version: "3.7" # networks networks: proxy: driver: bridge ipam: driver: default config: - subnet: 172.20.0.0/24 api-db: redis: mesh-db: # docker managed persistent volumes volumes: tactical_data: salt_data: postgres_data: mongo_data: mesh_data: services: # postgres database for api service tactical-postgres: image: postgres:13-alpine restart: always environment: POSTGRES_DB: tacticalrmm POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASS} volumes: - postgres_data:/var/lib/postgresql/data networks: - api-db # redis container for celery tasks tactical-redis: image: redis:6.0-alpine restart: always networks: - redis # used to initialize the docker environment tactical-init: image: ${IMAGE_REPO}tactical:${VERSION} restart: on-failure command: ["tactical-init"] environment: POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASS: ${POSTGRES_PASS} APP_HOST: ${APP_HOST} API_HOST: ${API_HOST} MESH_USER: ${MESH_USER} MESH_HOST: ${MESH_HOST} TRMM_USER: ${TRMM_USER} TRMM_PASS: ${TRMM_PASS} depends_on: - tactical-postgres - tactical-meshcentral networks: - api-db - proxy volumes: - tactical_data:/opt/tactical # salt master and api tactical-salt: image: ${IMAGE_REPO}tactical-salt:${VERSION} restart: always ports: - "4505:4505" - "4506:4506" volumes: - tactical_data:/opt/tactical - salt_data:/etc/salt networks: - proxy # nats tactical-nats: image: ${IMAGE_REPO}tactical-nats:${VERSION} restart: always ports: - "4222:4222" volumes: - tactical_data:/opt/tactical networks: proxy: aliases: - ${API_HOST} # meshcentral container tactical-meshcentral: image: ${IMAGE_REPO}tactical-meshcentral:${VERSION} restart: always environment: MESH_HOST: ${MESH_HOST} MESH_USER: ${MESH_USER} MESH_PASS: ${MESH_PASS} MONGODB_USER: ${MONGODB_USER} MONGODB_PASSWORD: ${MONGODB_PASSWORD} networks: proxy: aliases: - ${MESH_HOST} mesh-db: volumes: - tactical_data:/opt/tactical - mesh_data:/home/node/app/meshcentral-data depends_on: - tactical-mongodb # mongodb container for meshcentral tactical-mongodb: image: mongo:4.4 restart: always environment: MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER} MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD} MONGO_INITDB_DATABASE: meshcentral networks: - mesh-db volumes: - mongo_data:/data/db # container that hosts vue frontend tactical-frontend: image: ${IMAGE_REPO}tactical-frontend:${VERSION} restart: always networks: - proxy environment: API_HOST: ${API_HOST} # container for django backend tactical-backend: image: ${IMAGE_REPO}tactical:${VERSION} command: ["tactical-backend"] restart: always networks: - proxy - api-db - redis volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres tactical-nginx: # container for tactical reverse proxy image: ${IMAGE_REPO}tactical-nginx:${VERSION} restart: always environment: APP_HOST: ${APP_HOST} API_HOST: ${API_HOST} MESH_HOST: ${MESH_HOST} CERT_PUB_KEY: ${CERT_PUB_KEY} CERT_PRIV_KEY: ${CERT_PRIV_KEY} networks: proxy: ipv4_address: 172.20.0.20 ports: - "80:80" - "443:443" volumes: - tactical_data:/opt/tactical # container for celery worker service tactical-celery: image: ${IMAGE_REPO}tactical:${VERSION} command: ["tactical-celery"] restart: always networks: - redis - proxy - api-db volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-redis # container for celery beat service tactical-celerybeat: image: ${IMAGE_REPO}tactical:${VERSION} command: ["tactical-celerybeat"] restart: always networks: - proxy - redis - api-db volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-redis # container for celery winupdate tasks tactical-celerywinupdate: image: ${IMAGE_REPO}tactical:${VERSION} command: ["tactical-celerywinupdate"] restart: always networks: - redis - proxy - api-db volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-redis