@fairmint/canton-node-sdk

name: splice-validator volumes: postgres-splice: domain-upgrade-dump: networks: splice_validator: driver: bridge services: postgres-splice: image: "postgres:${SPLICE_POSTGRES_VERSION}" environment: - POSTGRES_USER=${SPLICE_DB_USER} - POSTGRES_PASSWORD=${SPLICE_DB_PASSWORD} - POSTGRES_DB=postgres # not used by splice # Any env vars starting with CREATE_DATABASE_ will be used to create a database - CREATE_DATABASE_participant=participant-${MIGRATION_ID} - CREATE_DATABASE_validator=validator volumes: - postgres-splice:/var/lib/postgresql/data - ./postgres-entrypoint.sh:/postgres-entrypoint.sh entrypoint: /postgres-entrypoint.sh user: "postgres" command: - postgres - -c - max_connections=8000 healthcheck: test: "pg_isready -U ${SPLICE_DB_USER} -d postgres" interval: 10s timeout: 3s retries: 3 start_period: 60s networks: - ${DOCKER_NETWORK:-splice_validator} participant: image: "${IMAGE_REPO}canton-participant:${IMAGE_TAG}" environment: - AUTH_JWKS_URL=${AUTH_JWKS_URL} - AUTH_TARGET_AUDIENCE=${LEDGER_API_AUTH_AUDIENCE} - CANTON_PARTICIPANT_ADMIN_USER_NAME=${LEDGER_API_ADMIN_USER} - CANTON_PARTICIPANT_POSTGRES_SERVER=${SPLICE_DB_SERVER} - CANTON_PARTICIPANT_POSTGRES_SCHEMA=participant - CANTON_PARTICIPANT_POSTGRES_USER=${SPLICE_DB_USER} - CANTON_PARTICIPANT_POSTGRES_PASSWORD=${SPLICE_DB_PASSWORD} - CANTON_PARTICIPANT_POSTGRES_DB=participant-${MIGRATION_ID} - CANTON_PARTICIPANT_POSTGRES_PORT=${SPLICE_DB_PORT} depends_on: postgres-splice: condition: service_healthy restart: always networks: - ${DOCKER_NETWORK:-splice_validator} chown-domain-upgrade-dump: image: busybox:1.37.0 volumes: - domain-upgrade-dump:/domain-upgrade-dump command: ["chown", "-R", "1001:1001", "/domain-upgrade-dump"] validator: image: "${IMAGE_REPO}validator-app:${IMAGE_TAG}" environment: - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_URL=${AUTH_WELLKNOWN_URL} - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_CLIENT_ID=${VALIDATOR_AUTH_CLIENT_ID} - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_CLIENT_SECRET=${VALIDATOR_AUTH_CLIENT_SECRET} - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_AUDIENCE=${LEDGER_API_AUTH_AUDIENCE} - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_SCOPE=${LEDGER_API_AUTH_SCOPE:-} - SPLICE_APP_VALIDATOR_LEDGER_API_AUTH_USER_NAME=${LEDGER_API_ADMIN_USER} - SPLICE_APP_VALIDATOR_WALLET_USER_NAME=${WALLET_ADMIN_USER} - SPLICE_APP_VALIDATOR_AUTH_AUDIENCE=${VALIDATOR_AUTH_AUDIENCE} - SPLICE_APP_VALIDATOR_AUTH_JWKS_URL=${AUTH_JWKS_URL} - SPLICE_APP_VALIDATOR_PARTICIPANT_ADDRESS=participant - SPLICE_APP_VALIDATOR_SV_SPONSOR_ADDRESS=${SPONSOR_SV_ADDRESS} - SPLICE_APP_VALIDATOR_ONBOARDING_SECRET=${ONBOARDING_SECRET} - SPLICE_APP_VALIDATOR_SCAN_ADDRESS=${SCAN_ADDRESS} - SPLICE_APP_VALIDATOR_PARTICIPANT_IDENTIFIER=${PARTICIPANT_IDENTIFIER} - SPLICE_APP_VALIDATOR_PARTY_HINT=${PARTY_HINT} - SPLICE_APP_CONTACT_POINT=${CONTACT_POINT} - | ADDITIONAL_CONFIG_PERSISTENCE= canton.validator-apps.validator_backend.storage { type = postgres config { dataSourceClass = "org.postgresql.ds.PGSimpleDataSource" properties = { databaseName = validator currentSchema = validator serverName = ${SPLICE_DB_SERVER} portNumber = ${SPLICE_DB_PORT} user = ${SPLICE_DB_USER} password = ${SPLICE_DB_PASSWORD} tcpKeepAlive = true } } } - | ADDITIONAL_CONFIG_APP_INSTANCES= canton.validator-apps.validator_backend.app-instances={} - | ADDITIONAL_CONFIG_BFT_SCAN= canton.validator-apps.validator_backend.scan-client.type = "bft" canton.validator-apps.validator_backend.scan-client.seed-urls = [ "${SCAN_ADDRESS}" ] - | ADDITIONAL_CONFIG_MIGRATION_ID= canton.validator-apps.validator_backend { domain-migration-id = ${MIGRATION_ID} } - ADDITIONAL_CONFIG_GLOBAL_DOMAIN_UPGRADE_DUMP_PATH=canton.validator-apps.validator_backend.domain-migration-dump-path = "/domain-upgrade-dump/domain_migration_dump.json" depends_on: chown-domain-upgrade-dump: condition: service_completed_successfully postgres-splice: condition: service_healthy restart: always networks: - ${DOCKER_NETWORK:-splice_validator} volumes: - domain-upgrade-dump:/domain-upgrade-dump wallet-web-ui: image: "${IMAGE_REPO}wallet-web-ui:${IMAGE_TAG}" environment: - SPLICE_APP_UI_AUTH_AUDIENCE=${VALIDATOR_AUTH_AUDIENCE} - SPLICE_APP_UI_AUTH_CLIENT_ID=${WALLET_UI_CLIENT_ID} - SPLICE_APP_UI_AUTH_URL=${AUTH_URL} - SPLICE_APP_UI_HTTP_URL=true - SPLICE_APP_UI_NETWORK_NAME=${SPLICE_APP_UI_NETWORK_NAME} - SPLICE_APP_UI_NETWORK_FAVICON_URL=${SPLICE_APP_UI_NETWORK_FAVICON_URL} - SPLICE_APP_UI_AMULET_NAME=${SPLICE_APP_UI_AMULET_NAME} - SPLICE_APP_UI_AMULET_NAME_ACRONYM=${SPLICE_APP_UI_AMULET_NAME_ACRONYM} - SPLICE_APP_UI_NAME_SERVICE_NAME=${SPLICE_APP_UI_NAME_SERVICE_NAME} - SPLICE_APP_UI_NAME_SERVICE_NAME_ACRONYM=${SPLICE_APP_UI_NAME_SERVICE_NAME_ACRONYM} networks: - ${DOCKER_NETWORK:-splice_validator} ans-web-ui: image: "${IMAGE_REPO}ans-web-ui:${IMAGE_TAG}" environment: - SPLICE_APP_UI_AUTH_AUDIENCE=${VALIDATOR_AUTH_AUDIENCE} - SPLICE_APP_UI_AUTH_CLIENT_ID=${ANS_UI_CLIENT_ID} - SPLICE_APP_UI_AUTH_URL=${AUTH_URL} - SPLICE_APP_WALLET_REDIRECT=http://wallet.localhost - SPLICE_APP_UI_HTTP_URL=true - SPLICE_APP_UI_NETWORK_NAME=${SPLICE_APP_UI_NETWORK_NAME} - SPLICE_APP_UI_NETWORK_FAVICON_URL=${SPLICE_APP_UI_NETWORK_FAVICON_URL} - SPLICE_APP_UI_AMULET_NAME=${SPLICE_APP_UI_AMULET_NAME} - SPLICE_APP_UI_AMULET_NAME_ACRONYM=${SPLICE_APP_UI_AMULET_NAME_ACRONYM} - SPLICE_APP_UI_NAME_SERVICE_NAME=${SPLICE_APP_UI_NAME_SERVICE_NAME} - SPLICE_APP_UI_NAME_SERVICE_NAME_ACRONYM=${SPLICE_APP_UI_NAME_SERVICE_NAME_ACRONYM} networks: - ${DOCKER_NETWORK:-splice_validator} nginx: image: "nginx:${NGINX_VERSION}" volumes: - ./nginx.conf:/etc/nginx/nginx.conf - ./nginx:/etc/nginx/includes ports: - "${HOST_BIND_IP:-127.0.0.1}:80:80" depends_on: - ans-web-ui - wallet-web-ui - validator restart: always networks: - ${DOCKER_NETWORK:-splice_validator} healthcheck: test: ["CMD", "service", "nginx", "status"] interval: 30s timeout: 10s retries: 3 start_period: 60s