docker-compose-apps.yaml
342 lines
| 9.7 KiB
| text/x-yaml
|
YamlLexer
r23 | version: '3.9' | |||
x-logging: &custom-logging | ||||
r47 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |||
r23 | # NOTE: loki logging driver ONLY works for host type networks... | |||
driver: loki | ||||
options: | ||||
r57 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |||
loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | ||||
r23 | loki-retries: "5" | |||
loki-timeout: "1s" | ||||
loki-max-backoff: "800ms" | ||||
services: | ||||
rhodecode: | ||||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | stdin_open: true | |||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r23 | command: [ | |||
"/usr/local/bin/rhodecode_bin/bin/gunicorn", | ||||
"--name=gunicorn-rhodecode-1", | ||||
"--error-logfile=-", | ||||
r49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", | |||
r24 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" | |||
r23 | ] | |||
r24 | deploy: | |||
# override this in .custom/docker-compose-apps.override.yaml to scale up | ||||
replicas: 1 | ||||
r23 | ||||
# ports: | ||||
# - "127.0.0.1::10020" | ||||
build: | ||||
context: . | ||||
dockerfile: service/rhodecode/rhodecode.dockerfile | ||||
args: | ||||
TZ: ${TZ} | ||||
r27 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} | |||
r23 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} | |||
RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} | ||||
RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} | ||||
RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} | ||||
environment: | ||||
RC_APP_TYPE: rhodecode_http | ||||
RC_APP_PROC: 1 | ||||
SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
GEVENT_RESOLVER: "ares" | ||||
DB_UPGRADE: 1 # run the DB upgrade | ||||
SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run | ||||
#FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB | ||||
#FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application | ||||
r49 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |||
r23 | ||||
# SVN Specific | ||||
MOD_DAV_SVN_PORT: 8090 | ||||
r81 | APACHE_LOG_DIR: /var/log | |||
r23 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |||
healthcheck: | ||||
test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ] | ||||
timeout: 30s | ||||
interval: 60s | ||||
retries: 10 | ||||
# depends_on: | ||||
# - database | ||||
# - redis | ||||
# - channelstream | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r23 | - rc_datavolume:/var/opt/rhodecode_data | |||
tmpfs: | ||||
- /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:?specify-RC_DATA_RAMDISK_SIZE-env-var} | ||||
logging: | ||||
*custom-logging | ||||
labels: | ||||
r65 | - "autoheal=true" | |||
r24 | - "traefik.enable=true" | |||
- "traefik.http.routers.rhodecode.entrypoints=http" | ||||
r73 | - "traefik.http.routers.rhodecode.priority=10" | |||
r33 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |||
r42 | - "traefik.http.routers.rhodecode.service=rhodecode-web" | |||
- "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" | ||||
r73 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml | |||
#- "traefik.http.routers.rhodecode.entrypoints=http,https" | ||||
r23 | ||||
vcsserver: | ||||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | stdin_open: true | |||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r23 | command: [ | |||
"/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn", | ||||
"--name=gunicorn-vcsserver-1", | ||||
"--error-logfile=-", | ||||
r49 | "--paster=/etc/rhodecode/conf/vcsserver.ini", | |||
r23 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" | |||
] | ||||
r24 | deploy: | |||
# override this in .custom/docker-compose-apps.override.yaml to scale up | ||||
replicas: 1 | ||||
r23 | ||||
# ports: | ||||
# - "127.0.0.1::10010" | ||||
healthcheck: | ||||
test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ] | ||||
timeout: 30s | ||||
interval: 60s | ||||
retries: 10 | ||||
environment: | ||||
RC_APP_TYPE: rhodecode_vcsserver | ||||
RC_APP_PROC: 1 | ||||
r49 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini | |||
r23 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |||
REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
# depends_on: | ||||
# - redis | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r76 | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r23 | - rc_datavolume:/var/opt/rhodecode_data | |||
logging: | ||||
*custom-logging | ||||
r65 | labels: | |||
- "autoheal=true" | ||||
r23 | celery: | |||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | stdin_open: true | |||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r23 | command: [ | |||
"/usr/local/bin/rhodecode_bin/bin/celery", | ||||
"worker", | ||||
"--task-events", | ||||
"--autoscale=10,2", | ||||
"--no-color", | ||||
"--app=rhodecode.lib.celerylib.loader", | ||||
"--loglevel=DEBUG", | ||||
r49 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |||
r23 | ] | |||
environment: | ||||
RC_APP_TYPE: rhodecode_celery | ||||
RC_APP_PROC: 1 | ||||
r49 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |||
r23 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |||
REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
# depends_on: | ||||
# - database | ||||
# - redis | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r76 | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r23 | - rc_datavolume:/var/opt/rhodecode_data | |||
logging: | ||||
*custom-logging | ||||
celery-beat: | ||||
# This service is not scalable | ||||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | stdin_open: true | |||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r23 | command: [ | |||
"/usr/local/bin/rhodecode_bin/bin/celery", | ||||
"beat", | ||||
"--no-color", | ||||
"--app=rhodecode.lib.celerylib.loader", | ||||
"--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", | ||||
"--loglevel=DEBUG", | ||||
r49 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |||
r23 | ] | |||
environment: | ||||
RC_APP_TYPE: rhodecode_beat | ||||
RC_APP_PROC: 1 | ||||
r49 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |||
r23 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |||
REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | ||||
# depends_on: | ||||
# - database | ||||
# - redis | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r76 | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r23 | - rc_datavolume:/var/opt/rhodecode_data | |||
logging: | ||||
*custom-logging | ||||
svn: | ||||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | ||||
# build: | ||||
# context: . | ||||
# dockerfile: service/svn/rhodecode_svn.dockerfile | ||||
# args: | ||||
# APACHE_VER: 1.3 | ||||
stdin_open: true | ||||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r60 | ||||
r23 | command: ["apachectl", "-D", "FOREGROUND"] | |||
environment: | ||||
RC_APP_TYPE: rhodecode_svn | ||||
# SVN Specific | ||||
MOD_DAV_SVN_PORT: 8090 | ||||
r81 | APACHE_LOG_DIR: /var/log | |||
r23 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |||
# ports: | ||||
# - "127.0.0.1::8090" | ||||
healthcheck: | ||||
test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ] | ||||
timeout: 30s | ||||
interval: 60s | ||||
retries: 10 | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r52 | - rc_datavolume:/var/opt/rhodecode_data | |||
r23 | ||||
logging: | ||||
*custom-logging | ||||
r65 | labels: | |||
- "autoheal=true" | ||||
r23 | sshd: | |||
networks: | ||||
- rhodecode_network | ||||
r29 | extra_hosts: | |||
- "host.docker.internal:host-gateway" | ||||
r27 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |||
r23 | ||||
stdin_open: true | ||||
tty: true | ||||
restart: always | ||||
r40 | env_file: | |||
- ${RC_ENV_FILE:?must-specify-rc-env-file} | ||||
r23 | command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"] | |||
environment: | ||||
RC_APP_TYPE: rhodecode_sshd | ||||
SSH_BOOTSTRAP: 1 | ||||
r65 | healthcheck: | |||
# we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused | ||||
test: [ "CMD-SHELL", "/usr/bin/ssh -p22 -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null" ] | ||||
timeout: 30s | ||||
interval: 60s | ||||
retries: 10 | ||||
r23 | # ports: | |||
# # set from .env file | ||||
r73 | # - "9022:22" | |||
r23 | ||||
volumes: | ||||
- confvolume:/etc/rhodecode/conf | ||||
r24 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |||
r23 | - rc_datavolume:/var/opt/rhodecode_data | |||
logging: | ||||
*custom-logging | ||||
labels: | ||||
r65 | - "autoheal=true" | |||
r23 | - "traefik.enable=true" | |||
- "traefik.http.routers.sshd.entrypoints=ssh" | ||||
- "traefik.http.routers.sshd.rule=Host(`*`)" | ||||
r42 | - "traefik.http.routers.sshd.service=rhodecode-ssh" | |||
r73 | - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=22" | |||