tacticalrmm/docker/docker-compose.yml

236 lines
5.7 KiB
YAML

version: "3.7"
# networks
networks:
proxy:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.20.0.0/24
api-db: null
redis: null
mesh-db: null
# docker managed persistent volumes
volumes:
tactical_data: null
postgres_data: null
mongo_data: null
mesh_data: null
redis_data: null
services:
# postgres database for api service
tactical-postgres:
container_name: trmm-postgres
image: postgres:13-alpine
restart: always
environment:
POSTGRES_DB: tacticalrmm
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASS}
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- api-db
# redis container for celery tasks
tactical-redis:
container_name: trmm-redis
image: redis:6.0-alpine
user: 1000:1000
command: redis-server
restart: always
volumes:
- redis_data:/data
networks:
- redis
# used to initialize the docker environment
tactical-init:
container_name: trmm-init
image: ${IMAGE_REPO}tactical:${VERSION}
restart: on-failure
command: ["tactical-init"]
environment:
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASS: ${POSTGRES_PASS}
APP_HOST: ${APP_HOST}
API_HOST: ${API_HOST}
MESH_USER: ${MESH_USER}
MESH_HOST: ${MESH_HOST}
TRMM_USER: ${TRMM_USER}
TRMM_PASS: ${TRMM_PASS}
TRMM_DISABLE_WEB_TERMINAL: ${TRMM_DISABLE_WEB_TERMINAL}
TRMM_DISABLE_SERVER_SCRIPTS: ${TRMM_DISABLE_SERVER_SCRIPTS}
depends_on:
- tactical-postgres
- tactical-meshcentral
- tactical-redis
networks:
- api-db
- proxy
- redis
volumes:
- tactical_data:/opt/tactical
- mesh_data:/meshcentral-data
- mongo_data:/mongo/data/db
- redis_data:/redis/data
# nats
tactical-nats:
container_name: trmm-nats
image: ${IMAGE_REPO}tactical-nats:${VERSION}
user: 1000:1000
restart: always
environment:
API_HOST: ${API_HOST}
volumes:
- tactical_data:/opt/tactical
networks:
api-db: null
proxy:
aliases:
- ${API_HOST}
# meshcentral container
tactical-meshcentral:
container_name: trmm-meshcentral
image: ${IMAGE_REPO}tactical-meshcentral:${VERSION}
user: 1000:1000
restart: always
environment:
MESH_HOST: ${MESH_HOST}
MESH_USER: ${MESH_USER}
MESH_PASS: ${MESH_PASS}
MONGODB_USER: ${MONGODB_USER}
MONGODB_PASSWORD: ${MONGODB_PASSWORD}
MESH_PERSISTENT_CONFIG: ${MESH_PERSISTENT_CONFIG}
networks:
proxy:
aliases:
- ${MESH_HOST}
mesh-db: null
volumes:
- tactical_data:/opt/tactical
- mesh_data:/home/node/app/meshcentral-data
depends_on:
- tactical-mongodb
# mongodb container for meshcentral
tactical-mongodb:
container_name: trmm-mongodb
image: mongo:4.4
user: 1000:1000
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER}
MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
MONGO_INITDB_DATABASE: meshcentral
networks:
- mesh-db
volumes:
- mongo_data:/data/db
# container that hosts vue frontend
tactical-frontend:
container_name: trmm-frontend
image: ${IMAGE_REPO}tactical-frontend:${VERSION}
user: 1000:1000
restart: always
networks:
- proxy
volumes:
- tactical_data:/opt/tactical
environment:
API_HOST: ${API_HOST}
# container for django backend
tactical-backend:
container_name: trmm-backend
image: ${IMAGE_REPO}tactical:${VERSION}
user: 1000:1000
command: ["tactical-backend"]
restart: always
networks:
- proxy
- api-db
- redis
volumes:
- tactical_data:/opt/tactical
depends_on:
- tactical-postgres
# container for django websockets connections
tactical-websockets:
container_name: trmm-websockets
image: ${IMAGE_REPO}tactical:${VERSION}
user: 1000:1000
command: ["tactical-websockets"]
restart: always
networks:
- proxy
- api-db
- redis
volumes:
- tactical_data:/opt/tactical
depends_on:
- tactical-postgres
- tactical-backend
# container for tactical reverse proxy
tactical-nginx:
container_name: trmm-nginx
image: ${IMAGE_REPO}tactical-nginx:${VERSION}
user: 1000:1000
restart: always
environment:
APP_HOST: ${APP_HOST}
API_HOST: ${API_HOST}
MESH_HOST: ${MESH_HOST}
CERT_PUB_KEY: ${CERT_PUB_KEY}
CERT_PRIV_KEY: ${CERT_PRIV_KEY}
networks:
proxy:
ipv4_address: 172.20.0.20
ports:
- "${TRMM_HTTP_PORT-80}:8080"
- "${TRMM_HTTPS_PORT-443}:4443"
volumes:
- tactical_data:/opt/tactical
# container for celery worker service
tactical-celery:
container_name: trmm-celery
image: ${IMAGE_REPO}tactical:${VERSION}
user: 1000:1000
command: ["tactical-celery"]
restart: always
networks:
- redis
- proxy
- api-db
volumes:
- tactical_data:/opt/tactical
depends_on:
- tactical-postgres
- tactical-redis
# container for celery beat service
tactical-celerybeat:
container_name: trmm-celerybeat
image: ${IMAGE_REPO}tactical:${VERSION}
user: 1000:1000
command: ["tactical-celerybeat"]
restart: always
networks:
- proxy
- redis
- api-db
volumes:
- tactical_data:/opt/tactical
depends_on:
- tactical-postgres
- tactical-redis