Show More
@@ -1,311 +1,310 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | x-logging: &custom-logging |
|
2 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
3 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
4 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
5 | driver: loki | |
7 | options: |
|
6 | options: | |
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
7 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
8 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
9 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
10 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
11 | loki-max-backoff: "800ms" | |
13 |
|
12 | |||
14 |
|
13 | |||
15 | services: |
|
14 | services: | |
16 |
|
15 | |||
17 | # base shared options for RhodeCode type services |
|
16 | # base shared options for RhodeCode type services | |
18 | common_base: |
|
17 | common_base: | |
19 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
18 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
20 | stdin_open: true |
|
19 | stdin_open: true | |
21 | tty: true |
|
20 | tty: true | |
22 | restart: always |
|
21 | restart: always | |
23 | deploy: |
|
22 | deploy: | |
24 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
23 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
25 | replicas: 0 |
|
24 | replicas: 0 | |
26 | networks: |
|
25 | networks: | |
27 | - rhodecode_network |
|
26 | - rhodecode_network | |
28 | extra_hosts: |
|
27 | extra_hosts: | |
29 | - "host.docker.internal:host-gateway" |
|
28 | - "host.docker.internal:host-gateway" | |
30 | volumes: |
|
29 | volumes: | |
31 | - confvolume:/etc/rhodecode/conf |
|
30 | - confvolume:/etc/rhodecode/conf | |
32 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
31 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
33 | - rc_datavolume:/var/opt/rhodecode_data |
|
32 | - rc_datavolume:/var/opt/rhodecode_data | |
34 | logging: |
|
33 | logging: | |
35 | *custom-logging |
|
34 | *custom-logging | |
36 |
|
35 | |||
37 | # base definition WITHOUT labels to full control over override and custom service |
|
36 | # base definition WITHOUT labels to full control over override and custom service | |
38 | # main rhodecode will use extends + service from that base |
|
37 | # main rhodecode will use extends + service from that base | |
39 | rhodecode_base: |
|
38 | rhodecode_base: | |
40 | extends: |
|
39 | extends: | |
41 | service: common_base |
|
40 | service: common_base | |
42 |
|
41 | |||
43 | env_file: |
|
42 | env_file: | |
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
43 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
45 |
|
44 | |||
46 | command: [ |
|
45 | command: [ | |
47 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", |
|
46 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", | |
48 | "--error-logfile=-", |
|
47 | "--error-logfile=-", | |
49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", |
|
48 | "--paster=/etc/rhodecode/conf/rhodecode.ini", | |
50 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" |
|
49 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" | |
51 | ] |
|
50 | ] | |
52 |
|
51 | |||
53 | build: |
|
52 | build: | |
54 | context: . |
|
53 | context: . | |
55 | dockerfile: service/rhodecode/rhodecode_5.dockerfile |
|
54 | dockerfile: service/rhodecode/rhodecode_5.dockerfile | |
56 | args: |
|
55 | args: | |
57 | TZ: ${TZ:-UTC} |
|
56 | TZ: ${TZ:-UTC} | |
58 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} |
|
57 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} | |
59 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} |
|
58 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} | |
60 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} |
|
59 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} | |
61 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} |
|
60 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} | |
62 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} |
|
61 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} | |
63 |
|
62 | |||
64 | environment: |
|
63 | environment: | |
65 | RC_APP_TYPE: rhodecode_http |
|
64 | RC_APP_TYPE: rhodecode_http | |
66 | RC_APP_PROC: 1 |
|
65 | RC_APP_PROC: 1 | |
67 | RC_APP_PORT: "10020" |
|
66 | RC_APP_PORT: "10020" | |
68 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
67 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
69 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
68 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
70 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
69 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
71 | GEVENT_RESOLVER: "ares" |
|
70 | GEVENT_RESOLVER: "ares" | |
72 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" |
|
71 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" | |
73 |
|
72 | |||
74 | DB_UPGRADE: 1 # run the DB upgrade |
|
73 | DB_UPGRADE: 1 # run the DB upgrade | |
75 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run |
|
74 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run | |
76 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB |
|
75 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB | |
77 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application |
|
76 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application | |
78 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
77 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
79 |
|
78 | |||
80 | # SVN Specific |
|
79 | # SVN Specific | |
81 | MOD_DAV_SVN_PORT: 8090 |
|
80 | MOD_DAV_SVN_PORT: 8090 | |
82 | MOD_DAV_SVN_LOG_LEVEL: info |
|
81 | MOD_DAV_SVN_LOG_LEVEL: info | |
83 | APACHE_LOG_DIR: /var/log |
|
82 | APACHE_LOG_DIR: /var/log | |
84 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
83 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
85 |
|
84 | |||
86 | healthcheck: |
|
85 | healthcheck: | |
87 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping |
|
86 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping | |
88 | # requires docker engine 25 |
|
87 | # requires docker engine 25 | |
89 | #start_period: 2m |
|
88 | #start_period: 2m | |
90 | #start_interval: 5s |
|
89 | #start_interval: 5s | |
91 | interval: 60s |
|
90 | interval: 60s | |
92 | timeout: 30s |
|
91 | timeout: 30s | |
93 | retries: 10 |
|
92 | retries: 10 | |
94 |
|
93 | |||
95 | tmpfs: |
|
94 | tmpfs: | |
96 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} |
|
95 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} | |
97 |
|
96 | |||
98 | rhodecode: |
|
97 | rhodecode: | |
99 | # depends_on: |
|
98 | # depends_on: | |
100 | # - redis |
|
99 | # - redis | |
101 | # - database |
|
100 | # - database | |
102 | # - channelstream |
|
101 | # - channelstream | |
103 | # ports: |
|
102 | # ports: | |
104 | # - "127.0.0.1::10020" |
|
103 | # - "127.0.0.1::10020" | |
105 | extends: |
|
104 | extends: | |
106 | service: rhodecode_base |
|
105 | service: rhodecode_base | |
107 |
|
106 | |||
108 | deploy: |
|
107 | deploy: | |
109 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
108 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
110 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
109 | # replicas of rhodecode and vcsserver should be equal in most cases | |
111 | replicas: 1 |
|
110 | replicas: 1 | |
112 |
|
111 | |||
113 | volumes: |
|
112 | volumes: | |
114 | - ./.custom/static_files:/var/opt/rhodecode_static_data |
|
113 | - ./.custom/static_files:/var/opt/rhodecode_static_data | |
115 |
|
114 | |||
116 | labels: |
|
115 | labels: | |
117 | - "autoheal=true" |
|
116 | - "autoheal=true" | |
118 | - "traefik.enable=true" |
|
117 | - "traefik.enable=true" | |
119 | - "traefik.http.routers.rhodecode.entrypoints=http" |
|
118 | - "traefik.http.routers.rhodecode.entrypoints=http" | |
120 | - "traefik.http.routers.rhodecode.priority=10" |
|
119 | - "traefik.http.routers.rhodecode.priority=10" | |
121 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" |
|
120 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |
122 | - "traefik.http.routers.rhodecode.service=rhodecode-web" |
|
121 | - "traefik.http.routers.rhodecode.service=rhodecode-web" | |
123 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" |
|
122 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" | |
124 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml |
|
123 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml | |
125 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" |
|
124 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" | |
126 |
|
125 | |||
127 | vcsserver: |
|
126 | vcsserver: | |
128 | # depends_on: |
|
127 | # depends_on: | |
129 | # - redis |
|
128 | # - redis | |
130 | # ports: |
|
129 | # ports: | |
131 | # - "127.0.0.1::10010" |
|
130 | # - "127.0.0.1::10010" | |
132 | extends: |
|
131 | extends: | |
133 | service: common_base |
|
132 | service: common_base | |
134 | env_file: |
|
133 | env_file: | |
135 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
134 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
136 | command: [ |
|
135 | command: [ | |
137 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", |
|
136 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", | |
138 | "--error-logfile=-", |
|
137 | "--error-logfile=-", | |
139 | "--paster=/etc/rhodecode/conf/vcsserver.ini", |
|
138 | "--paster=/etc/rhodecode/conf/vcsserver.ini", | |
140 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" |
|
139 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" | |
141 | ] |
|
140 | ] | |
142 | deploy: |
|
141 | deploy: | |
143 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
142 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
144 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
143 | # replicas of rhodecode and vcsserver should be equal in most cases | |
145 | replicas: 1 |
|
144 | replicas: 1 | |
146 | environment: |
|
145 | environment: | |
147 | RC_APP_TYPE: rhodecode_vcsserver |
|
146 | RC_APP_TYPE: rhodecode_vcsserver | |
148 | RC_APP_PROC: 1 |
|
147 | RC_APP_PROC: 1 | |
149 | RC_APP_PORT: "10010" |
|
148 | RC_APP_PORT: "10010" | |
150 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini |
|
149 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini | |
151 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
150 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
152 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
151 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
153 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
152 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
154 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" |
|
153 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" | |
155 |
|
154 | |||
156 | healthcheck: |
|
155 | healthcheck: | |
157 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status |
|
156 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status | |
158 | timeout: 30s |
|
157 | timeout: 30s | |
159 | start_period: 5s |
|
158 | start_period: 5s | |
160 | interval: 60s |
|
159 | interval: 60s | |
161 | retries: 10 |
|
160 | retries: 10 | |
162 | labels: |
|
161 | labels: | |
163 | - "autoheal=true" |
|
162 | - "autoheal=true" | |
164 |
|
163 | |||
165 | celery: |
|
164 | celery: | |
166 | extends: |
|
165 | extends: | |
167 | service: common_base |
|
166 | service: common_base | |
168 | # depends_on: |
|
167 | # depends_on: | |
169 | # - database |
|
168 | # - database | |
170 | # - redis |
|
169 | # - redis | |
171 | env_file: |
|
170 | env_file: | |
172 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
171 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
173 | command: [ |
|
172 | command: [ | |
174 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
173 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
175 | "--no-color", |
|
174 | "--no-color", | |
176 | "--app=rhodecode.lib.celerylib.loader", |
|
175 | "--app=rhodecode.lib.celerylib.loader", | |
177 | "worker", |
|
176 | "worker", | |
178 | "--autoscale=10,2", |
|
177 | "--autoscale=10,2", | |
179 | "--max-tasks-per-child=150", |
|
178 | "--max-tasks-per-child=150", | |
180 | "--hostname=rc-celery-worker@%h", |
|
179 | "--hostname=rc-celery-worker@%h", | |
181 | "--task-events", |
|
180 | "--task-events", | |
182 | "--loglevel=DEBUG", |
|
181 | "--loglevel=DEBUG", | |
183 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
182 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
184 | ] |
|
183 | ] | |
185 | deploy: |
|
184 | deploy: | |
186 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
185 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
187 | replicas: 1 |
|
186 | replicas: 1 | |
188 | environment: |
|
187 | environment: | |
189 | RC_APP_TYPE: rhodecode_celery |
|
188 | RC_APP_TYPE: rhodecode_celery | |
190 | RC_APP_PROC: 1 |
|
189 | RC_APP_PROC: 1 | |
191 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
190 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
192 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
191 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
193 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
192 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
194 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
193 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
195 | labels: |
|
194 | labels: | |
196 | - "autoheal=true" |
|
195 | - "autoheal=true" | |
197 |
|
196 | |||
198 | celery-beat: |
|
197 | celery-beat: | |
199 | extends: |
|
198 | extends: | |
200 | service: common_base |
|
199 | service: common_base | |
201 | # depends_on: |
|
200 | # depends_on: | |
202 | # - database |
|
201 | # - database | |
203 | # - redis |
|
202 | # - redis | |
204 | env_file: |
|
203 | env_file: | |
205 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
204 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
206 | command: [ |
|
205 | command: [ | |
207 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
206 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
208 | "--no-color", |
|
207 | "--no-color", | |
209 | "--app=rhodecode.lib.celerylib.loader", |
|
208 | "--app=rhodecode.lib.celerylib.loader", | |
210 | "beat", |
|
209 | "beat", | |
211 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", |
|
210 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", | |
212 | "--loglevel=DEBUG", |
|
211 | "--loglevel=DEBUG", | |
213 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
212 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
214 | ] |
|
213 | ] | |
215 | deploy: |
|
214 | deploy: | |
216 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
215 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
217 | replicas: 1 |
|
216 | replicas: 1 | |
218 | environment: |
|
217 | environment: | |
219 | RC_APP_TYPE: rhodecode_beat |
|
218 | RC_APP_TYPE: rhodecode_beat | |
220 | RC_APP_PROC: 1 |
|
219 | RC_APP_PROC: 1 | |
221 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
220 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
222 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
221 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
223 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
222 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
224 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
223 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
225 | labels: |
|
224 | labels: | |
226 | - "autoheal=true" |
|
225 | - "autoheal=true" | |
227 |
|
226 | |||
228 | svn: |
|
227 | svn: | |
229 | extends: |
|
228 | extends: | |
230 | service: common_base |
|
229 | service: common_base | |
231 | # depends_on: |
|
230 | # depends_on: | |
232 | # - database |
|
231 | # - database | |
233 | # - redis |
|
232 | # - redis | |
234 |
|
233 | |||
235 | # build: |
|
234 | # build: | |
236 | # context: . |
|
235 | # context: . | |
237 | # dockerfile: service/svn/rhodecode_svn.dockerfile |
|
236 | # dockerfile: service/svn/rhodecode_svn.dockerfile | |
238 | # args: |
|
237 | # args: | |
239 | # APACHE_VER: 1.3 |
|
238 | # APACHE_VER: 1.3 | |
240 |
|
239 | |||
241 | env_file: |
|
240 | env_file: | |
242 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
241 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
243 | command: [ |
|
242 | command: [ | |
244 | "apachectl", |
|
243 | "apachectl", | |
245 | "-D", |
|
244 | "-D", | |
246 | "FOREGROUND" |
|
245 | "FOREGROUND" | |
247 | ] |
|
246 | ] | |
248 | deploy: |
|
247 | deploy: | |
249 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
248 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
250 | replicas: 1 |
|
249 | replicas: 1 | |
251 | environment: |
|
250 | environment: | |
252 | RC_APP_TYPE: rhodecode_svn |
|
251 | RC_APP_TYPE: rhodecode_svn | |
253 |
|
252 | |||
254 | # SVN Specific |
|
253 | # SVN Specific | |
255 | APACHE_LOG_DIR: /var/log |
|
254 | APACHE_LOG_DIR: /var/log | |
256 |
|
255 | |||
257 | MOD_DAV_SVN_PORT: 8090 |
|
256 | MOD_DAV_SVN_PORT: 8090 | |
258 | MOD_DAV_SVN_LOG_LEVEL: info |
|
257 | MOD_DAV_SVN_LOG_LEVEL: info | |
259 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
258 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
260 | # image specific, can be skipped, as the info is stored inside the image |
|
259 | # image specific, can be skipped, as the info is stored inside the image | |
261 | #MOD_DAV_CORE_MODULES_DIR: /home/rhodecode/apache2/modules/ |
|
260 | #MOD_DAV_CORE_MODULES_DIR: /home/rhodecode/apache2/modules/ | |
262 | #MOD_DAV_SVN_MODULE: /home/rhodecode/apache2/modules/mod_dav.so |
|
261 | #MOD_DAV_SVN_MODULE: /home/rhodecode/apache2/modules/mod_dav.so | |
263 |
|
262 | |||
264 | healthcheck: |
|
263 | healthcheck: | |
265 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status |
|
264 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status | |
266 | timeout: 30s |
|
265 | timeout: 30s | |
267 | interval: 60s |
|
266 | interval: 60s | |
268 | retries: 10 |
|
267 | retries: 10 | |
269 | # ports: |
|
268 | # ports: | |
270 | # - "127.0.0.1::8090" |
|
269 | # - "127.0.0.1::8090" | |
271 | labels: |
|
270 | labels: | |
272 | - "autoheal=true" |
|
271 | - "autoheal=true" | |
273 |
|
272 | |||
274 | sshd: |
|
273 | sshd: | |
275 | extends: |
|
274 | extends: | |
276 | service: common_base |
|
275 | service: common_base | |
277 | # depends_on: |
|
276 | # depends_on: | |
278 | # - database |
|
277 | # - database | |
279 | # - redis |
|
278 | # - redis | |
280 | env_file: |
|
279 | env_file: | |
281 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
280 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
282 | command: [ |
|
281 | command: [ | |
283 | "/usr/sbin/sshd", |
|
282 | "/usr/sbin/sshd", | |
284 | "-f", |
|
283 | "-f", | |
285 | "/etc/rhodecode/sshd_config", |
|
284 | "/etc/rhodecode/sshd_config", | |
286 | "-D", |
|
285 | "-D", | |
287 | "-e" |
|
286 | "-e" | |
288 | ] |
|
287 | ] | |
289 | deploy: |
|
288 | deploy: | |
290 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
289 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
291 | replicas: 1 |
|
290 | replicas: 1 | |
292 | environment: |
|
291 | environment: | |
293 | RC_APP_TYPE: rhodecode_sshd |
|
292 | RC_APP_TYPE: rhodecode_sshd | |
294 | SSH_BOOTSTRAP: 1 |
|
293 | SSH_BOOTSTRAP: 1 | |
295 | SSH_ENSURE_PERMS: 1 |
|
294 | SSH_ENSURE_PERMS: 1 | |
296 | healthcheck: |
|
295 | healthcheck: | |
297 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused |
|
296 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused | |
298 | test: /usr/bin/ssh -p$${RC_SSH_PORT} -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null |
|
297 | test: /usr/bin/ssh -p$${RC_SSH_PORT} -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null | |
299 | timeout: 30s |
|
298 | timeout: 30s | |
300 | interval: 60s |
|
299 | interval: 60s | |
301 | retries: 10 |
|
300 | retries: 10 | |
302 | # ports: |
|
301 | # ports: | |
303 | # # 9022 is set from .env file too. |
|
302 | # # 9022 is set from .env file too. | |
304 | # - "9022:$RC_SSH_PORT" |
|
303 | # - "9022:$RC_SSH_PORT" | |
305 | labels: |
|
304 | labels: | |
306 | - "autoheal=true" |
|
305 | - "autoheal=true" | |
307 | - "traefik.enable=true" |
|
306 | - "traefik.enable=true" | |
308 | - "traefik.tcp.routers.sshd.entrypoints=ssh" |
|
307 | - "traefik.tcp.routers.sshd.entrypoints=ssh" | |
309 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" |
|
308 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" | |
310 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" |
|
309 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" | |
311 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT}" |
|
310 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT}" |
@@ -1,48 +1,47 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | ## Shared base stuff for all compose files in stack |
|
2 | ## Shared base stuff for all compose files in stack | |
4 |
|
3 | |||
5 | x-logging: &custom-logging |
|
4 | x-logging: &custom-logging | |
6 | # Install loki plugin |
|
5 | # Install loki plugin | |
7 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
6 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
8 | # NOTE: loki logging driver ONLY works for host type networks... |
|
7 | # NOTE: loki logging driver ONLY works for host type networks... | |
9 | # To cleanly uninstall the plugin, disable and remove it |
|
8 | # To cleanly uninstall the plugin, disable and remove it | |
10 | # docker plugin disable loki --force && docker plugin rm loki |
|
9 | # docker plugin disable loki --force && docker plugin rm loki | |
11 | # debug: sudo journalctl -u docker.service | grep loki |
|
10 | # debug: sudo journalctl -u docker.service | grep loki | |
12 | driver: loki |
|
11 | driver: loki | |
13 | options: |
|
12 | options: | |
14 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
13 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
15 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
14 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
16 | loki-retries: "5" |
|
15 | loki-retries: "5" | |
17 | loki-timeout: "1s" |
|
16 | loki-timeout: "1s" | |
18 | loki-max-backoff: "800ms" |
|
17 | loki-max-backoff: "800ms" | |
19 |
|
18 | |||
20 | volumes: |
|
19 | volumes: | |
21 |
|
20 | |||
22 | # bind-mount with configs |
|
21 | # bind-mount with configs | |
23 | confvolume: |
|
22 | confvolume: | |
24 | driver: local |
|
23 | driver: local | |
25 | driver_opts: |
|
24 | driver_opts: | |
26 | type: none |
|
25 | type: none | |
27 | o: bind |
|
26 | o: bind | |
28 | device: $PWD/config/_shared |
|
27 | device: $PWD/config/_shared | |
29 |
|
28 | |||
30 | # SHARED volume for rhodecode caches, archive caches, nginx static, |
|
29 | # SHARED volume for rhodecode caches, archive caches, nginx static, | |
31 | # must be run via: docker volume create --name=rc_datavolume |
|
30 | # must be run via: docker volume create --name=rc_datavolume | |
32 | rc_datavolume: |
|
31 | rc_datavolume: | |
33 | external: true |
|
32 | external: true | |
34 |
|
33 | |||
35 | # volume for RhodeCode repo-store, it's where the repositories will be stored |
|
34 | # volume for RhodeCode repo-store, it's where the repositories will be stored | |
36 | # must be run via: docker volume create --name=rc_reposvolume |
|
35 | # must be run via: docker volume create --name=rc_reposvolume | |
37 | rc_reposvolume: |
|
36 | rc_reposvolume: | |
38 | external: true |
|
37 | external: true | |
39 |
|
38 | |||
40 | networks: |
|
39 | networks: | |
41 |
|
40 | |||
42 | # SHARED network for all containers |
|
41 | # SHARED network for all containers | |
43 | # must be run via: docker network create --name=rhodecode_network |
|
42 | # must be run via: docker network create --name=rhodecode_network | |
44 | rhodecode_network: |
|
43 | rhodecode_network: | |
45 | name: rhodecode_network |
|
44 | name: rhodecode_network | |
46 | driver: bridge |
|
45 | driver: bridge | |
47 | external: true |
|
46 | external: true | |
48 |
|
47 |
@@ -1,144 +1,143 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | volumes: |
|
2 | volumes: | |
4 |
|
3 | |||
5 | prometheus_data: |
|
4 | prometheus_data: | |
6 | labels: |
|
5 | labels: | |
7 | "keep": 1 |
|
6 | "keep": 1 | |
8 |
|
7 | |||
9 | grafana_data: |
|
8 | grafana_data: | |
10 | labels: |
|
9 | labels: | |
11 | "keep": 1 |
|
10 | "keep": 1 | |
12 |
|
11 | |||
13 | services: |
|
12 | services: | |
14 |
|
13 | |||
15 | statsd-exporter: |
|
14 | statsd-exporter: | |
16 | image: prom/statsd-exporter:v0.26.0 |
|
15 | image: prom/statsd-exporter:v0.26.0 | |
17 | restart: always |
|
16 | restart: always | |
18 | command: [ |
|
17 | command: [ | |
19 | '--statsd.mapping-config=/etc/statsd/statsd.yaml', |
|
18 | '--statsd.mapping-config=/etc/statsd/statsd.yaml', | |
20 | '--statsd.listen-udp=:9125', |
|
19 | '--statsd.listen-udp=:9125', | |
21 | '--web.listen-address=:9102' |
|
20 | '--web.listen-address=:9102' | |
22 | ] |
|
21 | ] | |
23 | networks: |
|
22 | networks: | |
24 | - rhodecode_network |
|
23 | - rhodecode_network | |
25 | # ports: |
|
24 | # ports: | |
26 | # - "9125:9125/udp" |
|
25 | # - "9125:9125/udp" | |
27 | # - "9102:9102" |
|
26 | # - "9102:9102" | |
28 |
|
27 | |||
29 | volumes: |
|
28 | volumes: | |
30 | - ./config/statsd-exporter:/etc/statsd |
|
29 | - ./config/statsd-exporter:/etc/statsd | |
31 | labels: |
|
30 | labels: | |
32 | - "traefik.enable=false" |
|
31 | - "traefik.enable=false" | |
33 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125" |
|
32 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125" | |
34 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102" |
|
33 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102" | |
35 |
|
34 | |||
36 | node-exporter: |
|
35 | node-exporter: | |
37 | image: prom/node-exporter:v1.7.0 |
|
36 | image: prom/node-exporter:v1.7.0 | |
38 | command: |
|
37 | command: | |
39 | - "--path.procfs=/host/proc" |
|
38 | - "--path.procfs=/host/proc" | |
40 | - "--path.rootfs=/rootfs" |
|
39 | - "--path.rootfs=/rootfs" | |
41 | - "--path.sysfs=/host/sys" |
|
40 | - "--path.sysfs=/host/sys" | |
42 | - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)" |
|
41 | - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)" | |
43 | - "--collector.systemd" |
|
42 | - "--collector.systemd" | |
44 | - "--collector.processes" |
|
43 | - "--collector.processes" | |
45 | networks: |
|
44 | networks: | |
46 | - rhodecode_network |
|
45 | - rhodecode_network | |
47 | pid: host |
|
46 | pid: host | |
48 | restart: always |
|
47 | restart: always | |
49 | # ports: |
|
48 | # ports: | |
50 | # - "9100:9100" |
|
49 | # - "9100:9100" | |
51 | volumes: |
|
50 | volumes: | |
52 | - "/proc:/host/proc:ro" |
|
51 | - "/proc:/host/proc:ro" | |
53 | - "/sys:/host/sys:ro" |
|
52 | - "/sys:/host/sys:ro" | |
54 | - "/:/rootfs:ro" |
|
53 | - "/:/rootfs:ro" | |
55 | labels: |
|
54 | labels: | |
56 | - "traefik.enable=false" |
|
55 | - "traefik.enable=false" | |
57 | - "traefik.http.services.node-exporter.loadbalancer.server.port=9100" |
|
56 | - "traefik.http.services.node-exporter.loadbalancer.server.port=9100" | |
58 |
|
57 | |||
59 | prometheus: |
|
58 | prometheus: | |
60 | image: prom/prometheus:v2.48.1 |
|
59 | image: prom/prometheus:v2.48.1 | |
61 | restart: always |
|
60 | restart: always | |
62 | command: |
|
61 | command: | |
63 | - "--config.file=/etc/prometheus/prometheus.yml" |
|
62 | - "--config.file=/etc/prometheus/prometheus.yml" | |
64 | - "--storage.tsdb.path=/prometheus" |
|
63 | - "--storage.tsdb.path=/prometheus" | |
65 | - "--storage.tsdb.retention.time=24h" |
|
64 | - "--storage.tsdb.retention.time=24h" | |
66 | - "--web.console.libraries=/etc/prometheus/console_libraries" |
|
65 | - "--web.console.libraries=/etc/prometheus/console_libraries" | |
67 | - "--web.console.templates=/etc/prometheus/consoles" |
|
66 | - "--web.console.templates=/etc/prometheus/consoles" | |
68 | - "--web.enable-lifecycle" |
|
67 | - "--web.enable-lifecycle" | |
69 | # ports: |
|
68 | # ports: | |
70 | # - "9090:9090" |
|
69 | # - "9090:9090" | |
71 | networks: |
|
70 | networks: | |
72 | - rhodecode_network |
|
71 | - rhodecode_network | |
73 | extra_hosts: |
|
72 | extra_hosts: | |
74 | - "host.docker.internal:host-gateway" |
|
73 | - "host.docker.internal:host-gateway" | |
75 | volumes: |
|
74 | volumes: | |
76 | - ./config/prometheus:/etc/prometheus |
|
75 | - ./config/prometheus:/etc/prometheus | |
77 | - prometheus_data:/prometheus |
|
76 | - prometheus_data:/prometheus | |
78 | labels: |
|
77 | labels: | |
79 | - "traefik.enable=false" |
|
78 | - "traefik.enable=false" | |
80 | - "traefik.http.services.prometheus.loadbalancer.server.port=9090" |
|
79 | - "traefik.http.services.prometheus.loadbalancer.server.port=9090" | |
81 |
|
80 | |||
82 | grafana: |
|
81 | grafana: | |
83 | image: grafana/grafana:9.5.15 |
|
82 | image: grafana/grafana:9.5.15 | |
84 | restart: always |
|
83 | restart: always | |
85 | environment: |
|
84 | environment: | |
86 | RC_DB_USER: ${DB_USER:?must-specify-db-user} |
|
85 | RC_DB_USER: ${DB_USER:?must-specify-db-user} | |
87 | RC_DB_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
86 | RC_DB_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
88 | RC_DB_NAME: ${DB_NAME:?must-specify-db-name} |
|
87 | RC_DB_NAME: ${DB_NAME:?must-specify-db-name} | |
89 | # ports: |
|
88 | # ports: | |
90 | # - "3000:3000" |
|
89 | # - "3000:3000" | |
91 | volumes: |
|
90 | volumes: | |
92 | - grafana_data:/var/lib/grafana |
|
91 | - grafana_data:/var/lib/grafana | |
93 | - ./config/grafana:/etc/grafana |
|
92 | - ./config/grafana:/etc/grafana | |
94 | networks: |
|
93 | networks: | |
95 | - rhodecode_network |
|
94 | - rhodecode_network | |
96 | extra_hosts: |
|
95 | extra_hosts: | |
97 | - "host.docker.internal:host-gateway" |
|
96 | - "host.docker.internal:host-gateway" | |
98 | labels: |
|
97 | labels: | |
99 | - "traefik.enable=true" |
|
98 | - "traefik.enable=true" | |
100 | - "traefik.http.routers.grafana.entrypoints=http" |
|
99 | - "traefik.http.routers.grafana.entrypoints=http" | |
101 | - "traefik.http.routers.grafana.priority=20" |
|
100 | - "traefik.http.routers.grafana.priority=20" | |
102 | - "traefik.http.routers.grafana.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_grafana`)" |
|
101 | - "traefik.http.routers.grafana.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_grafana`)" | |
103 | - "traefik.http.routers.grafana.service=grafana-web" |
|
102 | - "traefik.http.routers.grafana.service=grafana-web" | |
104 | - "traefik.http.services.grafana-web.loadbalancer.server.port=3000" |
|
103 | - "traefik.http.services.grafana-web.loadbalancer.server.port=3000" | |
105 | # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml |
|
104 | # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml | |
106 | #- "traefik.http.routers.grafana.entrypoints=http,https" |
|
105 | #- "traefik.http.routers.grafana.entrypoints=http,https" | |
107 |
|
106 | |||
108 | loki: |
|
107 | loki: | |
109 | image: grafana/loki:2.9.3 |
|
108 | image: grafana/loki:2.9.3 | |
110 | restart: always |
|
109 | restart: always | |
111 | # ports: |
|
110 | # ports: | |
112 | # - "3100:3100" |
|
111 | # - "3100:3100" | |
113 | # - "9095:9095" |
|
112 | # - "9095:9095" | |
114 | command: [ |
|
113 | command: [ | |
115 | "-config.file=/etc/loki/loki-config.yaml" |
|
114 | "-config.file=/etc/loki/loki-config.yaml" | |
116 | ] |
|
115 | ] | |
117 | networks: |
|
116 | networks: | |
118 | - rhodecode_network |
|
117 | - rhodecode_network | |
119 | extra_hosts: |
|
118 | extra_hosts: | |
120 | - "host.docker.internal:host-gateway" |
|
119 | - "host.docker.internal:host-gateway" | |
121 | volumes: |
|
120 | volumes: | |
122 | - ./config/loki:/etc/loki |
|
121 | - ./config/loki:/etc/loki | |
123 | # optionally mount host container to scrape docker logs... |
|
122 | # optionally mount host container to scrape docker logs... | |
124 | # - /var/lib/docker/containers:/var/lib/docker/containers:ro |
|
123 | # - /var/lib/docker/containers:/var/lib/docker/containers:ro | |
125 | labels: |
|
124 | labels: | |
126 | # Loki port is the only one that needs explicitly |
|
125 | # Loki port is the only one that needs explicitly | |
127 | # be exposed because of logging driver host-only working mode |
|
126 | # be exposed because of logging driver host-only working mode | |
128 | - "traefik.enable=true" |
|
127 | - "traefik.enable=true" | |
129 | - "traefik.http.routers.loki.entrypoints=loki" |
|
128 | - "traefik.http.routers.loki.entrypoints=loki" | |
130 | - "traefik.http.routers.loki.rule=PathPrefix(`/`)" |
|
129 | - "traefik.http.routers.loki.rule=PathPrefix(`/`)" | |
131 | - "traefik.http.routers.loki.middlewares=basic-auth@file" |
|
130 | - "traefik.http.routers.loki.middlewares=basic-auth@file" | |
132 | - "traefik.http.routers.loki.service=loki-web" |
|
131 | - "traefik.http.routers.loki.service=loki-web" | |
133 | - "traefik.http.services.loki-web.loadbalancer.server.port=3100" |
|
132 | - "traefik.http.services.loki-web.loadbalancer.server.port=3100" | |
134 |
|
133 | |||
135 | promtail: |
|
134 | promtail: | |
136 | image: grafana/promtail:2.9.3 |
|
135 | image: grafana/promtail:2.9.3 | |
137 | command: [ |
|
136 | command: [ | |
138 | "-config.file=/etc/promtail/promtail-config.yaml" |
|
137 | "-config.file=/etc/promtail/promtail-config.yaml" | |
139 | ] |
|
138 | ] | |
140 | networks: |
|
139 | networks: | |
141 | - rhodecode_network |
|
140 | - rhodecode_network | |
142 | volumes: |
|
141 | volumes: | |
143 | - /var/log:/var/log |
|
142 | - /var/log:/var/log | |
144 | - ./config/promtail:/etc/promtail |
|
143 | - ./config/promtail:/etc/promtail |
@@ -1,48 +1,47 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | x-logging: &custom-logging |
|
2 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
3 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
4 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
5 | driver: loki | |
7 | options: |
|
6 | options: | |
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
7 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
8 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
9 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
10 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
11 | loki-max-backoff: "800ms" | |
13 |
|
12 | |||
14 | ## docker network create -d overlay lb-net |
|
13 | ## docker network create -d overlay lb-net | |
15 | services: |
|
14 | services: | |
16 |
|
15 | |||
17 | traefik: |
|
16 | traefik: | |
18 | restart: always |
|
17 | restart: always | |
19 | image: traefik:v2.10.7 |
|
18 | image: traefik:v2.10.7 | |
20 |
|
19 | |||
21 | ports: |
|
20 | ports: | |
22 | # Default ports on Edge router. |
|
21 | # Default ports on Edge router. | |
23 | # Format is HOST:CONTAINER |
|
22 | # Format is HOST:CONTAINER | |
24 | # To modify the HOST ports only change the first parts before colon. |
|
23 | # To modify the HOST ports only change the first parts before colon. | |
25 | # |
|
24 | # | |
26 | # The HTTP port, exposed as http entrypoint |
|
25 | # The HTTP port, exposed as http entrypoint | |
27 | - "80:80" |
|
26 | - "80:80" | |
28 | # The HTTPS port, exposed as https entrypoint |
|
27 | # The HTTPS port, exposed as https entrypoint | |
29 | - "443:443" |
|
28 | - "443:443" | |
30 | # The loki port, exposed as loki entrypoint behind auth |
|
29 | # The loki port, exposed as loki entrypoint behind auth | |
31 | - "3100:3100" |
|
30 | - "3100:3100" | |
32 | # The SSH port exposed as sshd entrypoint, default 9022 |
|
31 | # The SSH port exposed as sshd entrypoint, default 9022 | |
33 | - "${RC_SSH_PORT:-9022}:${RC_SSH_PORT:-9022}" |
|
32 | - "${RC_SSH_PORT:-9022}:${RC_SSH_PORT:-9022}" | |
34 | volumes: |
|
33 | volumes: | |
35 | # So that Traefik can listen to the Docker events |
|
34 | # So that Traefik can listen to the Docker events | |
36 | - /var/run/docker.sock:/var/run/docker.sock |
|
35 | - /var/run/docker.sock:/var/run/docker.sock | |
37 | - $PWD/config/traefik:/etc/traefik |
|
36 | - $PWD/config/traefik:/etc/traefik | |
38 | - $PWD/config/traefik/dynamic:/etc/traefik_dynamic |
|
37 | - $PWD/config/traefik/dynamic:/etc/traefik_dynamic | |
39 | deploy: |
|
38 | deploy: | |
40 | placement: |
|
39 | placement: | |
41 | constraints: |
|
40 | constraints: | |
42 | # limit swarm deploy to MANAGER only |
|
41 | # limit swarm deploy to MANAGER only | |
43 | - node.role == manager |
|
42 | - node.role == manager | |
44 | networks: |
|
43 | networks: | |
45 | - rhodecode_network |
|
44 | - rhodecode_network | |
46 |
|
45 | |||
47 | # logging: |
|
46 | # logging: | |
48 | # *custom-logging |
|
47 | # *custom-logging |
@@ -1,326 +1,325 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | x-logging: &custom-logging |
|
2 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
3 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
4 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
5 | driver: loki | |
7 | options: |
|
6 | options: | |
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
7 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
8 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
9 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
10 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
11 | loki-max-backoff: "800ms" | |
13 |
|
12 | |||
14 | volumes: |
|
13 | volumes: | |
15 |
|
14 | |||
16 | # volume for redis data store |
|
15 | # volume for redis data store | |
17 | redis_data: |
|
16 | redis_data: | |
18 | labels: |
|
17 | labels: | |
19 | "keep": 1 |
|
18 | "keep": 1 | |
20 |
|
19 | |||
21 | # volume for Postgres db store |
|
20 | # volume for Postgres db store | |
22 |
|
21 | |||
23 | # volume for Postgres Data |
|
22 | # volume for Postgres Data | |
24 | pg_data: |
|
23 | pg_data: | |
25 | labels: |
|
24 | labels: | |
26 | "keep": 1 |
|
25 | "keep": 1 | |
27 |
|
26 | |||
28 | # volume for rhodecode elasticsearch |
|
27 | # volume for rhodecode elasticsearch | |
29 | es_data: |
|
28 | es_data: | |
30 | labels: |
|
29 | labels: | |
31 | "keep": 1 |
|
30 | "keep": 1 | |
32 |
|
31 | |||
33 | services: |
|
32 | services: | |
34 |
|
33 | |||
35 | channelstream: |
|
34 | channelstream: | |
36 | networks: |
|
35 | networks: | |
37 | - rhodecode_network |
|
36 | - rhodecode_network | |
38 | image: channelstream/channelstream:0.7.1 |
|
37 | image: channelstream/channelstream:0.7.1 | |
39 |
|
38 | |||
40 | restart: always |
|
39 | restart: always | |
41 |
|
40 | |||
42 | # ports: |
|
41 | # ports: | |
43 | # - "127.0.0.1:8000:8000" |
|
42 | # - "127.0.0.1:8000:8000" | |
44 | env_file: |
|
43 | env_file: | |
45 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
46 | command: ["channelstream"] |
|
45 | command: ["channelstream"] | |
47 |
|
46 | |||
48 | healthcheck: |
|
47 | healthcheck: | |
49 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://channelstream:8000/admin/sign_in |
|
48 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://channelstream:8000/admin/sign_in | |
50 | timeout: 30s |
|
49 | timeout: 30s | |
51 | start_period: 5s |
|
50 | start_period: 5s | |
52 | interval: 60s |
|
51 | interval: 60s | |
53 | retries: 10 |
|
52 | retries: 10 | |
54 |
|
53 | |||
55 | volumes: |
|
54 | volumes: | |
56 | - confvolume:/etc/rhodecode/conf |
|
55 | - confvolume:/etc/rhodecode/conf | |
57 |
|
56 | |||
58 | logging: |
|
57 | logging: | |
59 | *custom-logging |
|
58 | *custom-logging | |
60 |
|
59 | |||
61 | labels: |
|
60 | labels: | |
62 | - "traefik.enable=true" |
|
61 | - "traefik.enable=true" | |
63 | - "traefik.http.routers.channelstream.entrypoints=http" |
|
62 | - "traefik.http.routers.channelstream.entrypoints=http" | |
64 | - "traefik.http.routers.channelstream.priority=20" |
|
63 | - "traefik.http.routers.channelstream.priority=20" | |
65 | - "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)" |
|
64 | - "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)" | |
66 | - "traefik.http.routers.channelstream.service=channelstream-web" |
|
65 | - "traefik.http.routers.channelstream.service=channelstream-web" | |
67 | - "traefik.http.routers.channelstream.middlewares=strip-cs" |
|
66 | - "traefik.http.routers.channelstream.middlewares=strip-cs" | |
68 | - "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream" |
|
67 | - "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream" | |
69 | - "traefik.http.services.channelstream-web.loadbalancer.server.port=8000" |
|
68 | - "traefik.http.services.channelstream-web.loadbalancer.server.port=8000" | |
70 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml |
|
69 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml | |
71 | #- "traefik.http.routers.channelstream.entrypoints=http,https" |
|
70 | #- "traefik.http.routers.channelstream.entrypoints=http,https" | |
72 |
|
71 | |||
73 | profiles: |
|
72 | profiles: | |
74 | ["channelstream"] |
|
73 | ["channelstream"] | |
75 |
|
74 | |||
76 | nginx-statics: |
|
75 | nginx-statics: | |
77 |
|
76 | |||
78 | # used to serve static files |
|
77 | # used to serve static files | |
79 | networks: |
|
78 | networks: | |
80 | - rhodecode_network |
|
79 | - rhodecode_network | |
81 | image: library/nginx:1.25.3 |
|
80 | image: library/nginx:1.25.3 | |
82 |
|
81 | |||
83 | restart: always |
|
82 | restart: always | |
84 |
|
83 | |||
85 | environment: |
|
84 | environment: | |
86 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 |
|
85 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 | |
87 | env_file: |
|
86 | env_file: | |
88 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
87 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
89 |
|
88 | |||
90 | healthcheck: |
|
89 | healthcheck: | |
91 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' --fail http://127.0.0.1:80/_health_static |
|
90 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' --fail http://127.0.0.1:80/_health_static | |
92 | timeout: 30s |
|
91 | timeout: 30s | |
93 | start_period: 5s |
|
92 | start_period: 5s | |
94 | interval: 60s |
|
93 | interval: 60s | |
95 | retries: 10 |
|
94 | retries: 10 | |
96 |
|
95 | |||
97 | # depends_on: |
|
96 | # depends_on: | |
98 | # - channelstream |
|
97 | # - channelstream | |
99 |
|
98 | |||
100 | volumes: |
|
99 | volumes: | |
101 | - $PWD/config/nginx/nginx_statics.conf:/etc/nginx/nginx.conf:ro |
|
100 | - $PWD/config/nginx/nginx_statics.conf:/etc/nginx/nginx.conf:ro | |
102 | - $PWD/.custom/static_files:/var/opt/rhodecode_static_data |
|
101 | - $PWD/.custom/static_files:/var/opt/rhodecode_static_data | |
103 | - rc_datavolume:/var/opt/rhodecode_data |
|
102 | - rc_datavolume:/var/opt/rhodecode_data | |
104 |
|
103 | |||
105 | logging: |
|
104 | logging: | |
106 | *custom-logging |
|
105 | *custom-logging | |
107 |
|
106 | |||
108 | labels: |
|
107 | labels: | |
109 | - "traefik.enable=true" |
|
108 | - "traefik.enable=true" | |
110 | - "traefik.http.routers.nginx-statics.entrypoints=http" |
|
109 | - "traefik.http.routers.nginx-statics.entrypoints=http" | |
111 | - "traefik.http.routers.nginx-statics.priority=40" |
|
110 | - "traefik.http.routers.nginx-statics.priority=40" | |
112 | - "traefik.http.routers.nginx-statics.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`, `/_pages`)" |
|
111 | - "traefik.http.routers.nginx-statics.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`, `/_pages`)" | |
113 | - "traefik.http.routers.nginx-statics.service=nginx-serv" |
|
112 | - "traefik.http.routers.nginx-statics.service=nginx-serv" | |
114 | - "traefik.http.services.nginx-serv.loadbalancer.server.port=80" |
|
113 | - "traefik.http.services.nginx-serv.loadbalancer.server.port=80" | |
115 |
|
114 | |||
116 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml |
|
115 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml | |
117 | #- "traefik.http.routers.nginx-statics.entrypoints=http, https" |
|
116 | #- "traefik.http.routers.nginx-statics.entrypoints=http, https" | |
118 |
|
117 | |||
119 | nginx-errors: |
|
118 | nginx-errors: | |
120 | networks: |
|
119 | networks: | |
121 | - rhodecode_network |
|
120 | - rhodecode_network | |
122 | image: library/nginx:1.25.3 |
|
121 | image: library/nginx:1.25.3 | |
123 |
|
122 | |||
124 | restart: always |
|
123 | restart: always | |
125 |
|
124 | |||
126 | environment: |
|
125 | environment: | |
127 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 |
|
126 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 | |
128 |
|
127 | |||
129 | env_file: |
|
128 | env_file: | |
130 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
129 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
131 |
|
130 | |||
132 | volumes: |
|
131 | volumes: | |
133 | - $PWD/config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro |
|
132 | - $PWD/config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro | |
134 | - $PWD/config/nginx/error_pages:/etc/nginx/error_pages |
|
133 | - $PWD/config/nginx/error_pages:/etc/nginx/error_pages | |
135 |
|
134 | |||
136 | - rc_datavolume:/var/opt/rhodecode_data |
|
135 | - rc_datavolume:/var/opt/rhodecode_data | |
137 |
|
136 | |||
138 | labels: |
|
137 | labels: | |
139 | - "traefik.enable=true" |
|
138 | - "traefik.enable=true" | |
140 |
|
139 | |||
141 | # error-middleware |
|
140 | # error-middleware | |
142 | - "traefik.http.middlewares.error-pages-middleware.errors.status=404" |
|
141 | - "traefik.http.middlewares.error-pages-middleware.errors.status=404" | |
143 | - "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service" |
|
142 | - "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service" | |
144 | - "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html" |
|
143 | - "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html" | |
145 |
|
144 | |||
146 | # error handling router |
|
145 | # error handling router | |
147 | - "traefik.http.routers.error-router.entrypoints=http" |
|
146 | - "traefik.http.routers.error-router.entrypoints=http" | |
148 | - "traefik.http.routers.error-router.priority=5" |
|
147 | - "traefik.http.routers.error-router.priority=5" | |
149 | - "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)" |
|
148 | - "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)" | |
150 | - "traefik.http.routers.error-router.service=error-pages-service" |
|
149 | - "traefik.http.routers.error-router.service=error-pages-service" | |
151 | - "traefik.http.routers.error-router.middlewares=error-pages-middleware" |
|
150 | - "traefik.http.routers.error-router.middlewares=error-pages-middleware" | |
152 |
|
151 | |||
153 | - "traefik.http.services.error-pages-service.loadbalancer.server.port=80" |
|
152 | - "traefik.http.services.error-pages-service.loadbalancer.server.port=80" | |
154 |
|
153 | |||
155 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml |
|
154 | # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml | |
156 | #- "traefik.http.routers.error-router.entrypoints=http, https" |
|
155 | #- "traefik.http.routers.error-router.entrypoints=http, https" | |
157 |
|
156 | |||
158 | elasticsearch: |
|
157 | elasticsearch: | |
159 | networks: |
|
158 | networks: | |
160 | - rhodecode_network |
|
159 | - rhodecode_network | |
161 | image: elasticsearch:6.8.23 |
|
160 | image: elasticsearch:6.8.23 | |
162 | restart: always |
|
161 | restart: always | |
163 | environment: |
|
162 | environment: | |
164 | - cluster.name=elasticsearch-cluster |
|
163 | - cluster.name=elasticsearch-cluster | |
165 | - network.host=0.0.0.0 |
|
164 | - network.host=0.0.0.0 | |
166 | - bootstrap.memory_lock=true |
|
165 | - bootstrap.memory_lock=true | |
167 | - discovery.type=single-node |
|
166 | - discovery.type=single-node | |
168 | - cluster.routing.allocation.disk.threshold_enabled=false |
|
167 | - cluster.routing.allocation.disk.threshold_enabled=false | |
169 | - cluster.name=rhodecode-elasticsearch |
|
168 | - cluster.name=rhodecode-elasticsearch | |
170 | - xpack.security.enabled=false |
|
169 | - xpack.security.enabled=false | |
171 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" |
|
170 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" | |
172 | env_file: |
|
171 | env_file: | |
173 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
172 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
174 | healthcheck: |
|
173 | healthcheck: | |
175 | # change port 80 to 443 when only using SSL |
|
174 | # change port 80 to 443 when only using SSL | |
176 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ] |
|
175 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ] | |
177 | timeout: 30s |
|
176 | timeout: 30s | |
178 | interval: 60s |
|
177 | interval: 60s | |
179 | retries: 10 |
|
178 | retries: 10 | |
180 |
|
179 | |||
181 | # compat problems within some systems on settings those |
|
180 | # compat problems within some systems on settings those | |
182 | #ulimits: |
|
181 | #ulimits: | |
183 | #memlock: |
|
182 | #memlock: | |
184 | #soft: -1 |
|
183 | #soft: -1 | |
185 | #hard: -1 |
|
184 | #hard: -1 | |
186 |
|
185 | |||
187 | volumes: |
|
186 | volumes: | |
188 | - es_data:/usr/share/elasticsearch/data |
|
187 | - es_data:/usr/share/elasticsearch/data | |
189 |
|
188 | |||
190 | logging: |
|
189 | logging: | |
191 | *custom-logging |
|
190 | *custom-logging | |
192 |
|
191 | |||
193 | profiles: |
|
192 | profiles: | |
194 | ["elasticsearch"] |
|
193 | ["elasticsearch"] | |
195 |
|
194 | |||
196 | redis: |
|
195 | redis: | |
197 | networks: |
|
196 | networks: | |
198 | - rhodecode_network |
|
197 | - rhodecode_network | |
199 | image: library/redis:7.2.4 |
|
198 | image: library/redis:7.2.4 | |
200 |
|
199 | |||
201 | restart: always |
|
200 | restart: always | |
202 | env_file: |
|
201 | env_file: | |
203 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
202 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
204 | command: |
|
203 | command: | |
205 | - "redis-server" |
|
204 | - "redis-server" | |
206 | - "/etc/redis/redis.conf" |
|
205 | - "/etc/redis/redis.conf" | |
207 | - "--maxmemory-policy allkeys-lru" |
|
206 | - "--maxmemory-policy allkeys-lru" | |
208 | - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}" |
|
207 | - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}" | |
209 |
|
208 | |||
210 | # ports: |
|
209 | # ports: | |
211 | # - "127.0.0.1::6379" |
|
210 | # - "127.0.0.1::6379" | |
212 |
|
211 | |||
213 | healthcheck: |
|
212 | healthcheck: | |
214 | test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ] |
|
213 | test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ] | |
215 | interval: 60s |
|
214 | interval: 60s | |
216 |
|
215 | |||
217 | volumes: |
|
216 | volumes: | |
218 | - $PWD/config/redis/redis.conf:/etc/redis/redis.conf:ro |
|
217 | - $PWD/config/redis/redis.conf:/etc/redis/redis.conf:ro | |
219 | - redis_data:/data |
|
218 | - redis_data:/data | |
220 |
|
219 | |||
221 | profiles: |
|
220 | profiles: | |
222 | ["redis"] |
|
221 | ["redis"] | |
223 |
|
222 | |||
224 | logging: |
|
223 | logging: | |
225 | *custom-logging |
|
224 | *custom-logging | |
226 |
|
225 | |||
227 | database: |
|
226 | database: | |
228 | networks: |
|
227 | networks: | |
229 | - rhodecode_network |
|
228 | - rhodecode_network | |
230 | image: library/postgres:14.10 |
|
229 | image: library/postgres:14.10 | |
231 |
|
230 | |||
232 | environment: |
|
231 | environment: | |
233 | POSTGRES_DB: ${DB_NAME:?must-specify-db-name} |
|
232 | POSTGRES_DB: ${DB_NAME:?must-specify-db-name} | |
234 | POSTGRES_USER: ${DB_USER:?must-specify-db-user} |
|
233 | POSTGRES_USER: ${DB_USER:?must-specify-db-user} | |
235 | PGUSER: ${DB_USER:?must-specify-db-user} |
|
234 | PGUSER: ${DB_USER:?must-specify-db-user} | |
236 | POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
235 | POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
237 | POSTGRES_HOST_AUTH_METHOD: md5 |
|
236 | POSTGRES_HOST_AUTH_METHOD: md5 | |
238 | POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5" |
|
237 | POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5" | |
239 | env_file: |
|
238 | env_file: | |
240 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
239 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
241 |
|
240 | |||
242 | restart: always |
|
241 | restart: always | |
243 | command: |
|
242 | command: | |
244 | - "postgres" |
|
243 | - "postgres" | |
245 | - "-c" |
|
244 | - "-c" | |
246 | - "log_statement=ddl" |
|
245 | - "log_statement=ddl" | |
247 | - "-c" |
|
246 | - "-c" | |
248 | - "config_file=/etc/conf.d/pg_customized.conf" |
|
247 | - "config_file=/etc/conf.d/pg_customized.conf" | |
249 |
|
248 | |||
250 | # ports: |
|
249 | # ports: | |
251 | # - "127.0.0.1::5432" |
|
250 | # - "127.0.0.1::5432" | |
252 |
|
251 | |||
253 | healthcheck: |
|
252 | healthcheck: | |
254 | test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"] |
|
253 | test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"] | |
255 | interval: 10s |
|
254 | interval: 10s | |
256 | timeout: 5s |
|
255 | timeout: 5s | |
257 | retries: 5 |
|
256 | retries: 5 | |
258 |
|
257 | |||
259 | volumes: |
|
258 | volumes: | |
260 | - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro |
|
259 | - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro | |
261 | # db dumps reverse mount |
|
260 | # db dumps reverse mount | |
262 | - $PWD/.custom/db_dump:/var/rc-data-dump |
|
261 | - $PWD/.custom/db_dump:/var/rc-data-dump | |
263 | # save the pg_data volume |
|
262 | # save the pg_data volume | |
264 | - pg_data:/var/lib/postgresql/data |
|
263 | - pg_data:/var/lib/postgresql/data | |
265 |
|
264 | |||
266 |
|
265 | |||
267 | profiles: |
|
266 | profiles: | |
268 | ["postgres", "database"] |
|
267 | ["postgres", "database"] | |
269 |
|
268 | |||
270 | logging: |
|
269 | logging: | |
271 | *custom-logging |
|
270 | *custom-logging | |
272 |
|
271 | |||
273 | database-mysql: |
|
272 | database-mysql: | |
274 | networks: |
|
273 | networks: | |
275 | - rhodecode_network |
|
274 | - rhodecode_network | |
276 | image: library/mysql:8.0.35 |
|
275 | image: library/mysql:8.0.35 | |
277 |
|
276 | |||
278 | environment: |
|
277 | environment: | |
279 | MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name} |
|
278 | MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name} | |
280 | MYSQL_USER: ${DB_USER:?must-specify-db-user} |
|
279 | MYSQL_USER: ${DB_USER:?must-specify-db-user} | |
281 | MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
280 | MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
282 | MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
281 | MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
283 | env_file: |
|
282 | env_file: | |
284 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
283 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
285 |
|
284 | |||
286 | restart: always |
|
285 | restart: always | |
287 |
|
286 | |||
288 | # ports: |
|
287 | # ports: | |
289 | # - "127.0.0.1::3306" |
|
288 | # - "127.0.0.1::3306" | |
290 |
|
289 | |||
291 | volumes: |
|
290 | volumes: | |
292 | - $PWD/config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro |
|
291 | - $PWD/config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro | |
293 | # save the mysql_data volume |
|
292 | # save the mysql_data volume | |
294 | - $PWD/mysql_dir:/var/lib/mysql |
|
293 | - $PWD/mysql_dir:/var/lib/mysql | |
295 |
|
294 | |||
296 | profiles: |
|
295 | profiles: | |
297 | ["mysql"] |
|
296 | ["mysql"] | |
298 |
|
297 | |||
299 | logging: |
|
298 | logging: | |
300 | *custom-logging |
|
299 | *custom-logging | |
301 |
|
300 | |||
302 | # DEBUG/DEVEL |
|
301 | # DEBUG/DEVEL | |
303 | httpbin: |
|
302 | httpbin: | |
304 | networks: |
|
303 | networks: | |
305 | - rhodecode_network |
|
304 | - rhodecode_network | |
306 | image: kennethreitz/httpbin:latest |
|
305 | image: kennethreitz/httpbin:latest | |
307 | ports: |
|
306 | ports: | |
308 | # expose on 9090 to not block 80 for traefik |
|
307 | # expose on 9090 to not block 80 for traefik | |
309 | - "9090:80" |
|
308 | - "9090:80" | |
310 | profiles: |
|
309 | profiles: | |
311 | ["testing"] |
|
310 | ["testing"] | |
312 |
|
311 | |||
313 | restart: always |
|
312 | restart: always | |
314 |
|
313 | |||
315 | ldap-server: |
|
314 | ldap-server: | |
316 | networks: |
|
315 | networks: | |
317 | - rhodecode_network |
|
316 | - rhodecode_network | |
318 | image: rroemhild/test-openldap:latest |
|
317 | image: rroemhild/test-openldap:latest | |
319 | ports: |
|
318 | ports: | |
320 | # expose on 10389 (ldap) 10636 (ldaps) |
|
319 | # expose on 10389 (ldap) 10636 (ldaps) | |
321 | - "10389:10389" |
|
320 | - "10389:10389" | |
322 | - "10636:10636" |
|
321 | - "10636:10636" | |
323 | profiles: |
|
322 | profiles: | |
324 | ["testing"] |
|
323 | ["testing"] | |
325 |
|
324 | |||
326 | restart: always No newline at end of file |
|
325 | restart: always |
@@ -1,111 +1,108 b'' | |||||
1 | .. _configuration-of-components: |
|
1 | .. _configuration-of-components: | |
2 |
|
2 | |||
3 | =========================== |
|
3 | =========================== | |
4 | Configuration of components |
|
4 | Configuration of components | |
5 | =========================== |
|
5 | =========================== | |
6 |
|
6 | |||
7 |
|
7 | |||
8 |
|
8 | |||
9 |
|
9 | |||
10 | Selecting a database type |
|
10 | Selecting a database type | |
11 | +++++++++++++++++++++++++ |
|
11 | +++++++++++++++++++++++++ | |
12 |
|
12 | |||
13 | By editing :file:`.custom/docker-compose-services.override.yaml` |
|
13 | By editing :file:`.custom/docker-compose-services.override.yaml` | |
14 |
|
14 | |||
15 | Set replicas to 1 for chosen DB type, or both to 0 if you want to run an external DB inside |
|
15 | Set replicas to 1 for chosen DB type, or both to 0 if you want to run an external DB inside | |
16 | your host system. |
|
16 | your host system. | |
17 |
|
17 | |||
18 | .. code-block:: yaml |
|
18 | .. code-block:: yaml | |
19 |
|
19 | |||
20 |
|
20 | |||
21 | version: '3.9' |
|
|||
22 | ## This is a final override file for services stack |
|
21 | ## This is a final override file for services stack | |
23 | ## Add your own customizations |
|
22 | ## Add your own customizations | |
24 |
|
23 | |||
25 | ## docker network create -d overlay lb-net |
|
24 | ## docker network create -d overlay lb-net | |
26 | services: |
|
25 | services: | |
27 |
|
26 | |||
28 | # default Postgresql DB |
|
27 | # default Postgresql DB | |
29 | database: |
|
28 | database: | |
30 | # to disable set replicas to 0 |
|
29 | # to disable set replicas to 0 | |
31 | deploy: |
|
30 | deploy: | |
32 | replicas: 1 |
|
31 | replicas: 1 | |
33 |
|
32 | |||
34 | # MySQL DB |
|
33 | # MySQL DB | |
35 | database-mysql: |
|
34 | database-mysql: | |
36 | # to disable set replicas to 0 |
|
35 | # to disable set replicas to 0 | |
37 | deploy: |
|
36 | deploy: | |
38 | replicas: 1 |
|
37 | replicas: 1 | |
39 |
|
38 | |||
40 |
|
39 | |||
41 | Disable Redis |
|
40 | Disable Redis | |
42 | +++++++++++++ |
|
41 | +++++++++++++ | |
43 |
|
42 | |||
44 |
|
43 | |||
45 | By editing :file:`.custom/docker-compose-services.override.yaml` |
|
44 | By editing :file:`.custom/docker-compose-services.override.yaml` | |
46 |
|
45 | |||
47 |
|
46 | |||
48 | .. code-block:: yaml |
|
47 | .. code-block:: yaml | |
49 |
|
48 | |||
50 |
|
49 | |||
51 | version: '3.9' |
|
|||
52 | ## This is a final override file for services stack |
|
50 | ## This is a final override file for services stack | |
53 | ## Add your own customizations |
|
51 | ## Add your own customizations | |
54 |
|
52 | |||
55 | ## docker network create -d overlay lb-net |
|
53 | ## docker network create -d overlay lb-net | |
56 | services: |
|
54 | services: | |
57 |
|
55 | |||
58 | redis: |
|
56 | redis: | |
59 | # to disable set replicas to 0 |
|
57 | # to disable set replicas to 0 | |
60 | deploy: |
|
58 | deploy: | |
61 | replicas: 0 |
|
59 | replicas: 0 | |
62 |
|
60 | |||
63 |
|
61 | |||
64 | Disable ElasticSearch |
|
62 | Disable ElasticSearch | |
65 | +++++++++++++++++++++ |
|
63 | +++++++++++++++++++++ | |
66 |
|
64 | |||
67 | ElasticSearch is used by default as a search engine. |
|
65 | ElasticSearch is used by default as a search engine. | |
68 | Elasticsearch is powerful search engine, however it generally requires a lot of resource to be functional. |
|
66 | Elasticsearch is powerful search engine, however it generally requires a lot of resource to be functional. | |
69 |
|
67 | |||
70 | In case the plan is to use CE edition, or the machine is restricted with resource ElasticSearch can be disabled. |
|
68 | In case the plan is to use CE edition, or the machine is restricted with resource ElasticSearch can be disabled. | |
71 |
|
69 | |||
72 | By editing :file:`.custom/docker-compose-services.override.yaml` |
|
70 | By editing :file:`.custom/docker-compose-services.override.yaml` | |
73 |
|
71 | |||
74 |
|
72 | |||
75 | .. code-block:: yaml |
|
73 | .. code-block:: yaml | |
76 |
|
74 | |||
77 |
|
75 | |||
78 | version: '3.9' |
|
|||
79 | ## This is a final override file for services stack |
|
76 | ## This is a final override file for services stack | |
80 | ## Add your own customizations |
|
77 | ## Add your own customizations | |
81 |
|
78 | |||
82 | ## set elasticsearch replicas to 0 to stop running it together with services stack. |
|
79 | ## set elasticsearch replicas to 0 to stop running it together with services stack. | |
83 | services: |
|
80 | services: | |
84 |
|
81 | |||
85 | elasticsearch: |
|
82 | elasticsearch: | |
86 | # to disable set replicas to 0 |
|
83 | # to disable set replicas to 0 | |
87 | deploy: |
|
84 | deploy: | |
88 | replicas: 0 |
|
85 | replicas: 0 | |
89 |
|
86 | |||
90 |
|
87 | |||
91 | Elasticsearch is used by default as a search engine inside the rhodecode.ini configuration. |
|
88 | Elasticsearch is used by default as a search engine inside the rhodecode.ini configuration. | |
92 | So this needs to be also adjusted. |
|
89 | So this needs to be also adjusted. | |
93 |
|
90 | |||
94 |
|
91 | |||
95 | By editing :file:`config/_shared/rhodecode.ini` |
|
92 | By editing :file:`config/_shared/rhodecode.ini` | |
96 |
|
93 | |||
97 | Turn of ElasticSearch and enable Whoosh |
|
94 | Turn of ElasticSearch and enable Whoosh | |
98 |
|
95 | |||
99 | .. code-block:: ini |
|
96 | .. code-block:: ini | |
100 |
|
97 | |||
101 | ; ElasticSearch (EE edition only). Requires Elastic Search cluster |
|
98 | ; ElasticSearch (EE edition only). Requires Elastic Search cluster | |
102 | ; to be installed, and running. Recommended for large amount of repositories |
|
99 | ; to be installed, and running. Recommended for large amount of repositories | |
103 | #search.module = rc_elasticsearch |
|
100 | #search.module = rc_elasticsearch | |
104 | #search.location = http://elasticsearch:9200 |
|
101 | #search.location = http://elasticsearch:9200 | |
105 | ; specify Elastic Search version, 6 for latest or 2 for legacy |
|
102 | ; specify Elastic Search version, 6 for latest or 2 for legacy | |
106 | #search.es_version = 6 |
|
103 | #search.es_version = 6 | |
107 |
|
104 | |||
108 | ; WHOOSH Backend, doesn't require additional services to run |
|
105 | ; WHOOSH Backend, doesn't require additional services to run | |
109 | ; it works good with few dozen repos |
|
106 | ; it works good with few dozen repos | |
110 | search.module = rhodecode.lib.index.whoosh |
|
107 | search.module = rhodecode.lib.index.whoosh | |
111 | search.location = /var/opt/rhodecode_data/index |
|
108 | search.location = /var/opt/rhodecode_data/index |
@@ -1,110 +1,109 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | services: |
|
2 | services: | |
4 |
|
3 | |||
5 | rhodecode: |
|
4 | rhodecode: | |
6 |
|
5 | |||
7 | deploy: |
|
6 | deploy: | |
8 | # set number of instances of services to be spawned on stack start |
|
7 | # set number of instances of services to be spawned on stack start | |
9 | replicas: 1 |
|
8 | replicas: 1 | |
10 |
|
9 | |||
11 | environment: |
|
10 | environment: | |
12 | RC_COMPOSE_OVERRIDE: 1 |
|
11 | RC_COMPOSE_OVERRIDE: 1 | |
13 | #DB_UPGRADE: 0 # 1 run the DB upgrade, 0 disable db upgrade at startup |
|
12 | #DB_UPGRADE: 0 # 1 run the DB upgrade, 0 disable db upgrade at startup | |
14 | #SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run |
|
13 | #SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run | |
15 |
|
14 | |||
16 | # volumes: |
|
15 | # volumes: | |
17 | # # mount the host dir into repo storage path on container |
|
16 | # # mount the host dir into repo storage path on container | |
18 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
|
17 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store | |
19 |
|
18 | |||
20 | # ports: |
|
19 | # ports: | |
21 | # # expose port for optional direct port connection |
|
20 | # # expose port for optional direct port connection | |
22 | # - "10020:10020" |
|
21 | # - "10020:10020" | |
23 |
|
22 | |||
24 | # healthcheck: |
|
23 | # healthcheck: | |
25 | # # disable the healthcheck for faster signal handling that instance is available |
|
24 | # # disable the healthcheck for faster signal handling that instance is available | |
26 | # # generally not recommended |
|
25 | # # generally not recommended | |
27 | # test: ['CMD','true'] |
|
26 | # test: ['CMD','true'] | |
28 |
|
27 | |||
29 | labels: |
|
28 | labels: | |
30 | - "traefik.enable=true" |
|
29 | - "traefik.enable=true" | |
31 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other |
|
30 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other | |
32 | # - "traefik.http.routers.rhodecode.entrypoints=http,https" |
|
31 | # - "traefik.http.routers.rhodecode.entrypoints=http,https" | |
33 |
|
32 | |||
34 |
|
33 | |||
35 |
|
34 | |||
36 |
|
35 | |||
37 | vcsserver: |
|
36 | vcsserver: | |
38 |
|
37 | |||
39 | deploy: |
|
38 | deploy: | |
40 | # set number of instances of services to be spawned on stack start |
|
39 | # set number of instances of services to be spawned on stack start | |
41 | replicas: 1 |
|
40 | replicas: 1 | |
42 |
|
41 | |||
43 | environment: |
|
42 | environment: | |
44 | RC_COMPOSE_OVERRIDE: 1 |
|
43 | RC_COMPOSE_OVERRIDE: 1 | |
45 |
|
44 | |||
46 | # volumes: |
|
45 | # volumes: | |
47 | # # mount the host dir into repo storage path on container |
|
46 | # # mount the host dir into repo storage path on container | |
48 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
|
47 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store | |
49 | # # mount your own source code |
|
48 | # # mount your own source code | |
50 | # - $PWD/rhodecode-enterprise-ce/:/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode |
|
49 | # - $PWD/rhodecode-enterprise-ce/:/home/rhodecode/venv/lib/python3.11/site-packages/rhodecode | |
51 |
|
50 | |||
52 | # healthcheck: |
|
51 | # healthcheck: | |
53 | # # disable the healthcheck for faster signal handling that instance is available |
|
52 | # # disable the healthcheck for faster signal handling that instance is available | |
54 | # # generally not recommended |
|
53 | # # generally not recommended | |
55 | # test: ['CMD','true'] |
|
54 | # test: ['CMD','true'] | |
56 |
|
55 | |||
57 | sshd: |
|
56 | sshd: | |
58 |
|
57 | |||
59 | deploy: |
|
58 | deploy: | |
60 | # set number of instances of services to be spawned on stack start |
|
59 | # set number of instances of services to be spawned on stack start | |
61 | replicas: 1 |
|
60 | replicas: 1 | |
62 |
|
61 | |||
63 | environment: |
|
62 | environment: | |
64 | RC_COMPOSE_OVERRIDE: 1 |
|
63 | RC_COMPOSE_OVERRIDE: 1 | |
65 | #SSH_BOOTSTRAP: 0 # 1 run the initials key init, 0 disable |
|
64 | #SSH_BOOTSTRAP: 0 # 1 run the initials key init, 0 disable | |
66 |
|
65 | |||
67 | # volumes: |
|
66 | # volumes: | |
68 | # # mount the host dir into repo storage path on container |
|
67 | # # mount the host dir into repo storage path on container | |
69 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
|
68 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store | |
70 | # # mount custom sshd_config for customization of ssh user etc |
|
69 | # # mount custom sshd_config for customization of ssh user etc | |
71 | # - ./custom/ssh/sshd_config:/etc/rhodecode/sshd_config:ro |
|
70 | # - ./custom/ssh/sshd_config:/etc/rhodecode/sshd_config:ro | |
72 |
|
71 | |||
73 | svn: |
|
72 | svn: | |
74 |
|
73 | |||
75 | deploy: |
|
74 | deploy: | |
76 | # set number of instances of services to be spawned on stack start |
|
75 | # set number of instances of services to be spawned on stack start | |
77 | replicas: 1 |
|
76 | replicas: 1 | |
78 |
|
77 | |||
79 | environment: |
|
78 | environment: | |
80 | RC_COMPOSE_OVERRIDE: 1 |
|
79 | RC_COMPOSE_OVERRIDE: 1 | |
81 |
|
80 | |||
82 | # volumes: |
|
81 | # volumes: | |
83 | # # mount the host dir into repo storage path on container |
|
82 | # # mount the host dir into repo storage path on container | |
84 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
|
83 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store | |
85 |
|
84 | |||
86 | celery-beat: |
|
85 | celery-beat: | |
87 |
|
86 | |||
88 | deploy: |
|
87 | deploy: | |
89 | # set number of instances of services to be spawned on stack start |
|
88 | # set number of instances of services to be spawned on stack start | |
90 | replicas: 1 |
|
89 | replicas: 1 | |
91 |
|
90 | |||
92 | environment: |
|
91 | environment: | |
93 | RC_COMPOSE_OVERRIDE: 1 |
|
92 | RC_COMPOSE_OVERRIDE: 1 | |
94 |
|
93 | |||
95 | # volumes: |
|
94 | # volumes: | |
96 | # # mount the host dir into repo storage path on container |
|
95 | # # mount the host dir into repo storage path on container | |
97 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
|
96 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store | |
98 |
|
97 | |||
99 | celery: |
|
98 | celery: | |
100 |
|
99 | |||
101 | deploy: |
|
100 | deploy: | |
102 | # set number of instances of services to be spawned on stack start |
|
101 | # set number of instances of services to be spawned on stack start | |
103 | replicas: 1 |
|
102 | replicas: 1 | |
104 |
|
103 | |||
105 | environment: |
|
104 | environment: | |
106 | RC_COMPOSE_OVERRIDE: 1 |
|
105 | RC_COMPOSE_OVERRIDE: 1 | |
107 |
|
106 | |||
108 | # volumes: |
|
107 | # volumes: | |
109 | # # mount the host dir into repo storage path on container |
|
108 | # # mount the host dir into repo storage path on container | |
110 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store No newline at end of file |
|
109 | # - $PWD/rc-repos-host:/var/opt/rhodecode_repo_store |
@@ -1,25 +1,24 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | services: |
|
2 | services: | |
4 |
|
3 | |||
5 | grafana: |
|
4 | grafana: | |
6 | labels: |
|
5 | labels: | |
7 | - "traefik.enable=true" |
|
6 | - "traefik.enable=true" | |
8 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other |
|
7 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other | |
9 | # - "traefik.http.routers.grafana.entrypoints=http,https" |
|
8 | # - "traefik.http.routers.grafana.entrypoints=http,https" | |
10 |
|
9 | |||
11 | promtail: |
|
10 | promtail: | |
12 | {} |
|
11 | {} | |
13 |
|
12 | |||
14 | loki: |
|
13 | loki: | |
15 | {} |
|
14 | {} | |
16 |
|
15 | |||
17 | prometheus: |
|
16 | prometheus: | |
18 | {} |
|
17 | {} | |
19 |
|
18 | |||
20 | node-exporter: |
|
19 | node-exporter: | |
21 | {} |
|
20 | {} | |
22 |
|
21 | |||
23 | statsd-exporter: |
|
22 | statsd-exporter: | |
24 | {} |
|
23 | {} | |
25 |
|
24 |
@@ -1,35 +1,34 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
1 | |||
3 | ## docker network create -d overlay lb-net |
|
2 | ## docker network create -d overlay lb-net | |
4 | services: |
|
3 | services: | |
5 |
|
4 | |||
6 | traefik: |
|
5 | traefik: | |
7 | # # NOTE: the '!override' replaces the original values defined, avail on docker-compose 2.24.2+ |
|
6 | # # NOTE: the '!override' replaces the original values defined, avail on docker-compose 2.24.2+ | |
8 | # # don't use it if your compose doesn't allow this syntax |
|
7 | # # don't use it if your compose doesn't allow this syntax | |
9 | # ports: !override |
|
8 | # ports: !override | |
10 | # # The Web UI (enabled by --api.insecure=true) |
|
9 | # # The Web UI (enabled by --api.insecure=true) | |
11 | # # uncomment to expose dashboard at port :7000, |
|
10 | # # uncomment to expose dashboard at port :7000, | |
12 | # # this is mostly for debugging routes and services |
|
11 | # # this is mostly for debugging routes and services | |
13 | # - "7000:7000" |
|
12 | # - "7000:7000" | |
14 | # # The HTTP port, exposed as http entrypoint |
|
13 | # # The HTTP port, exposed as http entrypoint | |
15 | # - "80:80" |
|
14 | # - "80:80" | |
16 | # # The HTTPS port, exposed as https entrypoint |
|
15 | # # The HTTPS port, exposed as https entrypoint | |
17 | # - "443:443" |
|
16 | # - "443:443" | |
18 | # volumes: |
|
17 | # volumes: | |
19 | # # Bind to docker.sock that Traefik can listen to the Docker events |
|
18 | # # Bind to docker.sock that Traefik can listen to the Docker events | |
20 | # - /var/run/docker.sock:/var/run/docker.sock |
|
19 | # - /var/run/docker.sock:/var/run/docker.sock | |
21 |
|
20 | |||
22 | # # custom traefik config, enable SSL etc... |
|
21 | # # custom traefik config, enable SSL etc... | |
23 | # # put your traefik setup in this directory structure, and uncomment to override |
|
22 | # # put your traefik setup in this directory structure, and uncomment to override | |
24 | # # default traefik static/dynamic configs |
|
23 | # # default traefik static/dynamic configs | |
25 | # - $PWD/.custom/traefik_custom:/etc/traefik:ro |
|
24 | # - $PWD/.custom/traefik_custom:/etc/traefik:ro | |
26 | # - $PWD/.custom/traefik_custom/dynamic:/etc/traefik_dynamic:ro |
|
25 | # - $PWD/.custom/traefik_custom/dynamic:/etc/traefik_dynamic:ro | |
27 |
|
26 | |||
28 | # # Mount ACME shared json config for lets-encrypt |
|
27 | # # Mount ACME shared json config for lets-encrypt | |
29 | # - $PWD/.custom/traefik_custom/acme:/acme |
|
28 | # - $PWD/.custom/traefik_custom/acme:/acme | |
30 |
|
29 | |||
31 | environment: |
|
30 | environment: | |
32 | RC_COMPOSE_OVERRIDE: 1 |
|
31 | RC_COMPOSE_OVERRIDE: 1 | |
33 |
|
32 | |||
34 | # labels: |
|
33 | # labels: | |
35 | # - "traefik.enable=true" No newline at end of file |
|
34 | # - "traefik.enable=true" |
@@ -1,79 +1,78 b'' | |||||
1 | version: '3.9' |
|
|||
2 |
|
|
1 | ## This is a final override file for services stack | |
3 | ## Add your own customizations |
|
2 | ## Add your own customizations | |
4 |
|
3 | |||
5 | ## docker network create -d overlay lb-net |
|
4 | ## docker network create -d overlay lb-net | |
6 | services: |
|
5 | services: | |
7 |
|
6 | |||
8 | database: |
|
7 | database: | |
9 | deploy: |
|
8 | deploy: | |
10 | # to disable usage of this service using your own postgres instance set replicas to 0 |
|
9 | # to disable usage of this service using your own postgres instance set replicas to 0 | |
11 | replicas: 1 |
|
10 | replicas: 1 | |
12 | profiles: |
|
11 | profiles: | |
13 | ["postgres", "database"] |
|
12 | ["postgres", "database"] | |
14 | # ports: |
|
13 | # ports: | |
15 | # # expose running db to host under 5432 port |
|
14 | # # expose running db to host under 5432 port | |
16 | # - "127.0.0.1::5432" |
|
15 | # - "127.0.0.1::5432" | |
17 |
|
16 | |||
18 | database-mysql: |
|
17 | database-mysql: | |
19 | deploy: |
|
18 | deploy: | |
20 | # to disable usage of this service, running your own mysql instance set replicas to 0 |
|
19 | # to disable usage of this service, running your own mysql instance set replicas to 0 | |
21 | replicas: 1 |
|
20 | replicas: 1 | |
22 | profiles: |
|
21 | profiles: | |
23 | ["mysql", "database"] |
|
22 | ["mysql", "database"] | |
24 |
|
23 | |||
25 | redis: |
|
24 | redis: | |
26 | # to disable usage of this service using external redis set replicas to 0 |
|
25 | # to disable usage of this service using external redis set replicas to 0 | |
27 | deploy: |
|
26 | deploy: | |
28 | replicas: 1 |
|
27 | replicas: 1 | |
29 |
|
28 | |||
30 | elasticsearch: |
|
29 | elasticsearch: | |
31 | # to disable usage of this service using external elasticsearch set replicas to 0 |
|
30 | # to disable usage of this service using external elasticsearch set replicas to 0 | |
32 | deploy: |
|
31 | deploy: | |
33 | replicas: 1 |
|
32 | replicas: 1 | |
34 |
|
33 | |||
35 | nginx-statics: |
|
34 | nginx-statics: | |
36 | labels: |
|
35 | labels: | |
37 | - "traefik.enable=true" |
|
36 | - "traefik.enable=true" | |
38 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other |
|
37 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other | |
39 | # - "traefik.http.routers.nginx-statics.entrypoints=http,https" |
|
38 | # - "traefik.http.routers.nginx-statics.entrypoints=http,https" | |
40 |
|
39 | |||
41 | channelstream: |
|
40 | channelstream: | |
42 | labels: |
|
41 | labels: | |
43 | - "traefik.enable=true" |
|
42 | - "traefik.enable=true" | |
44 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other |
|
43 | # # Enable http+https endpoints to serve SSL, select just 1 to disable the other | |
45 | # - "traefik.http.routers.channelstream.entrypoints=http,https" |
|
44 | # - "traefik.http.routers.channelstream.entrypoints=http,https" | |
46 |
|
45 | |||
47 |
|
46 | |||
48 | portainer: |
|
47 | portainer: | |
49 | # Run with COMPOSE_PROFILES=portainer |
|
48 | # Run with COMPOSE_PROFILES=portainer | |
50 | # to access portainer set separate domain for portainer |
|
49 | # to access portainer set separate domain for portainer | |
51 | # also needs an external new volume |
|
50 | # also needs an external new volume | |
52 | # docker volume create --label keep=1 --name=portainer_data |
|
51 | # docker volume create --label keep=1 --name=portainer_data | |
53 | image: portainer/portainer-ce:latest |
|
52 | image: portainer/portainer-ce:latest | |
54 | restart: always |
|
53 | restart: always | |
55 | volumes: |
|
54 | volumes: | |
56 | - portainer_data:/data |
|
55 | - portainer_data:/data | |
57 | - /var/run/docker.sock:/var/run/docker.sock |
|
56 | - /var/run/docker.sock:/var/run/docker.sock | |
58 | deploy: |
|
57 | deploy: | |
59 | mode: replicated |
|
58 | mode: replicated | |
60 | replicas: 1 |
|
59 | replicas: 1 | |
61 | placement: |
|
60 | placement: | |
62 | constraints: |
|
61 | constraints: | |
63 | # limit swarm deploy to MANAGER only |
|
62 | # limit swarm deploy to MANAGER only | |
64 | - node.role == manager |
|
63 | - node.role == manager | |
65 |
|
64 | |||
66 | networks: |
|
65 | networks: | |
67 | - rhodecode_network |
|
66 | - rhodecode_network | |
68 | labels: |
|
67 | labels: | |
69 | - "traefik.enable=true" |
|
68 | - "traefik.enable=true" | |
70 | - "traefik.http.routers.portainer.entrypoints=https" |
|
69 | - "traefik.http.routers.portainer.entrypoints=https" | |
71 | - "traefik.http.routers.portainer.rule=Host(`portainer.yourdomain.com`)" |
|
70 | - "traefik.http.routers.portainer.rule=Host(`portainer.yourdomain.com`)" | |
72 | - "traefik.http.services.portainer.loadbalancer.server.port=9000" |
|
71 | - "traefik.http.services.portainer.loadbalancer.server.port=9000" | |
73 |
|
72 | |||
74 | profiles: |
|
73 | profiles: | |
75 | ["portainer"] |
|
74 | ["portainer"] | |
76 |
|
75 | |||
77 | volumes: |
|
76 | volumes: | |
78 | portainer_data: |
|
77 | portainer_data: | |
79 | external: true |
|
78 | external: true |
General Comments 0
You need to be logged in to leave comments.
Login now