65 lines
2.5 KiB
YAML
65 lines
2.5 KiB
YAML
# Versity S3 Gateway — POSIX backend over Docker volumes.
|
|
# https://github.com/versity/versitygw
|
|
#
|
|
# POSIX default metadata uses xattrs; NFS often lacks xattr support unless NFSv4.2
|
|
# + client/server support. `--sidecar` stores metadata in files instead (see
|
|
# `posix` flags / VGW_META_SIDECAR in cmd/versitygw/posix.go).
|
|
services:
|
|
versitygw:
|
|
image: versity/versitygw:v1.3.1
|
|
container_name: versitygw
|
|
restart: unless-stopped
|
|
# Credentials: use `${VAR}` so values come from the same env Komodo passes with
|
|
# `docker compose --env-file <run_directory>/.env` (see Komodo Stack docs).
|
|
# Do NOT use `env_file: .env` here: that path is resolved next to *this* compose
|
|
# file, while Komodo writes `.env` under `run_directory` — they often differ
|
|
# (e.g. run_directory = repo root, compose in komodo/s3/versitygw/).
|
|
environment:
|
|
ROOT_ACCESS_KEY: ${ROOT_ACCESS_KEY}
|
|
ROOT_SECRET_KEY: ${ROOT_SECRET_KEY}
|
|
ROOT_ACCESS_KEY_ID: ${ROOT_ACCESS_KEY_ID}
|
|
ROOT_SECRET_ACCESS_KEY: ${ROOT_SECRET_ACCESS_KEY}
|
|
# Matches Helm chart default; enables `/_/health` for probes.
|
|
VGW_HEALTH: /_/health
|
|
# WebUI (browser): separate listener; TLS terminates at Pangolin — serve HTTP in-container.
|
|
VGW_WEBUI_NO_TLS: "true"
|
|
# Public base URL of the *S3 API* only (Pangolin → :10000). Not the WebUI hostname.
|
|
# No trailing slash. If this points at the UI URL, bucket ops return 404/wrong host.
|
|
VGW_WEBUI_GATEWAYS: ${VGW_WEBUI_GATEWAYS}
|
|
# Browser Origin when WebUI and API use different HTTPS hostnames (see wiki / WebGUI CORS).
|
|
VGW_CORS_ALLOW_ORIGIN: ${VGW_CORS_ALLOW_ORIGIN}
|
|
ports:
|
|
- "${VERSITYGW_PORT:-10000}:10000"
|
|
- "${VERSITYGW_WEBUI_PORT:-8080}:8080"
|
|
volumes:
|
|
- /mnt/nfs/versity/s3:/data/s3
|
|
- /mnt/nfs/versity/iam:/data/iam
|
|
- /mnt/nfs/versity/versions:/data/versions
|
|
- /mnt/nfs/versity/sidecar:/data/sidecar
|
|
command:
|
|
- "--port"
|
|
- ":10000"
|
|
# Optional WebUI — without this, only the S3 API is served (browsers often see 404 on `/`).
|
|
- "--webui"
|
|
- ":8080"
|
|
- "--iam-dir"
|
|
- "/data/iam"
|
|
- "posix"
|
|
- "--sidecar"
|
|
- "/data/sidecar"
|
|
- "--versioning-dir"
|
|
- "/data/versions"
|
|
- "/data/s3"
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD",
|
|
"wget",
|
|
"-qO-",
|
|
"http://127.0.0.1:10000/_/health",
|
|
]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 10s
|