teepot/examples/docker-compose.yml

# From the main directory run:
# ❯ docker compose -f examples/docker-compose.yml --project-directory $PWD up
services:
  tvu-1:
    build:
      context: .
      dockerfile: packages/container-vault-unseal-sgx-azure/Dockerfile
    image: tee-vault-unseal
    restart: "no"
    ports:
      - 8413
    environment:
      PORT: "8413"
      VAULT_ADDR: "https://vault-1:8210"
      VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
      VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
      ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
  vault-1:
    build:
      context: .
      dockerfile: packages/container-vault-sgx-azure/Dockerfile
    image: vault
    restart: "no"
    ports:
      - 8210
    environment:
      VAULT_API_ADDR: "https://vault-1:8210"
      VAULT_CLUSTER_ADDR: "https://vault-1:8211"
      VAULT_RAFT_NODE_ID: "vault-1"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
      - data-1:/opt/vault/data

  tvu-2:
    image: tee-vault-unseal
    restart: "no"
    ports:
      - 8423
    environment:
      PORT: "8423"
      VAULT_ADDR: "https://vault-2:8210"
      VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
      VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
      ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
  vault-2:
    image: vault
    restart: "no"
    ports:
      - 8220:8210
    environment:
      VAULT_API_ADDR: "https://vault-2:8210"
      VAULT_CLUSTER_ADDR: "https://vault-2:8211"
      VAULT_RAFT_NODE_ID: "vault-2"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
      - data-2:/opt/vault/data

  tvu-3:
    image: tee-vault-unseal
    restart: "no"
    ports:
      - 8433
    environment:
      PORT: "8433"
      VAULT_ADDR: "https://vault-3:8210"
      VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
      VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
      ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
  vault-3:
    image: vault
    restart: "no"
    ports:
      - 8230:8210
    environment:
      VAULT_API_ADDR: "https://vault-3:8210"
      VAULT_CLUSTER_ADDR: "https://vault-3:8211"
      VAULT_RAFT_NODE_ID: "vault-3"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave
      - data-3:/opt/vault/data

  admin:
    build:
      context: .
      dockerfile: packages/container-vault-admin-sgx-azure/Dockerfile
    restart: "no"
    ports:
      - 8444:8444
    environment:
      PORT: "8444"
      VAULT_ADDR: "https://vault-1:8210"
      VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
      VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
      ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
    privileged: true
    init: true
    volumes:
      - /run/aesmd:/run/aesmd
      - /dev/sgx_enclave:/dev/sgx_enclave

#  stress:
#    build:
#      context: .
#      dockerfile: bin/tee-stress-client/Dockerfile-azure
#    restart: "no"
#    environment:
#      VAULT_ADDR: "https://vault-1:8210"
#      VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
#      VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
#      ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
#    privileged: true
#    init: true
#    volumes:
#      - /run/aesmd:/run/aesmd
#      - /dev/sgx_enclave:/dev/sgx_enclave

volumes:
  shared-1:
  data-1:
  shared-2:
  data-2:
  shared-3:
  data-3: