Show More
@@ -1,302 +1,302 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | x-logging: &custom-logging |
|
3 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
5 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
6 | driver: loki | |
7 | options: |
|
7 | options: | |
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
10 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
11 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
12 | loki-max-backoff: "800ms" | |
13 |
|
13 | |||
14 |
|
14 | |||
15 | services: |
|
15 | services: | |
16 |
|
16 | |||
17 | # base shared options for RhodeCode type services |
|
17 | # base shared options for RhodeCode type services | |
18 | common_base: |
|
18 | common_base: | |
19 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
19 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
20 | stdin_open: true |
|
20 | stdin_open: true | |
21 | tty: true |
|
21 | tty: true | |
22 | restart: always |
|
22 | restart: always | |
23 | deploy: |
|
23 | deploy: | |
24 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
24 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
25 | replicas: 0 |
|
25 | replicas: 0 | |
26 | networks: |
|
26 | networks: | |
27 | - rhodecode_network |
|
27 | - rhodecode_network | |
28 | extra_hosts: |
|
28 | extra_hosts: | |
29 | - "host.docker.internal:host-gateway" |
|
29 | - "host.docker.internal:host-gateway" | |
30 | volumes: |
|
30 | volumes: | |
31 | - confvolume:/etc/rhodecode/conf |
|
31 | - confvolume:/etc/rhodecode/conf | |
32 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
32 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
33 | - rc_datavolume:/var/opt/rhodecode_data |
|
33 | - rc_datavolume:/var/opt/rhodecode_data | |
34 | logging: |
|
34 | logging: | |
35 | *custom-logging |
|
35 | *custom-logging | |
36 |
|
36 | |||
37 | # base definition WITHOUT labels to full control over override and custom service |
|
37 | # base definition WITHOUT labels to full control over override and custom service | |
38 | # main rhodecode will use extends + service from that base |
|
38 | # main rhodecode will use extends + service from that base | |
39 | rhodecode_base: |
|
39 | rhodecode_base: | |
40 | extends: |
|
40 | extends: | |
41 | service: common_base |
|
41 | service: common_base | |
42 |
|
42 | |||
43 | env_file: |
|
43 | env_file: | |
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
45 |
|
45 | |||
46 | command: [ |
|
46 | command: [ | |
47 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", |
|
47 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", | |
48 | "--error-logfile=-", |
|
48 | "--error-logfile=-", | |
49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", |
|
49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", | |
50 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" |
|
50 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" | |
51 | ] |
|
51 | ] | |
52 |
|
52 | |||
53 | build: |
|
53 | build: | |
54 | context: . |
|
54 | context: . | |
55 | dockerfile: service/rhodecode/rhodecode.dockerfile |
|
55 | dockerfile: service/rhodecode/rhodecode.dockerfile | |
56 | args: |
|
56 | args: | |
57 | TZ: ${TZ:-UTC} |
|
57 | TZ: ${TZ:-UTC} | |
58 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} |
|
58 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} | |
59 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} |
|
59 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} | |
60 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} |
|
60 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} | |
61 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} |
|
61 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} | |
62 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} |
|
62 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} | |
63 |
|
63 | |||
64 | environment: |
|
64 | environment: | |
65 | RC_APP_TYPE: rhodecode_http |
|
65 | RC_APP_TYPE: rhodecode_http | |
66 | RC_APP_PROC: 1 |
|
66 | RC_APP_PROC: 1 | |
67 | RC_APP_PORT: "10020" |
|
67 | RC_APP_PORT: "10020" | |
68 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
68 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
69 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
69 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
70 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
70 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
71 | GEVENT_RESOLVER: "ares" |
|
71 | GEVENT_RESOLVER: "ares" | |
72 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" |
|
72 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" | |
73 |
|
73 | |||
74 | DB_UPGRADE: 1 # run the DB upgrade |
|
74 | DB_UPGRADE: 1 # run the DB upgrade | |
75 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run |
|
75 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run | |
76 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB |
|
76 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB | |
77 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application |
|
77 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application | |
78 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
78 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
79 |
|
79 | |||
80 | # SVN Specific |
|
80 | # SVN Specific | |
81 | MOD_DAV_SVN_PORT: 8090 |
|
81 | MOD_DAV_SVN_PORT: 8090 | |
82 | APACHE_LOG_DIR: /var/log |
|
82 | APACHE_LOG_DIR: /var/log | |
83 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
83 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
84 |
|
84 | |||
85 | healthcheck: |
|
85 | healthcheck: | |
86 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping |
|
86 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping | |
87 | timeout: 30s |
|
87 | timeout: 30s | |
88 | interval: 60s |
|
88 | interval: 60s | |
89 | retries: 10 |
|
89 | retries: 10 | |
90 |
|
90 | |||
91 | tmpfs: |
|
91 | tmpfs: | |
92 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} |
|
92 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} | |
93 |
|
93 | |||
94 | rhodecode: |
|
94 | rhodecode: | |
95 | # depends_on: |
|
95 | # depends_on: | |
96 | # - redis |
|
96 | # - redis | |
97 | # - database |
|
97 | # - database | |
98 | # - channelstream |
|
98 | # - channelstream | |
99 | # ports: |
|
99 | # ports: | |
100 | # - "127.0.0.1::10020" |
|
100 | # - "127.0.0.1::10020" | |
101 | extends: |
|
101 | extends: | |
102 | service: rhodecode_base |
|
102 | service: rhodecode_base | |
103 |
|
103 | |||
104 | deploy: |
|
104 | deploy: | |
105 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
105 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
106 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
106 | # replicas of rhodecode and vcsserver should be equal in most cases | |
107 | replicas: 1 |
|
107 | replicas: 1 | |
108 |
|
108 | |||
109 | volumes: |
|
109 | volumes: | |
110 | - ./.custom/static_files:/var/opt/rhodecode_static_data |
|
110 | - ./.custom/static_files:/var/opt/rhodecode_static_data | |
111 |
|
111 | |||
112 | labels: |
|
112 | labels: | |
113 | - "autoheal=true" |
|
113 | - "autoheal=true" | |
114 | - "traefik.enable=true" |
|
114 | - "traefik.enable=true" | |
115 | - "traefik.http.routers.rhodecode.entrypoints=http" |
|
115 | - "traefik.http.routers.rhodecode.entrypoints=http" | |
116 | - "traefik.http.routers.rhodecode.priority=10" |
|
116 | - "traefik.http.routers.rhodecode.priority=10" | |
117 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" |
|
117 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |
118 | - "traefik.http.routers.rhodecode.service=rhodecode-web" |
|
118 | - "traefik.http.routers.rhodecode.service=rhodecode-web" | |
119 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" |
|
119 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" | |
120 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml |
|
120 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml | |
121 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" |
|
121 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" | |
122 |
|
122 | |||
123 | vcsserver: |
|
123 | vcsserver: | |
124 | # depends_on: |
|
124 | # depends_on: | |
125 | # - redis |
|
125 | # - redis | |
126 | # ports: |
|
126 | # ports: | |
127 | # - "127.0.0.1::10010" |
|
127 | # - "127.0.0.1::10010" | |
128 | extends: |
|
128 | extends: | |
129 | service: common_base |
|
129 | service: common_base | |
130 | env_file: |
|
130 | env_file: | |
131 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
131 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
132 | command: [ |
|
132 | command: [ | |
133 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", |
|
133 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", | |
134 | "--error-logfile=-", |
|
134 | "--error-logfile=-", | |
135 | "--paster=/etc/rhodecode/conf/vcsserver.ini", |
|
135 | "--paster=/etc/rhodecode/conf/vcsserver.ini", | |
136 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" |
|
136 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" | |
137 | ] |
|
137 | ] | |
138 | deploy: |
|
138 | deploy: | |
139 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
139 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
140 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
140 | # replicas of rhodecode and vcsserver should be equal in most cases | |
141 | replicas: 1 |
|
141 | replicas: 1 | |
142 | environment: |
|
142 | environment: | |
143 | RC_APP_TYPE: rhodecode_vcsserver |
|
143 | RC_APP_TYPE: rhodecode_vcsserver | |
144 | RC_APP_PROC: 1 |
|
144 | RC_APP_PROC: 1 | |
145 | RC_APP_PORT: "10010" |
|
145 | RC_APP_PORT: "10010" | |
146 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini |
|
146 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini | |
147 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
147 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
148 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
148 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
149 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
149 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
150 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" |
|
150 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" | |
151 |
|
151 | |||
152 | healthcheck: |
|
152 | healthcheck: | |
153 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status |
|
153 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status | |
154 | timeout: 30s |
|
154 | timeout: 30s | |
155 | start_period: 5s |
|
155 | start_period: 5s | |
156 | interval: 60s |
|
156 | interval: 60s | |
157 | retries: 10 |
|
157 | retries: 10 | |
158 | labels: |
|
158 | labels: | |
159 | - "autoheal=true" |
|
159 | - "autoheal=true" | |
160 |
|
160 | |||
161 | celery: |
|
161 | celery: | |
162 | extends: |
|
162 | extends: | |
163 | service: common_base |
|
163 | service: common_base | |
164 | # depends_on: |
|
164 | # depends_on: | |
165 | # - database |
|
165 | # - database | |
166 | # - redis |
|
166 | # - redis | |
167 | env_file: |
|
167 | env_file: | |
168 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
168 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
169 | command: [ |
|
169 | command: [ | |
170 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
170 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
171 | "--no-color", |
|
171 | "--no-color", | |
172 | "--app=rhodecode.lib.celerylib.loader", |
|
172 | "--app=rhodecode.lib.celerylib.loader", | |
173 | "worker", |
|
173 | "worker", | |
174 | "--autoscale=20,2", |
|
174 | "--autoscale=20,2", | |
175 | "--task-events", |
|
175 | "--task-events", | |
176 | "--loglevel=DEBUG", |
|
176 | "--loglevel=DEBUG", | |
177 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
177 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
178 | ] |
|
178 | ] | |
179 | deploy: |
|
179 | deploy: | |
180 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
180 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
181 | replicas: 1 |
|
181 | replicas: 1 | |
182 | environment: |
|
182 | environment: | |
183 | RC_APP_TYPE: rhodecode_celery |
|
183 | RC_APP_TYPE: rhodecode_celery | |
184 | RC_APP_PROC: 1 |
|
184 | RC_APP_PROC: 1 | |
185 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
185 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
186 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
186 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
187 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
187 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
188 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
188 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
189 | labels: |
|
189 | labels: | |
190 | - "autoheal=true" |
|
190 | - "autoheal=true" | |
191 |
|
191 | |||
192 | celery-beat: |
|
192 | celery-beat: | |
193 | extends: |
|
193 | extends: | |
194 | service: common_base |
|
194 | service: common_base | |
195 | # depends_on: |
|
195 | # depends_on: | |
196 | # - database |
|
196 | # - database | |
197 | # - redis |
|
197 | # - redis | |
198 | env_file: |
|
198 | env_file: | |
199 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
199 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
200 | command: [ |
|
200 | command: [ | |
201 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
201 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
202 | "--no-color", |
|
202 | "--no-color", | |
203 | "--app=rhodecode.lib.celerylib.loader", |
|
203 | "--app=rhodecode.lib.celerylib.loader", | |
204 | "beat", |
|
204 | "beat", | |
205 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", |
|
205 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", | |
206 | "--loglevel=DEBUG", |
|
206 | "--loglevel=DEBUG", | |
207 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
207 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
208 | ] |
|
208 | ] | |
209 | deploy: |
|
209 | deploy: | |
210 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
210 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
211 | replicas: 1 |
|
211 | replicas: 1 | |
212 | environment: |
|
212 | environment: | |
213 | RC_APP_TYPE: rhodecode_beat |
|
213 | RC_APP_TYPE: rhodecode_beat | |
214 | RC_APP_PROC: 1 |
|
214 | RC_APP_PROC: 1 | |
215 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
215 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
216 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
216 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
217 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
217 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
218 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
218 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
219 | labels: |
|
219 | labels: | |
220 | - "autoheal=true" |
|
220 | - "autoheal=true" | |
221 |
|
221 | |||
222 | svn: |
|
222 | svn: | |
223 | extends: |
|
223 | extends: | |
224 | service: common_base |
|
224 | service: common_base | |
225 | # depends_on: |
|
225 | # depends_on: | |
226 | # - database |
|
226 | # - database | |
227 | # - redis |
|
227 | # - redis | |
228 |
|
228 | |||
229 | # build: |
|
229 | # build: | |
230 | # context: . |
|
230 | # context: . | |
231 | # dockerfile: service/svn/rhodecode_svn.dockerfile |
|
231 | # dockerfile: service/svn/rhodecode_svn.dockerfile | |
232 | # args: |
|
232 | # args: | |
233 | # APACHE_VER: 1.3 |
|
233 | # APACHE_VER: 1.3 | |
234 |
|
234 | |||
235 | env_file: |
|
235 | env_file: | |
236 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
236 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
237 | command: [ |
|
237 | command: [ | |
238 |
" |
|
238 | "httpd", | |
239 | "-D", |
|
239 | "-D", | |
240 | "FOREGROUND" |
|
240 | "FOREGROUND" | |
241 | ] |
|
241 | ] | |
242 | deploy: |
|
242 | deploy: | |
243 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
243 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
244 | replicas: 1 |
|
244 | replicas: 1 | |
245 | environment: |
|
245 | environment: | |
246 | RC_APP_TYPE: rhodecode_svn |
|
246 | RC_APP_TYPE: rhodecode_svn | |
247 |
|
247 | |||
248 | # SVN Specific |
|
248 | # SVN Specific | |
249 | MOD_DAV_SVN_PORT: 8090 |
|
249 | MOD_DAV_SVN_PORT: 8090 | |
250 | APACHE_LOG_DIR: /var/log |
|
250 | APACHE_LOG_DIR: /var/log | |
251 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
251 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
252 | MOD_DAV_CORE_MODULES_DIR: /usr/lib/apache2/modules |
|
252 | MOD_DAV_CORE_MODULES_DIR: /usr/lib/apache2/modules | |
253 | MOD_DAV_SVN_MODULE: /usr/lib/apache2/modules/mod_dav_svn.so |
|
253 | MOD_DAV_SVN_MODULE: /usr/lib/apache2/modules/mod_dav_svn.so | |
254 |
|
254 | |||
255 | healthcheck: |
|
255 | healthcheck: | |
256 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status |
|
256 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status | |
257 | timeout: 30s |
|
257 | timeout: 30s | |
258 | interval: 60s |
|
258 | interval: 60s | |
259 | retries: 10 |
|
259 | retries: 10 | |
260 | # ports: |
|
260 | # ports: | |
261 | # - "127.0.0.1::8090" |
|
261 | # - "127.0.0.1::8090" | |
262 | labels: |
|
262 | labels: | |
263 | - "autoheal=true" |
|
263 | - "autoheal=true" | |
264 |
|
264 | |||
265 | sshd: |
|
265 | sshd: | |
266 | extends: |
|
266 | extends: | |
267 | service: common_base |
|
267 | service: common_base | |
268 | # depends_on: |
|
268 | # depends_on: | |
269 | # - database |
|
269 | # - database | |
270 | # - redis |
|
270 | # - redis | |
271 | env_file: |
|
271 | env_file: | |
272 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
272 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
273 | command: [ |
|
273 | command: [ | |
274 | "/usr/sbin/sshd", |
|
274 | "/usr/sbin/sshd", | |
275 | "-f", |
|
275 | "-f", | |
276 | "/etc/rhodecode/sshd_config", |
|
276 | "/etc/rhodecode/sshd_config", | |
277 | "-D", |
|
277 | "-D", | |
278 | "-e" |
|
278 | "-e" | |
279 | ] |
|
279 | ] | |
280 | deploy: |
|
280 | deploy: | |
281 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
281 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
282 | replicas: 1 |
|
282 | replicas: 1 | |
283 | environment: |
|
283 | environment: | |
284 | RC_APP_TYPE: rhodecode_sshd |
|
284 | RC_APP_TYPE: rhodecode_sshd | |
285 | SSH_BOOTSTRAP: 1 |
|
285 | SSH_BOOTSTRAP: 1 | |
286 | SSH_ENSURE_PERMS: 1 |
|
286 | SSH_ENSURE_PERMS: 1 | |
287 | healthcheck: |
|
287 | healthcheck: | |
288 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused |
|
288 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused | |
289 | test: /usr/bin/ssh -p22 -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null |
|
289 | test: /usr/bin/ssh -p22 -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null | |
290 | timeout: 30s |
|
290 | timeout: 30s | |
291 | interval: 60s |
|
291 | interval: 60s | |
292 | retries: 10 |
|
292 | retries: 10 | |
293 | # ports: |
|
293 | # ports: | |
294 | # # 9022 is set from .env file too. |
|
294 | # # 9022 is set from .env file too. | |
295 | # - "9022:22" |
|
295 | # - "9022:22" | |
296 | labels: |
|
296 | labels: | |
297 | - "autoheal=true" |
|
297 | - "autoheal=true" | |
298 | - "traefik.enable=true" |
|
298 | - "traefik.enable=true" | |
299 | - "traefik.tcp.routers.sshd.entrypoints=ssh" |
|
299 | - "traefik.tcp.routers.sshd.entrypoints=ssh" | |
300 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" |
|
300 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" | |
301 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" |
|
301 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" | |
302 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=22" |
|
302 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=22" |
General Comments 0
You need to be logged in to leave comments.
Login now