack consist of multiple components:
- Service definitions in .yml files
- Global and application level configuration
- Application data
This repository contains only templates of the configuration and no data. "Real" configuration and data are excluded by .gitignore
. In fact, all files and directories are excluded if not explicitly un-ignored within .gitignore
. The data directory will be automatically created.
FAF is a very complex infrastructure. In order to make it easier for new developers to get into it, we split the services across multiple docker-compose files:
docker-compose.yml
contains all core services of FAF. If you want to start developing for FAF you can concentrate on this particular file.faf-extra.yml
contains services for the FAF community which are not required for the core infrastructure to run.monitoring.yml
contains dedicated monitoring applications which provide insights on the load and behavior of the FAF applications
On root level there needs to be an .env
file which contains some global setup.
Each service has its own directory within config
. They usually contain an environment file and/or other configuration files needed for the service to operate properly. Environment files are loaded by Docker Compose and additional files/directories may be mounted as volumes (both as specified in their respective .yml
file).
The config
directory does not exist and has to be copied from config.templates
. After that, it has to be kept in sync with updates to config.templates
manually (like when a parameter has been added, renamed or removed).
If you don't need / want to change the application config, you could also create a symlink from config.template
to config
. This way you will always have the latest default config.
Some services need to persist files in volumes, or read files of other services. All volumes are created inside
the data
directory.
Attention Windows users: Docker for Windows has some troubles mounting volumes to your hard disk. You need to configure access to the drive and even then some services might refuse to work. For a better experience we recommend using a virtual machine running Linux or at least running docker in the Windows Subsystem for Linux (WSL).
To keep things intuitive and avoid conflicts, all services, network aliases, user names, folder names and environment files follow a consistent naming.
- Docker 20.10.7-ce or newer
- Docker Compose v1.28.6 or newer
(It might work with older versions but is not tested on these.)
cp -R config.template config
cp .env.template .env
In folder config/faf-java-api/pki
replace private.key
and public.key
with new keys generated with ssh-keygen -m pem
. The secret key needs to be in rsa format and the public key in ssh-rsa format (see config.template for examples).
Hint: Some linux distros generate 3072 bit RSA keys by default (e.g. Arch). 3072 bit is not supported. Please use 2048 bit or 4096 bit key length.
scripts/init-db.sh
scripts/init-rabbitmq.sh
scripts/init-hydra.sh
scripts/create-hydra-test-clients.sh
This will launch some core services and generate users, database schemas and OAuth clients.
docker-compose run --rm faf-db-migrations migrate
Once Postal is running, create a user by executing the following command:
docker exec -it faf-postal /opt/postal/bin/postal make-user
In this example we use it for faf-java-api
- Access Postal's web interface and log in with the user created above
- Click
Create the first organization
and follow the instructions - Create a new mail server
- Click
Build your first mail server
and enter the following - Name: FAF Java API
- Short name: faf-java-api
- Mode: Choose what's appropriate
- Click
- Set up the email domain
- Go to
Domain
and selectAdd your first domain
- Enter the domain name and continue
- Follow the instructions to set up the DNS correctly
- Click
Check my records are correct
and make sure everything is green
- Go to
- Set up an SMTP user for faf-java-api
- Go to
Credentials
and selectAdd your first credential
- Type:
SMTP
, Name:FAF API User
, Key:faf-java-api
, Hold:Process all messages
- Click
Create credential
- Go to
- Check the credentialss
- Go to
Overview
and selectRead about sending e-mail
- Note
Username
andPassword
- Go to
- Log into Grafana using
admin/admin
- Add a Prometheus datasource named
Prometheus
athttp://faf-prometheus:9090
- Go to global organization settings and change the name from
Main org.
toForged Alliance Forever
. This is required to enable anonymous access, too.