Перейти к содержанию

Запуск

Запуск с помощью Docker Compose

  1. Создайте файл docker-compose.yml.

    version: '3.9'

services:
    frontend:
        image: registry.appsec.global/wave/wave-front:25.4.5
        container_name: frontend
        volumes:
            - /opt/wave/nginx/nginx.conf:/etc/nginx/nginx.conf
            - /opt/wave/nginx/ssl:/etc/ssl/certs/ssl-cert
        ports:
            - 80:8080
            - 443:443
        depends_on:
            - backend

    backend:
        image: registry.appsec.global/wave/wave-core:25.4.5
        container_name: backend
        env_file: .env
        depends_on:
            - postgresql
            - rabbitmq

    backend-agent:
        image: registry.appsec.global/wave/wave-agent:25.4.5
        container_name: backend-agent
        deploy:
            mode: replicated
            replicas: 3 
        depends_on:
            - postgresql
            - rabbitmq
        env_file: .env
        restart: always

    postgresql:
        image: postgres:17
        container_name: postgresql
        env_file: .env
        volumes:
            - /opt/wave/pgdata:/var/lib/postgresql/data

    rabbitmq:
        image: rabbitmq:3
        container_name: rabbitmq
        hostname: rabbitmq
        restart: unless-stopped
        env_file: .env

    Примечание

    В поле replicas: N, N - количество агентов, соответствующее выбранной лицензии

  2. Создайте файл .env.

    Пример файла .env:

    SPRING_DATASOURCE_URL=jdbc:postgresql://postgresql:5432/postgres
SPRING_DATASOURCE_USERNAME=postgres
SPRING_DATASOURCE_PASSWORD=postgres
SPRING_FLYWAY_URL=jdbc:postgresql://postgresql:5432/postgres
SPRING_FLYWAY_USER=postgres
SPRING_FLYWAY_PASSWORD=postgres
SPRING_RABBITMQ_HOST=rabbitmq
SPRING_RABBITMQ_VIRTUAL_HOST=vhost
SPRING_RABBITMQ_USERNAME=guest
SPRING_RABBITMQ_PASSWORD=guest
SPRING_CLOUD_AWS_S3_ENDPOINT=YOUR_ENDPOINT
SPRING_CLOUD_AWS_S3_ACCESS_KEY=YOUR_ACCESS_KEY
SPRING_CLOUD_AWS_S3_SECRET_KEY=YOUR_SECRET_KEY
JWT_TOKEN_SIGNING_KEY=43F73C7F2C7EF42D3C5F2D7D4CDA1762346F241D1F2E5CCA59DD675A853D78F5
TZ="Europe/Moscow"
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=postgres
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
RABBITMQ_DEFAULT_VHOST=vhost
GIT_CREDENTIALS_ENCRYPTION_KEY=example_password

  3. Создайте файл nginx.conf. Для этого:

    a. Создайте директорию /opt/wave/nginx/.

    mkdir -p /opt/wave/nginx/

    b. Внутри созданной папки создайте файл nginx.conf.

    Пример файла nginx.conf:

    worker_processes auto;
user nginx;
pid /tmp/nginx.pid;
events {
    worker_connections 1024;
}
http {
  proxy_connect_timeout 300s;
  proxy_read_timeout 300s;
  proxy_send_timeout 300s;
  send_timeout 300s;

  server {
    listen 8080;
    server_name localhost;
    types_hash_max_size 4096;
    ignore_invalid_headers off;
    client_max_body_size 10240m;
    include /etc/nginx/mime.types;

    location / {
        root /usr/share/nginx/html;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        add_header X-Frame-Options SAMEORIGIN;
        add_header 'Access-Control-Allow-Origin' '*';
        try_files $uri $uri/ /index.html?$args;
        index  index.html;
    }

    location /api/ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass http://backend:8095/;
    }

    location /swagger-ui/ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass http://backend:8095/swagger-ui/;
    }

    location /ws/ {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://backend:8095/ws;
    }

    listen 443 ssl;
    ssl_certificate /etc/ssl/certs/ssl-cert/fullchain1.pem; # managed by Certbot
    ssl_certificate_key /etc/ssl/certs/ssl-cert/privkey1.pem; # managed by Certbot
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    }
  }
}

    Примечание

    В случае отсутствия сертификатов и использования обычного HTTP, в файле nginx.conf следует закомментировать строчки, связанные с HTTPS:

    listen 443 ssl;
ssl_certificate /etc/ssl/certs/ssl-cert/fullchain1.pem; # managed by Certbot
ssl_certificate_key /etc/ssl/certs/ssl-cert/privkey1.pem; # managed by Certbot
if ($scheme != "https") {
    return 301 https://$host$request_uri;
}

  4. Перейдите в директорию, в которой располагается файл docker-compose.yml, и запустите Систему.

    docker-compose up -d

S3 хранилище

service:
  minio:
    image: minio/minio:RELEASE.2025-09-07T16-13-09Z
    container_name: minio
    ports:
      - "9000:9000"
      - "9001:9001"
    environment:
      - MINIO_ROOT_USER=admin
      - MINIO_ROOT_PASSWORD=password
      - TZ="Europe/Moscow"
    volumes:
      - ./minio_data:/data
    command: server /data --console-address ":9001"

Пример заполненного блока s3 в env-файле: 

SPRING_CLOUD_AWS_S3_ENDPOINT=http://minio:9000
SPRING_CLOUD_AWS_S3_ACCESS_KEY=admin
SPRING_CLOUD_AWS_S3_SECRET_KEY=password