232 lines
5.5 KiB
YAML
232 lines
5.5 KiB
YAML
version: "3.7"
|
|
|
|
# networks
|
|
networks:
|
|
proxy:
|
|
driver: bridge
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: 172.20.0.0/24
|
|
api-db: null
|
|
redis: null
|
|
mesh-db: null
|
|
|
|
# docker managed persistent volumes
|
|
volumes:
|
|
tactical_data: null
|
|
postgres_data: null
|
|
mongo_data: null
|
|
mesh_data: null
|
|
redis_data: null
|
|
|
|
services:
|
|
# postgres database for api service
|
|
tactical-postgres:
|
|
container_name: trmm-postgres
|
|
image: postgres:13-alpine
|
|
restart: always
|
|
environment:
|
|
POSTGRES_DB: tacticalrmm
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASS}
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
networks:
|
|
- api-db
|
|
|
|
# redis container for celery tasks
|
|
tactical-redis:
|
|
container_name: trmm-redis
|
|
image: redis:6.0-alpine
|
|
user: 1000:1000
|
|
command: redis-server
|
|
restart: always
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- redis
|
|
|
|
# used to initialize the docker environment
|
|
tactical-init:
|
|
container_name: trmm-init
|
|
image: ${IMAGE_REPO}tactical:${VERSION}
|
|
restart: on-failure
|
|
command: [ "tactical-init" ]
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASS: ${POSTGRES_PASS}
|
|
APP_HOST: ${APP_HOST}
|
|
API_HOST: ${API_HOST}
|
|
MESH_USER: ${MESH_USER}
|
|
MESH_HOST: ${MESH_HOST}
|
|
TRMM_USER: ${TRMM_USER}
|
|
TRMM_PASS: ${TRMM_PASS}
|
|
depends_on:
|
|
- tactical-postgres
|
|
- tactical-meshcentral
|
|
networks:
|
|
- api-db
|
|
- proxy
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
- mesh_data:/meshcentral-data
|
|
- mongo_data:/mongo/data/db
|
|
- redis_data:/redis/data
|
|
|
|
# nats
|
|
tactical-nats:
|
|
container_name: trmm-nats
|
|
image: ${IMAGE_REPO}tactical-nats:${VERSION}
|
|
user: 1000:1000
|
|
restart: always
|
|
environment:
|
|
API_HOST: ${API_HOST}
|
|
ports:
|
|
- "4222:4222"
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
networks:
|
|
api-db: null
|
|
proxy:
|
|
aliases:
|
|
- ${API_HOST}
|
|
|
|
# meshcentral container
|
|
tactical-meshcentral:
|
|
container_name: trmm-meshcentral
|
|
image: ${IMAGE_REPO}tactical-meshcentral:${VERSION}
|
|
user: 1000:1000
|
|
restart: always
|
|
environment:
|
|
MESH_HOST: ${MESH_HOST}
|
|
MESH_USER: ${MESH_USER}
|
|
MESH_PASS: ${MESH_PASS}
|
|
MONGODB_USER: ${MONGODB_USER}
|
|
MONGODB_PASSWORD: ${MONGODB_PASSWORD}
|
|
MESH_PERSISTENT_CONFIG: ${MESH_PERSISTENT_CONFIG}
|
|
networks:
|
|
proxy:
|
|
aliases:
|
|
- ${MESH_HOST}
|
|
mesh-db: null
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
- mesh_data:/home/node/app/meshcentral-data
|
|
depends_on:
|
|
- tactical-mongodb
|
|
|
|
# mongodb container for meshcentral
|
|
tactical-mongodb:
|
|
container_name: trmm-mongodb
|
|
image: mongo:4.4
|
|
user: 1000:1000
|
|
restart: always
|
|
environment:
|
|
MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER}
|
|
MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
|
|
MONGO_INITDB_DATABASE: meshcentral
|
|
networks:
|
|
- mesh-db
|
|
volumes:
|
|
- mongo_data:/data/db
|
|
|
|
# container that hosts vue frontend
|
|
tactical-frontend:
|
|
container_name: trmm-frontend
|
|
image: ${IMAGE_REPO}tactical-frontend:${VERSION}
|
|
user: 1000:1000
|
|
restart: always
|
|
networks:
|
|
- proxy
|
|
environment:
|
|
API_HOST: ${API_HOST}
|
|
|
|
# container for django backend
|
|
tactical-backend:
|
|
container_name: trmm-backend
|
|
image: ${IMAGE_REPO}tactical:${VERSION}
|
|
user: 1000:1000
|
|
command: [ "tactical-backend" ]
|
|
restart: always
|
|
networks:
|
|
- proxy
|
|
- api-db
|
|
- redis
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
depends_on:
|
|
- tactical-postgres
|
|
|
|
# container for django websockets connections
|
|
tactical-websockets:
|
|
container_name: trmm-websockets
|
|
image: ${IMAGE_REPO}tactical:${VERSION}
|
|
user: 1000:1000
|
|
command: [ "tactical-websockets" ]
|
|
restart: always
|
|
networks:
|
|
- proxy
|
|
- api-db
|
|
- redis
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
depends_on:
|
|
- tactical-postgres
|
|
- tactical-backend
|
|
|
|
# container for tactical reverse proxy
|
|
tactical-nginx:
|
|
container_name: trmm-nginx
|
|
image: ${IMAGE_REPO}tactical-nginx:${VERSION}
|
|
user: 1000:1000
|
|
restart: always
|
|
environment:
|
|
APP_HOST: ${APP_HOST}
|
|
API_HOST: ${API_HOST}
|
|
MESH_HOST: ${MESH_HOST}
|
|
CERT_PUB_KEY: ${CERT_PUB_KEY}
|
|
CERT_PRIV_KEY: ${CERT_PRIV_KEY}
|
|
networks:
|
|
proxy:
|
|
ipv4_address: 172.20.0.20
|
|
ports:
|
|
- "80:8080"
|
|
- "443:4443"
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
|
|
# container for celery worker service
|
|
tactical-celery:
|
|
container_name: trmm-celery
|
|
image: ${IMAGE_REPO}tactical:${VERSION}
|
|
user: 1000:1000
|
|
command: [ "tactical-celery" ]
|
|
restart: always
|
|
networks:
|
|
- redis
|
|
- proxy
|
|
- api-db
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
depends_on:
|
|
- tactical-postgres
|
|
- tactical-redis
|
|
|
|
# container for celery beat service
|
|
tactical-celerybeat:
|
|
container_name: trmm-celerybeat
|
|
image: ${IMAGE_REPO}tactical:${VERSION}
|
|
user: 1000:1000
|
|
command: [ "tactical-celerybeat" ]
|
|
restart: always
|
|
networks:
|
|
- proxy
|
|
- redis
|
|
- api-db
|
|
volumes:
|
|
- tactical_data:/opt/tactical
|
|
depends_on:
|
|
- tactical-postgres
|
|
- tactical-redis
|