version: "3.7" # networks networks: proxy: driver: bridge ipam: driver: default config: - subnet: 172.20.0.0/24 api-db: null redis: null mesh-db: null # docker managed persistent volumes volumes: tactical_data: null postgres_data: null mongo_data: null mesh_data: null redis_data: null services: # postgres database for api service tactical-postgres: container_name: trmm-postgres image: postgres:13-alpine restart: always environment: POSTGRES_DB: tacticalrmm POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASS} volumes: - postgres_data:/var/lib/postgresql/data networks: - api-db # redis container for celery tasks tactical-redis: container_name: trmm-redis image: redis:6.0-alpine user: 1000:1000 command: redis-server restart: always volumes: - redis_data:/data networks: - redis # used to initialize the docker environment tactical-init: container_name: trmm-init image: ${IMAGE_REPO}tactical:${VERSION} restart: on-failure command: [ "tactical-init" ] environment: POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASS: ${POSTGRES_PASS} APP_HOST: ${APP_HOST} API_HOST: ${API_HOST} MESH_USER: ${MESH_USER} MESH_HOST: ${MESH_HOST} TRMM_USER: ${TRMM_USER} TRMM_PASS: ${TRMM_PASS} depends_on: - tactical-postgres - tactical-meshcentral networks: - api-db - proxy volumes: - tactical_data:/opt/tactical - mesh_data:/meshcentral-data - mongo_data:/mongo/data/db - redis_data:/redis/data # nats tactical-nats: container_name: trmm-nats image: ${IMAGE_REPO}tactical-nats:${VERSION} user: 1000:1000 restart: always environment: API_HOST: ${API_HOST} ports: - "4222:4222" volumes: - tactical_data:/opt/tactical networks: api-db: null proxy: aliases: - ${API_HOST} # meshcentral container tactical-meshcentral: container_name: trmm-meshcentral image: ${IMAGE_REPO}tactical-meshcentral:${VERSION} user: 1000:1000 restart: always environment: MESH_HOST: ${MESH_HOST} MESH_USER: ${MESH_USER} MESH_PASS: ${MESH_PASS} MONGODB_USER: ${MONGODB_USER} MONGODB_PASSWORD: ${MONGODB_PASSWORD} MESH_PERSISTENT_CONFIG: ${MESH_PERSISTENT_CONFIG} networks: proxy: aliases: - ${MESH_HOST} mesh-db: null volumes: - tactical_data:/opt/tactical - mesh_data:/home/node/app/meshcentral-data depends_on: - tactical-mongodb # mongodb container for meshcentral tactical-mongodb: container_name: trmm-mongodb image: mongo:4.4 user: 1000:1000 restart: always environment: MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER} MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD} MONGO_INITDB_DATABASE: meshcentral networks: - mesh-db volumes: - mongo_data:/data/db # container that hosts vue frontend tactical-frontend: container_name: trmm-frontend image: ${IMAGE_REPO}tactical-frontend:${VERSION} user: 1000:1000 restart: always networks: - proxy environment: API_HOST: ${API_HOST} # container for django backend tactical-backend: container_name: trmm-backend image: ${IMAGE_REPO}tactical:${VERSION} user: 1000:1000 command: [ "tactical-backend" ] restart: always networks: - proxy - api-db - redis volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres # container for django websockets connections tactical-websockets: container_name: trmm-websockets image: ${IMAGE_REPO}tactical:${VERSION} user: 1000:1000 command: [ "tactical-websockets" ] restart: always networks: - proxy - api-db - redis volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-backend # container for tactical reverse proxy tactical-nginx: container_name: trmm-nginx image: ${IMAGE_REPO}tactical-nginx:${VERSION} user: 1000:1000 restart: always environment: APP_HOST: ${APP_HOST} API_HOST: ${API_HOST} MESH_HOST: ${MESH_HOST} CERT_PUB_KEY: ${CERT_PUB_KEY} CERT_PRIV_KEY: ${CERT_PRIV_KEY} networks: proxy: ipv4_address: 172.20.0.20 ports: - "80:8080" - "443:4443" volumes: - tactical_data:/opt/tactical # container for celery worker service tactical-celery: container_name: trmm-celery image: ${IMAGE_REPO}tactical:${VERSION} user: 1000:1000 command: [ "tactical-celery" ] restart: always networks: - redis - proxy - api-db volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-redis # container for celery beat service tactical-celerybeat: container_name: trmm-celerybeat image: ${IMAGE_REPO}tactical:${VERSION} user: 1000:1000 command: [ "tactical-celerybeat" ] restart: always networks: - proxy - redis - api-db volumes: - tactical_data:/opt/tactical depends_on: - tactical-postgres - tactical-redis