feat: single container support, 3 deployment options
This commit is contained in:
32
README.md
32
README.md
@@ -117,7 +117,7 @@ APP_SECRET=<generate with: openssl rand -hex 64>
|
||||
### 2. Login to OCIR
|
||||
|
||||
```bash
|
||||
docker login ${OCIR_REGION}.ocir.io
|
||||
docker login <OCIR_REGION>.ocir.io
|
||||
```
|
||||
|
||||
- **Username:** `<namespace>/<username>` or `<namespace>/oracleidentitycloudservice/<email>`
|
||||
@@ -125,17 +125,45 @@ docker login ${OCIR_REGION}.ocir.io
|
||||
|
||||
### 3. Run
|
||||
|
||||
**Option A — Single Container** (recommended for simplicity):
|
||||
|
||||
```bash
|
||||
docker compose -f docker-compose.single.yml up -d
|
||||
```
|
||||
|
||||
One container runs everything (nginx + backend). Port `8080`.
|
||||
|
||||
**Option B — Two Containers** (recommended for production):
|
||||
|
||||
```bash
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
Separate backend and frontend containers with internal networking.
|
||||
|
||||
**Option C — Docker Run** (no compose needed):
|
||||
|
||||
```bash
|
||||
docker run -d \
|
||||
--name oci-cis-agent \
|
||||
-p 8080:8080 \
|
||||
-v agent-data:/data \
|
||||
-e APP_SECRET=$(openssl rand -hex 64) \
|
||||
-e TZ=America/Sao_Paulo \
|
||||
<OCIR_REGION>.ocir.io/<OCIR_NAMESPACE>/oci-cis-agent:latest
|
||||
```
|
||||
|
||||
### 4. Access
|
||||
|
||||
Open `http://localhost:8080`
|
||||
|
||||
The initial admin password is generated automatically and displayed in the backend logs:
|
||||
The initial admin password is generated automatically and displayed in the container logs:
|
||||
|
||||
```bash
|
||||
# Single container / docker run
|
||||
docker logs oci-cis-agent | grep "password"
|
||||
|
||||
# Two containers
|
||||
docker compose logs backend | grep "password"
|
||||
```
|
||||
|
||||
|
||||
31
docker-compose.single.yml
Normal file
31
docker-compose.single.yml
Normal file
@@ -0,0 +1,31 @@
|
||||
services:
|
||||
agent:
|
||||
image: ${OCIR_REGION}.ocir.io/${OCIR_NAMESPACE}/oci-cis-agent:${IMAGE_TAG:-latest}
|
||||
container_name: oci-cis-agent
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- APP_SECRET=${APP_SECRET:?Set APP_SECRET in .env (openssl rand -hex 64)}
|
||||
- JWT_EXPIRY_HOURS=${JWT_EXPIRY_HOURS:-12}
|
||||
- DATA_DIR=/data
|
||||
- CORS_ORIGINS=${CORS_ORIGINS:-}
|
||||
- TZ=${TZ:-America/Sao_Paulo}
|
||||
- OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING=True
|
||||
ports:
|
||||
- "${PORT:-8080}:8080"
|
||||
volumes:
|
||||
- agent-data:/data
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080/api/health"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "10m"
|
||||
max-file: "3"
|
||||
mem_limit: 4g
|
||||
|
||||
volumes:
|
||||
agent-data:
|
||||
driver: local
|
||||
Reference in New Issue
Block a user