##// END OF EJS Templates
rhodecode-enterprise-docker
RSS
stack: enable auth for loki as it needs public exposure...
super-admin -
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,5 b''
1 # basic auth for traefik middleware.
2 # format here is <user>:<bcrypt_password>
3 # to generate bcrypt password one can use
4 # curl --verbose --request POST --data "password=XlokiAuth101&cost=10" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
5 loki-auth:$2b$10$U8Cui8cO9ZXehYV.7atv8uPuA6rBVrA.Mxzvt8EsdheztkyXZagv6
Show file before | Show file after | Hide comments
@@ -1,42 +1,45 b''
1 ## Static configuration, needs traefik reload
1 ## Static configuration, needs traefik reload
2
2
3 entryPoints:
3 entryPoints:
4 http:
4 http:
5 address: ":80"
5 address: ":80"
6
6
7 https:
7 https:
8 address: ":443"
8 address: ":443"
9
9
10 ssh:
10 ssh:
11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
12
12
13 loki:
14 address: ":3100"
15
13 traefik:
16 traefik:
14 address: ":7000"
17 address: ":7000"
15
18
16 api:
19 api:
17 dashboard: false
20 dashboard: false
18 insecure: false # change to true to expose dashboard
21 insecure: false # change to true to expose dashboard
19
22
20 accessLog: {}
23 accessLog: {}
21
24
22 log:
25 log:
23 # DEBUG / INFO
26 # DEBUG / INFO
24 level: INFO
27 level: INFO
25
28
26 metrics:
29 metrics:
27 prometheus: {}
30 prometheus: {}
28
31
29
32
30 providers:
33 providers:
31 docker:
34 docker:
32 exposedByDefault: false
35 exposedByDefault: false
33 swarmMode: false
36 swarmMode: false
34
37
35 file:
38 file:
36 filename: "/etc/traefik/traefik_dynamic.yaml"
39 filename: "/etc/traefik/traefik_dynamic.yaml"
37 watch: true
40 watch: true
38
41
39
42
40 serversTransport:
43 serversTransport:
41 #this disables SSL certificate verification for legacy own cert services like NextCloud etc
44 #this disables SSL certificate verification for legacy own cert services like NextCloud etc
42 insecureSkipVerify: true
45 insecureSkipVerify: true
Show file before | Show file after | Hide comments
@@ -1,24 +1,28 b''
1
1
2 ## Setting up the middleware for redirect to https ##
2 ## Setting up the middleware for redirect to https ##
3 http:
3 http:
4
4
5 middlewares:
5 middlewares:
6
6
7 https-redirect:
7 https-redirect:
8 redirectScheme:
8 redirectScheme:
9 scheme: https
9 scheme: https
10 # permanent: true
10 # permanent: true
11
11
12 middlewares-rate-limit:
12 middlewares-rate-limit:
13 rateLimit:
13 rateLimit:
14 average: 100
14 average: 100
15 burst: 50
15 burst: 50
16
16
17 basic-auth:
18 basicAuth:
19 usersfile: /etc/traefik/.htpasswd
20
17 # Dynamic configuration for standard file based SSL cert
21 # Dynamic configuration for standard file based SSL cert
18 # create a custom copy of the traefik into .custom/ and remount this
22 # create a custom copy of the traefik into .custom/ and remount this
19 # to enable custom certificates
23 # to enable custom certificates
20 #tls:
24 #tls:
21 # certificates:
25 # certificates:
22 # # first certificate
26 # # first certificate
23 # - certFile: /etc/traefik/certs/rhodecode-com.cert
27 # - certFile: /etc/traefik/certs/rhodecode-com.cert
24 # keyFile: /etc/traefik/certs/rhodecode-com.key
28 # keyFile: /etc/traefik/certs/rhodecode-com.key
Show file before | Show file after | Hide comments
@@ -1,336 +1,336 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 x-logging: &custom-logging
3 x-logging: &custom-logging
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
13
13
14
14
15 services:
15 services:
16
16
17 rhodecode:
17 rhodecode:
18 networks:
18 networks:
19 - rhodecode_network
19 - rhodecode_network
20 extra_hosts:
20 extra_hosts:
21 - "host.docker.internal:host-gateway"
21 - "host.docker.internal:host-gateway"
22 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
22 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
23 stdin_open: true
23 stdin_open: true
24 tty: true
24 tty: true
25 restart: always
25 restart: always
26 env_file:
26 env_file:
27 - ${RC_ENV_FILE:?must-specify-rc-env-file}
27 - ${RC_ENV_FILE:?must-specify-rc-env-file}
28 command: [
28 command: [
29 "/usr/local/bin/rhodecode_bin/bin/gunicorn",
29 "/usr/local/bin/rhodecode_bin/bin/gunicorn",
30 "--name=gunicorn-rhodecode-1",
30 "--name=gunicorn-rhodecode-1",
31 "--error-logfile=-",
31 "--error-logfile=-",
32 "--paster=/etc/rhodecode/conf/rhodecode.ini",
32 "--paster=/etc/rhodecode/conf/rhodecode.ini",
33 "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py"
33 "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py"
34 ]
34 ]
35 deploy:
35 deploy:
36 # override this in .custom/docker-compose-apps.override.yaml to scale up
36 # override this in .custom/docker-compose-apps.override.yaml to scale up
37 replicas: 1
37 replicas: 1
38
38
39 # ports:
39 # ports:
40 # - "127.0.0.1::10020"
40 # - "127.0.0.1::10020"
41
41
42 build:
42 build:
43 context: .
43 context: .
44 dockerfile: service/rhodecode/rhodecode.dockerfile
44 dockerfile: service/rhodecode/rhodecode.dockerfile
45 args:
45 args:
46 TZ: ${TZ}
46 TZ: ${TZ}
47 RHODECODE_VERSION: ${RC_VERSION:-4.28.0}
47 RHODECODE_VERSION: ${RC_VERSION:-4.28.0}
48 RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name}
48 RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name}
49 RHODECODE_USER_NAME: ${RHODECODE_USER_NAME}
49 RHODECODE_USER_NAME: ${RHODECODE_USER_NAME}
50 RHODECODE_USER_PASS: ${RHODECODE_USER_PASS}
50 RHODECODE_USER_PASS: ${RHODECODE_USER_PASS}
51 RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL}
51 RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL}
52
52
53 environment:
53 environment:
54 RC_APP_TYPE: rhodecode_http
54 RC_APP_TYPE: rhodecode_http
55 RC_APP_PROC: 1
55 RC_APP_PROC: 1
56 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
56 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
57 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
57 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
58 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
58 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
59 GEVENT_RESOLVER: "ares"
59 GEVENT_RESOLVER: "ares"
60
60
61 DB_UPGRADE: 1 # run the DB upgrade
61 DB_UPGRADE: 1 # run the DB upgrade
62 SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run
62 SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run
63 #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB
63 #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB
64 #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application
64 #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application
65 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
65 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
66
66
67 # SVN Specific
67 # SVN Specific
68 MOD_DAV_SVN_PORT: 8090
68 MOD_DAV_SVN_PORT: 8090
69 APACHE_LOG_DIR: /var/log/rhodecode/svn
69 APACHE_LOG_DIR: /var/log/rhodecode/svn
70 MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf
70 MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf
71
71
72 healthcheck:
72 healthcheck:
73 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ]
73 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ]
74 timeout: 30s
74 timeout: 30s
75 interval: 60s
75 interval: 60s
76 retries: 10
76 retries: 10
77
77
78 # depends_on:
78 # depends_on:
79 # - database
79 # - database
80 # - redis
80 # - redis
81 # - channelstream
81 # - channelstream
82
82
83 volumes:
83 volumes:
84 - confvolume:/etc/rhodecode/conf
84 - confvolume:/etc/rhodecode/conf
85 - logvolume:/var/log/rhodecode
85 - logvolume:/var/log/rhodecode
86 - rc_reposvolume:/var/opt/rhodecode_repo_store
86 - rc_reposvolume:/var/opt/rhodecode_repo_store
87 - rc_datavolume:/var/opt/rhodecode_data
87 - rc_datavolume:/var/opt/rhodecode_data
88
88
89 tmpfs:
89 tmpfs:
90 - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:?specify-RC_DATA_RAMDISK_SIZE-env-var}
90 - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:?specify-RC_DATA_RAMDISK_SIZE-env-var}
91
91
92 logging:
92 logging:
93 *custom-logging
93 *custom-logging
94
94
95 labels:
95 labels:
96 - "traefik.enable=true"
96 - "traefik.enable=true"
97 - "traefik.http.routers.rhodecode.entrypoints=http"
97 - "traefik.http.routers.rhodecode.entrypoints=http"
98 - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
98 - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
99 - "traefik.http.routers.rhodecode.service=rhodecode-web"
99 - "traefik.http.routers.rhodecode.service=rhodecode-web"
100 - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020"
100 - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020"
101 # SSL + proxy prefix example, should be put into .custom/docker-compose-apps.override.yaml
101 # SSL + proxy prefix example, should be put into .custom/docker-compose-apps.override.yaml
102 #- "traefik.http.routers.rhodecode-rt.entrypoints=https"
102 #- "traefik.http.routers.rhodecode-rt.entrypoints=https"
103 #- "traefik.http.routers.rhodecode-rt.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
103 #- "traefik.http.routers.rhodecode-rt.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
104 #- "traefik.http.routers.rhodecode-rt.tls=true"
104 #- "traefik.http.routers.rhodecode-rt.tls=true"
105 #- "traefik.http.routers.rhodecode-rt.service=rhodecode-ssl"
105 #- "traefik.http.routers.rhodecode-rt.service=rhodecode-ssl"
106 #- "traefik.http.services.rhodecode-ssl.loadbalancer.server.port=10020"
106 #- "traefik.http.services.rhodecode-ssl.loadbalancer.server.port=10020"
107
107
108 vcsserver:
108 vcsserver:
109 networks:
109 networks:
110 - rhodecode_network
110 - rhodecode_network
111 extra_hosts:
111 extra_hosts:
112 - "host.docker.internal:host-gateway"
112 - "host.docker.internal:host-gateway"
113 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
113 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
114
114
115 stdin_open: true
115 stdin_open: true
116 tty: true
116 tty: true
117 restart: always
117 restart: always
118 env_file:
118 env_file:
119 - ${RC_ENV_FILE:?must-specify-rc-env-file}
119 - ${RC_ENV_FILE:?must-specify-rc-env-file}
120 command: [
120 command: [
121 "/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn",
121 "/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn",
122 "--name=gunicorn-vcsserver-1",
122 "--name=gunicorn-vcsserver-1",
123 "--error-logfile=-",
123 "--error-logfile=-",
124 "--paster=/etc/rhodecode/conf/vcsserver.ini",
124 "--paster=/etc/rhodecode/conf/vcsserver.ini",
125 "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py"
125 "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py"
126 ]
126 ]
127 deploy:
127 deploy:
128 # override this in .custom/docker-compose-apps.override.yaml to scale up
128 # override this in .custom/docker-compose-apps.override.yaml to scale up
129 replicas: 1
129 replicas: 1
130
130
131 # ports:
131 # ports:
132 # - "127.0.0.1::10010"
132 # - "127.0.0.1::10010"
133
133
134 healthcheck:
134 healthcheck:
135 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ]
135 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ]
136 timeout: 30s
136 timeout: 30s
137 interval: 60s
137 interval: 60s
138 retries: 10
138 retries: 10
139
139
140 environment:
140 environment:
141 RC_APP_TYPE: rhodecode_vcsserver
141 RC_APP_TYPE: rhodecode_vcsserver
142 RC_APP_PROC: 1
142 RC_APP_PROC: 1
143 MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini
143 MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini
144 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
144 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
145 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
145 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
146 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
146 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
147
147
148 # depends_on:
148 # depends_on:
149 # - redis
149 # - redis
150
150
151 volumes:
151 volumes:
152 - confvolume:/etc/rhodecode/conf
152 - confvolume:/etc/rhodecode/conf
153 - logvolume:/var/log/rhodecode
153 - logvolume:/var/log/rhodecode
154 - rc_reposvolume:/var/opt/rhodecode_repo_store
154 - rc_reposvolume:/var/opt/rhodecode_repo_store
155 - rc_datavolume:/var/opt/rhodecode_data
155 - rc_datavolume:/var/opt/rhodecode_data
156
156
157 logging:
157 logging:
158 *custom-logging
158 *custom-logging
159
159
160 celery:
160 celery:
161 networks:
161 networks:
162 - rhodecode_network
162 - rhodecode_network
163 extra_hosts:
163 extra_hosts:
164 - "host.docker.internal:host-gateway"
164 - "host.docker.internal:host-gateway"
165 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
165 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
166
166
167 stdin_open: true
167 stdin_open: true
168 tty: true
168 tty: true
169 restart: always
169 restart: always
170 env_file:
170 env_file:
171 - ${RC_ENV_FILE:?must-specify-rc-env-file}
171 - ${RC_ENV_FILE:?must-specify-rc-env-file}
172 command: [
172 command: [
173 "/usr/local/bin/rhodecode_bin/bin/celery",
173 "/usr/local/bin/rhodecode_bin/bin/celery",
174 "worker",
174 "worker",
175 "--task-events",
175 "--task-events",
176 "--autoscale=10,2",
176 "--autoscale=10,2",
177 "--no-color",
177 "--no-color",
178 "--app=rhodecode.lib.celerylib.loader",
178 "--app=rhodecode.lib.celerylib.loader",
179 "--loglevel=DEBUG",
179 "--loglevel=DEBUG",
180 "--ini=/etc/rhodecode/conf/rhodecode.ini"
180 "--ini=/etc/rhodecode/conf/rhodecode.ini"
181 ]
181 ]
182
182
183 environment:
183 environment:
184 RC_APP_TYPE: rhodecode_celery
184 RC_APP_TYPE: rhodecode_celery
185 RC_APP_PROC: 1
185 RC_APP_PROC: 1
186 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
186 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
187 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
187 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
188 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
188 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
189 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
189 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
190
190
191 # depends_on:
191 # depends_on:
192 # - database
192 # - database
193 # - redis
193 # - redis
194
194
195 volumes:
195 volumes:
196 - confvolume:/etc/rhodecode/conf
196 - confvolume:/etc/rhodecode/conf
197 - logvolume:/var/log/rhodecode
197 - logvolume:/var/log/rhodecode
198 - rc_reposvolume:/var/opt/rhodecode_repo_store
198 - rc_reposvolume:/var/opt/rhodecode_repo_store
199 - rc_datavolume:/var/opt/rhodecode_data
199 - rc_datavolume:/var/opt/rhodecode_data
200
200
201 logging:
201 logging:
202 *custom-logging
202 *custom-logging
203
203
204 labels:
204 labels:
205 - "traefik.enable=false"
205 - "traefik.enable=false"
206
206
207 celery-beat:
207 celery-beat:
208 # This service is not scalable
208 # This service is not scalable
209 networks:
209 networks:
210 - rhodecode_network
210 - rhodecode_network
211 extra_hosts:
211 extra_hosts:
212 - "host.docker.internal:host-gateway"
212 - "host.docker.internal:host-gateway"
213 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
213 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
214
214
215 stdin_open: true
215 stdin_open: true
216 tty: true
216 tty: true
217 restart: always
217 restart: always
218 env_file:
218 env_file:
219 - ${RC_ENV_FILE:?must-specify-rc-env-file}
219 - ${RC_ENV_FILE:?must-specify-rc-env-file}
220 command: [
220 command: [
221 "/usr/local/bin/rhodecode_bin/bin/celery",
221 "/usr/local/bin/rhodecode_bin/bin/celery",
222 "beat",
222 "beat",
223 "--no-color",
223 "--no-color",
224 "--app=rhodecode.lib.celerylib.loader",
224 "--app=rhodecode.lib.celerylib.loader",
225 "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler",
225 "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler",
226 "--loglevel=DEBUG",
226 "--loglevel=DEBUG",
227 "--ini=/etc/rhodecode/conf/rhodecode.ini"
227 "--ini=/etc/rhodecode/conf/rhodecode.ini"
228 ]
228 ]
229
229
230 environment:
230 environment:
231 RC_APP_TYPE: rhodecode_beat
231 RC_APP_TYPE: rhodecode_beat
232 RC_APP_PROC: 1
232 RC_APP_PROC: 1
233 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
233 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini
234 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
234 SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt"
235 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
235 REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt"
236 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
236 GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt"
237
237
238 # depends_on:
238 # depends_on:
239 # - database
239 # - database
240 # - redis
240 # - redis
241
241
242 volumes:
242 volumes:
243 - confvolume:/etc/rhodecode/conf
243 - confvolume:/etc/rhodecode/conf
244 - logvolume:/var/log/rhodecode
244 - logvolume:/var/log/rhodecode
245 - rc_reposvolume:/var/opt/rhodecode_repo_store
245 - rc_reposvolume:/var/opt/rhodecode_repo_store
246 - rc_datavolume:/var/opt/rhodecode_data
246 - rc_datavolume:/var/opt/rhodecode_data
247
247
248 logging:
248 logging:
249 *custom-logging
249 *custom-logging
250
250
251 labels:
251 labels:
252 - "traefik.enable=false"
252 - "traefik.enable=false"
253
253
254 svn:
254 svn:
255 networks:
255 networks:
256 - rhodecode_network
256 - rhodecode_network
257 extra_hosts:
257 extra_hosts:
258 - "host.docker.internal:host-gateway"
258 - "host.docker.internal:host-gateway"
259 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
259 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
260
260
261 # build:
261 # build:
262 # context: .
262 # context: .
263 # dockerfile: service/svn/rhodecode_svn.dockerfile
263 # dockerfile: service/svn/rhodecode_svn.dockerfile
264 # args:
264 # args:
265 # APACHE_VER: 1.3
265 # APACHE_VER: 1.3
266
266
267 stdin_open: true
267 stdin_open: true
268 tty: true
268 tty: true
269 restart: always
269 restart: always
270 env_file:
270 env_file:
271 - ${RC_ENV_FILE:?must-specify-rc-env-file}
271 - ${RC_ENV_FILE:?must-specify-rc-env-file}
272 command: ["apachectl", "-D", "FOREGROUND"]
272 command: ["apachectl", "-D", "FOREGROUND"]
273
273
274 environment:
274 environment:
275 RC_APP_TYPE: rhodecode_svn
275 RC_APP_TYPE: rhodecode_svn
276
276
277 # SVN Specific
277 # SVN Specific
278 MOD_DAV_SVN_PORT: 8090
278 MOD_DAV_SVN_PORT: 8090
279 APACHE_LOG_DIR: /var/log/rhodecode/svn
279 APACHE_LOG_DIR: /var/log/rhodecode/svn
280 MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf
280 MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf
281
281
282 # ports:
282 # ports:
283 # - "127.0.0.1::8090"
283 # - "127.0.0.1::8090"
284
284
285 healthcheck:
285 healthcheck:
286 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ]
286 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ]
287 timeout: 30s
287 timeout: 30s
288 interval: 60s
288 interval: 60s
289 retries: 10
289 retries: 10
290
290
291 volumes:
291 volumes:
292 - confvolume:/etc/rhodecode/conf
292 - confvolume:/etc/rhodecode/conf
293 - logvolume:/var/log/rhodecode
293 - logvolume:/var/log/rhodecode
294 - rc_reposvolume:/var/opt/rhodecode_repo_store
294 - rc_reposvolume:/var/opt/rhodecode_repo_store
295 - rc_datavolume:/var/opt/rhodecode_data
295 - rc_datavolume:/var/opt/rhodecode_data
296
296
297 logging:
297 logging:
298 *custom-logging
298 *custom-logging
299
299
300 sshd:
300 sshd:
301 networks:
301 networks:
302 - rhodecode_network
302 - rhodecode_network
303 extra_hosts:
303 extra_hosts:
304 - "host.docker.internal:host-gateway"
304 - "host.docker.internal:host-gateway"
305 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
305 image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0}
306
306
307 stdin_open: true
307 stdin_open: true
308 tty: true
308 tty: true
309 restart: always
309 restart: always
310 env_file:
310 env_file:
311 - ${RC_ENV_FILE:?must-specify-rc-env-file}
311 - ${RC_ENV_FILE:?must-specify-rc-env-file}
312 command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"]
312 command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"]
313
313
314 environment:
314 environment:
315 RC_APP_TYPE: rhodecode_sshd
315 RC_APP_TYPE: rhodecode_sshd
316 SSH_BOOTSTRAP: 1
316 SSH_BOOTSTRAP: 1
317
317
318 # ports:
318 # ports:
319 # # set from .env file
319 # # set from .env file
320 # - "${RC_SSH_PORT:?must-specify-ssh-port}:22"
320 # - "${RC_SSH_PORT:?must-specify-ssh-port}:22"
321
321
322 volumes:
322 volumes:
323 - confvolume:/etc/rhodecode/conf
323 - confvolume:/etc/rhodecode/conf
324 - logvolume:/var/log/rhodecode
324 - logvolume:/var/log/rhodecode
325 - rc_reposvolume:/var/opt/rhodecode_repo_store
325 - rc_reposvolume:/var/opt/rhodecode_repo_store
326 - rc_datavolume:/var/opt/rhodecode_data
326 - rc_datavolume:/var/opt/rhodecode_data
327
327
328 logging:
328 logging:
329 *custom-logging
329 *custom-logging
330
330
331 labels:
331 labels:
332 - "traefik.enable=true"
332 - "traefik.enable=true"
333 - "traefik.http.routers.sshd.entrypoints=ssh"
333 - "traefik.http.routers.sshd.entrypoints=ssh"
334 - "traefik.http.routers.sshd.rule=Host(`*`)"
334 - "traefik.http.routers.sshd.rule=Host(`*`)"
335 - "traefik.http.routers.sshd.service=rhodecode-ssh"
335 - "traefik.http.routers.sshd.service=rhodecode-ssh"
336 - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT:?must-specify-ssh-port}"
336 - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT:?must-specify-ssh-port}"
Show file before | Show file after | Hide comments
@@ -1,55 +1,55 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 ## Shared base stuff for all compose files in stack
3 ## Shared base stuff for all compose files in stack
4
4
5 x-logging: &custom-logging
5 x-logging: &custom-logging
6 # Install loki plugin
6 # Install loki plugin
7 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
7 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
8 # NOTE: loki logging driver ONLY works for host type networks...
8 # NOTE: loki logging driver ONLY works for host type networks...
9 # To cleanly uninstall the plugin, disable and remove it
9 # To cleanly uninstall the plugin, disable and remove it
10 # docker plugin disable loki --force && docker plugin rm loki
10 # docker plugin disable loki --force && docker plugin rm loki
11 # debug: sudo journalctl -u docker.service | grep loki
11 # debug: sudo journalctl -u docker.service | grep loki
12 driver: loki
12 driver: loki
13 options:
13 options:
14 #loki-url: "http://loki:3100/loki/api/v1/push"
14 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
15 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
15 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
16 loki-retries: "5"
16 loki-retries: "5"
17 loki-timeout: "1s"
17 loki-timeout: "1s"
18 loki-max-backoff: "800ms"
18 loki-max-backoff: "800ms"
19
19
20 volumes:
20 volumes:
21 # shared logvolume
21 # shared logvolume
22 logvolume:
22 logvolume:
23 driver: local
23 driver: local
24 driver_opts:
24 driver_opts:
25 type: none
25 type: none
26 o: bind
26 o: bind
27 device: $PWD/logs
27 device: $PWD/logs
28
28
29 # bind-mount with configs
29 # bind-mount with configs
30 confvolume:
30 confvolume:
31 driver: local
31 driver: local
32 driver_opts:
32 driver_opts:
33 type: none
33 type: none
34 o: bind
34 o: bind
35 device: $PWD/config/_shared
35 device: $PWD/config/_shared
36
36
37 # SHARED volume for rhodecode caches, archive caches, nginx static,
37 # SHARED volume for rhodecode caches, archive caches, nginx static,
38 # must be run via: docker volume create --name=rc_datavolume
38 # must be run via: docker volume create --name=rc_datavolume
39 rc_datavolume:
39 rc_datavolume:
40 external: true
40 external: true
41
41
42 # volume for RhodeCode repo-store, it's where the repositories will be stored
42 # volume for RhodeCode repo-store, it's where the repositories will be stored
43 # must be run via: docker volume create --name=rc_reposvolume
43 # must be run via: docker volume create --name=rc_reposvolume
44 rc_reposvolume:
44 rc_reposvolume:
45 external: true
45 external: true
46
46
47 networks:
47 networks:
48
48
49 # SHARED network for all containers
49 # SHARED network for all containers
50 # must be run via: docker network create --name=rhodecode_network
50 # must be run via: docker network create --name=rhodecode_network
51 rhodecode_network:
51 rhodecode_network:
52 name: rhodecode_network
52 name: rhodecode_network
53 driver: bridge
53 driver: bridge
54 external: true
54 external: true
55
55
Show file before | Show file after | Hide comments
@@ -1,131 +1,138 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 volumes:
3 volumes:
4
4
5 prometheus_data:
5 prometheus_data:
6 labels:
6 labels:
7 "keep": 1
7 "keep": 1
8
8
9 grafana_data:
9 grafana_data:
10 labels:
10 labels:
11 "keep": 1
11 "keep": 1
12
12
13 services:
13 services:
14
14
15 statsd-exporter:
15 statsd-exporter:
16 image: prom/statsd-exporter:v0.22.8
16 image: prom/statsd-exporter:v0.22.8
17 restart: always
17 restart: always
18 command: [
18 command: [
19 '--statsd.mapping-config=/etc/statsd/statsd.yaml',
19 '--statsd.mapping-config=/etc/statsd/statsd.yaml',
20 '--statsd.listen-udp=:9125',
20 '--statsd.listen-udp=:9125',
21 '--web.listen-address=:9102'
21 '--web.listen-address=:9102'
22 ]
22 ]
23 networks:
23 networks:
24 - rhodecode_network
24 - rhodecode_network
25 # ports:
25 # ports:
26 # - "9125:9125/udp"
26 # - "9125:9125/udp"
27 # - "9102:9102"
27 # - "9102:9102"
28
28
29 volumes:
29 volumes:
30 - ./config/statsd-exporter:/etc/statsd
30 - ./config/statsd-exporter:/etc/statsd
31 labels:
31 labels:
32 - "traefik.enable=false"
32 - "traefik.enable=false"
33 - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125"
33 - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125"
34 - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102"
34 - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102"
35
35
36 node-exporter:
36 node-exporter:
37 image: prom/node-exporter:v1.4.1
37 image: prom/node-exporter:v1.4.1
38 command:
38 command:
39 - "--path.procfs=/host/proc"
39 - "--path.procfs=/host/proc"
40 - "--path.rootfs=/rootfs"
40 - "--path.rootfs=/rootfs"
41 - "--path.sysfs=/host/sys"
41 - "--path.sysfs=/host/sys"
42 - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)"
42 - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)"
43 - "--collector.systemd"
43 - "--collector.systemd"
44 - "--collector.processes"
44 - "--collector.processes"
45 networks:
45 networks:
46 - rhodecode_network
46 - rhodecode_network
47 pid: host
47 pid: host
48 restart: always
48 restart: always
49 # ports:
49 # ports:
50 # - "9100:9100"
50 # - "9100:9100"
51 volumes:
51 volumes:
52 - "/proc:/host/proc:ro"
52 - "/proc:/host/proc:ro"
53 - "/sys:/host/sys:ro"
53 - "/sys:/host/sys:ro"
54 - "/:/rootfs:ro"
54 - "/:/rootfs:ro"
55 labels:
55 labels:
56 - "traefik.enable=false"
56 - "traefik.enable=false"
57 - "traefik.http.services.node-exporter.loadbalancer.server.port=9100"
57 - "traefik.http.services.node-exporter.loadbalancer.server.port=9100"
58
58
59 prometheus:
59 prometheus:
60 image: prom/prometheus:v2.40.6
60 image: prom/prometheus:v2.40.6
61 restart: always
61 restart: always
62 command:
62 command:
63 - "--config.file=/etc/prometheus/prometheus.yml"
63 - "--config.file=/etc/prometheus/prometheus.yml"
64 - "--storage.tsdb.path=/prometheus"
64 - "--storage.tsdb.path=/prometheus"
65 - "--web.console.libraries=/etc/prometheus/console_libraries"
65 - "--web.console.libraries=/etc/prometheus/console_libraries"
66 - "--web.console.templates=/etc/prometheus/consoles"
66 - "--web.console.templates=/etc/prometheus/consoles"
67 - "--storage.tsdb.retention.time=24h"
67 - "--storage.tsdb.retention.time=24h"
68 - "--web.enable-lifecycle"
68 - "--web.enable-lifecycle"
69 # ports:
69 # ports:
70 # - "9090:9090"
70 # - "9090:9090"
71 networks:
71 networks:
72 - rhodecode_network
72 - rhodecode_network
73 volumes:
73 volumes:
74 - ./config/prometheus:/etc/prometheus
74 - ./config/prometheus:/etc/prometheus
75 - prometheus_data:/prometheus
75 - prometheus_data:/prometheus
76 labels:
76 labels:
77 - "traefik.enable=false"
77 - "traefik.enable=false"
78 - "traefik.http.services.prometheus.loadbalancer.server.port=9090"
78 - "traefik.http.services.prometheus.loadbalancer.server.port=9090"
79
79
80 grafana:
80 grafana:
81 image: grafana/grafana:9.3.1
81 image: grafana/grafana:9.3.1
82 restart: always
82 restart: always
83 # ports:
83 # ports:
84 # - "3000:3000"
84 # - "3000:3000"
85 volumes:
85 volumes:
86 - grafana_data:/var/lib/grafana
86 - grafana_data:/var/lib/grafana
87 - ./config/grafana:/etc/grafana
87 - ./config/grafana:/etc/grafana
88 networks:
88 networks:
89 - rhodecode_network
89 - rhodecode_network
90 labels:
90 labels:
91 - "traefik.enable=true"
91 - "traefik.enable=true"
92 - "traefik.http.routers.grafana.entrypoints=http"
92 - "traefik.http.routers.grafana.entrypoints=http"
93 - "traefik.http.routers.grafana.rule=PathPrefix(`/_grafana`)"
93 - "traefik.http.routers.grafana.rule=PathPrefix(`/_grafana`)"
94 - "traefik.http.routers.grafana.service=grafana-http"
94 - "traefik.http.routers.grafana.service=grafana-http"
95 - "traefik.http.services.grafana-http.loadbalancer.server.port=3000"
95 - "traefik.http.services.grafana-http.loadbalancer.server.port=3000"
96 # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml
96 # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml
97 #- "traefik.http.routers.grafana-rt.entrypoints=https"
97 #- "traefik.http.routers.grafana-rt.entrypoints=https"
98 #- "traefik.http.routers.grafana-rt.rule=Host(`metrics.example.com`) && PathPrefix(`/_grafana`)"
98 #- "traefik.http.routers.grafana-rt.rule=Host(`metrics.example.com`) && PathPrefix(`/_grafana`)"
99 #- "traefik.http.routers.grafana-rt.tls=true"
99 #- "traefik.http.routers.grafana-rt.tls=true"
100 #- "traefik.http.routers.grafana-rt.service=grafana-ssl"
100 #- "traefik.http.routers.grafana-rt.service=grafana-ssl"
101 #- "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000"
101 #- "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000"
102
102
103 loki:
103 loki:
104 image: grafana/loki:2.7.1
104 image: grafana/loki:2.7.1
105 restart: always
105 restart: always
106 ports:
106 # ports:
107 # Loki port is the only one that needs explicitly
107 # - "3100:3100"
108 # be exposed because of logging driver host-only woking mode
109 - "3100:3100"
110 # - "9095:9095"
108 # - "9095:9095"
111 command: [
109 command: [
112 "-config.file=/etc/loki/loki-config.yaml"
110 "-config.file=/etc/loki/loki-config.yaml"
113 ]
111 ]
114 networks:
112 networks:
115 - rhodecode_network
113 - rhodecode_network
116 volumes:
114 volumes:
117 - ./config/loki:/etc/loki
115 - ./config/loki:/etc/loki
116 # optionally mount host container to scrape docker logs...
117 # - /var/lib/docker/containers:/var/lib/docker/containers:ro
118 labels:
119 # Loki port is the only one that needs explicitly
120 # be exposed because of logging driver host-only working mode
121 - "traefik.enable=true"
122 - "traefik.http.routers.loki.entrypoints=loki"
123 - "traefik.http.routers.loki.rule=PathPrefix(`/`)"
124 - "traefik.http.routers.loki.middlewares=basic-auth@file"
125 - "traefik.http.routers.loki.service=loki-http"
126 - "traefik.http.services.loki-http.loadbalancer.server.port=3100"
118
127
119 promtail:
128 promtail:
120 image: grafana/promtail:2.7.1
129 image: grafana/promtail:2.7.1
121 command: [
130 command: [
122 "-config.file=/etc/promtail/promtail-config.yaml"
131 "-config.file=/etc/promtail/promtail-config.yaml"
123 ]
132 ]
124 networks:
133 networks:
125 - rhodecode_network
134 - rhodecode_network
126 volumes:
135 volumes:
127 - /var/log:/var/log
136 - /var/log:/var/log
128 - logvolume:/var/log_volume
137 - logvolume:/var/log_volume
129 - ./config/promtail:/etc/promtail
138 - ./config/promtail:/etc/promtail
130 labels:
131 - "traefik.enable=false"
Show file before | Show file after | Hide comments
@@ -1,44 +1,46 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 x-logging: &custom-logging
3 x-logging: &custom-logging
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
13
13
14 ## docker network create -d overlay lb-net
14 ## docker network create -d overlay lb-net
15 services:
15 services:
16
16
17 traefik:
17 traefik:
18
18
19 image: traefik:v2.9.6
19 image: traefik:v2.9.6
20
20
21 ports:
21 ports:
22 # The HTTP port, exposed as http entrypoint
22 # The HTTP port, exposed as http entrypoint
23 - "80:80"
23 - "80:80"
24 # The HTTPS port, exposed as https entrypoint
24 # The HTTPS port, exposed as https entrypoint
25 - "443:443"
25 - "443:443"
26 # The loki port, exposed as http entrypoint behind auth
27 - "3100:3100"
26 # The SSH port
28 # The SSH port
27 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
29 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
28 volumes:
30 volumes:
29 # So that Traefik can listen to the Docker events
31 # So that Traefik can listen to the Docker events
30 - /var/run/docker.sock:/var/run/docker.sock
32 - /var/run/docker.sock:/var/run/docker.sock
31 - ./config/traefik:/etc/traefik
33 - ./config/traefik:/etc/traefik
32 deploy:
34 deploy:
33 placement:
35 placement:
34 constraints:
36 constraints:
35 # limit swarm deploy to MANAGER only
37 # limit swarm deploy to MANAGER only
36 - node.role == manager
38 - node.role == manager
37 networks:
39 networks:
38 - rhodecode_network
40 - rhodecode_network
39
41
40 labels:
42 labels:
41 - "traefik.enable=true"
43 - "traefik.enable=true"
42
44
43 logging:
45 logging:
44 *custom-logging
46 *custom-logging
Show file before | Show file after | Hide comments
@@ -1,248 +1,248 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 x-logging: &custom-logging
3 x-logging: &custom-logging
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
4 # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
13
13
14 volumes:
14 volumes:
15
15
16 # volume for redis data store
16 # volume for redis data store
17 redis_data:
17 redis_data:
18 labels:
18 labels:
19 "keep": 1
19 "keep": 1
20
20
21 # volume for Postgres db store
21 # volume for Postgres db store
22
22
23 # volume for Postgres Data
23 # volume for Postgres Data
24 pg_data:
24 pg_data:
25 labels:
25 labels:
26 "keep": 1
26 "keep": 1
27
27
28 # volume for rhodecode elasticsearch
28 # volume for rhodecode elasticsearch
29 es_data:
29 es_data:
30 labels:
30 labels:
31 "keep": 1
31 "keep": 1
32
32
33
33
34 services:
34 services:
35
35
36 channelstream:
36 channelstream:
37 networks:
37 networks:
38 - rhodecode_network
38 - rhodecode_network
39 image: channelstream/channelstream:0.7.1
39 image: channelstream/channelstream:0.7.1
40
40
41 restart: always
41 restart: always
42
42
43 # ports:
43 # ports:
44 # - "127.0.0.1:9800:9800"
44 # - "127.0.0.1:9800:9800"
45 env_file:
45 env_file:
46 - ${RC_ENV_FILE:?must-specify-rc-env-file}
46 - ${RC_ENV_FILE:?must-specify-rc-env-file}
47 command: ["channelstream"]
47 command: ["channelstream"]
48
48
49 healthcheck:
49 healthcheck:
50 test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ]
50 test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ]
51 timeout: 5s
51 timeout: 5s
52 interval: 60s
52 interval: 60s
53 retries: 10
53 retries: 10
54
54
55 volumes:
55 volumes:
56 - confvolume:/etc/rhodecode/conf
56 - confvolume:/etc/rhodecode/conf
57 - logvolume:/var/log/rhodecode
57 - logvolume:/var/log/rhodecode
58
58
59 logging:
59 logging:
60 *custom-logging
60 *custom-logging
61
61
62 labels:
62 labels:
63 - "traefik.enable=false"
63 - "traefik.enable=false"
64 #- "traefik.http.routers.channelstream.entrypoints=http"
64 #- "traefik.http.routers.channelstream.entrypoints=http"
65 #- "traefik.http.services.channelstream.loadbalancer.server.port=9800"
65 #- "traefik.http.services.channelstream.loadbalancer.server.port=9800"
66
66
67 profiles:
67 profiles:
68 ["channelstream"]
68 ["channelstream"]
69
69
70 nginx:
70 nginx:
71 networks:
71 networks:
72 - rhodecode_network
72 - rhodecode_network
73 image: library/nginx:1.23.3
73 image: library/nginx:1.23.3
74
74
75 restart: always
75 restart: always
76
76
77 environment:
77 environment:
78 NGINX_ENTRYPOINT_QUIET_LOGS: 1
78 NGINX_ENTRYPOINT_QUIET_LOGS: 1
79 env_file:
79 env_file:
80 - ${RC_ENV_FILE:?must-specify-rc-env-file}
80 - ${RC_ENV_FILE:?must-specify-rc-env-file}
81
81
82 healthcheck:
82 healthcheck:
83 # change port 80 to 443 when only using SSL
83 # change port 80 to 443 when only using SSL
84 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:80/_health" ]
84 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:80/_health" ]
85 timeout: 30s
85 timeout: 30s
86 interval: 60s
86 interval: 60s
87 retries: 10
87 retries: 10
88
88
89 # depends_on:
89 # depends_on:
90 # - channelstream
90 # - channelstream
91
91
92 volumes:
92 volumes:
93 - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
93 - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
94 - ./config/nginx/http.conf:/etc/nginx/http.conf:ro
94 - ./config/nginx/http.conf:/etc/nginx/http.conf:ro
95 - ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro
95 - ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro
96 - logvolume:/var/log/rhodecode
96 - logvolume:/var/log/rhodecode
97 - rc_datavolume:/var/opt/rhodecode_data
97 - rc_datavolume:/var/opt/rhodecode_data
98
98
99 logging:
99 logging:
100 *custom-logging
100 *custom-logging
101
101
102 labels:
102 labels:
103 - "traefik.enable=true"
103 - "traefik.enable=true"
104 - "traefik.http.routers.nginx.entrypoints=http"
104 - "traefik.http.routers.nginx.entrypoints=http"
105 - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && ( PathPrefix(`/_health`) || PathPrefix(`/_channelstream`) || PathPrefix(`/_static/rhodecode`) )"
105 - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && ( PathPrefix(`/_health`) || PathPrefix(`/_channelstream`) || PathPrefix(`/_static/rhodecode`) )"
106 - "traefik.http.services.nginx.loadbalancer.server.port=80"
106 - "traefik.http.services.nginx.loadbalancer.server.port=80"
107
107
108 elasticsearch:
108 elasticsearch:
109 networks:
109 networks:
110 - rhodecode_network
110 - rhodecode_network
111 image: elasticsearch:6.8.23
111 image: elasticsearch:6.8.23
112
112
113 environment:
113 environment:
114 - cluster.name=elasticsearch-cluster
114 - cluster.name=elasticsearch-cluster
115 - network.host=0.0.0.0
115 - network.host=0.0.0.0
116 - bootstrap.memory_lock=true
116 - bootstrap.memory_lock=true
117 - discovery.type=single-node
117 - discovery.type=single-node
118 - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
118 - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
119 env_file:
119 env_file:
120 - ${RC_ENV_FILE:?must-specify-rc-env-file}
120 - ${RC_ENV_FILE:?must-specify-rc-env-file}
121 healthcheck:
121 healthcheck:
122 # change port 80 to 443 when only using SSL
122 # change port 80 to 443 when only using SSL
123 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ]
123 test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ]
124 timeout: 30s
124 timeout: 30s
125 interval: 60s
125 interval: 60s
126 retries: 10
126 retries: 10
127
127
128 ulimits:
128 ulimits:
129 memlock:
129 memlock:
130 soft: -1
130 soft: -1
131 hard: -1
131 hard: -1
132
132
133 volumes:
133 volumes:
134 - es_data:/usr/share/elasticsearch/data
134 - es_data:/usr/share/elasticsearch/data
135
135
136 logging:
136 logging:
137 *custom-logging
137 *custom-logging
138
138
139 profiles:
139 profiles:
140 ["elasticsearch"]
140 ["elasticsearch"]
141
141
142 redis:
142 redis:
143 networks:
143 networks:
144 - rhodecode_network
144 - rhodecode_network
145 image: library/redis:7.0.6
145 image: library/redis:7.0.6
146
146
147 restart: always
147 restart: always
148 env_file:
148 env_file:
149 - ${RC_ENV_FILE:?must-specify-rc-env-file}
149 - ${RC_ENV_FILE:?must-specify-rc-env-file}
150 command:
150 command:
151 - "redis-server"
151 - "redis-server"
152 - "/etc/redis/redis.conf"
152 - "/etc/redis/redis.conf"
153 - "--maxmemory-policy allkeys-lru"
153 - "--maxmemory-policy allkeys-lru"
154 - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}"
154 - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}"
155
155
156 # ports:
156 # ports:
157 # - "127.0.0.1::6379"
157 # - "127.0.0.1::6379"
158
158
159 healthcheck:
159 healthcheck:
160 test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]
160 test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]
161 interval: 60s
161 interval: 60s
162
162
163 volumes:
163 volumes:
164 - ./config/redis/redis.conf:/etc/redis/redis.conf:ro
164 - ./config/redis/redis.conf:/etc/redis/redis.conf:ro
165 - logvolume:/var/log/rhodecode
165 - logvolume:/var/log/rhodecode
166 - redis_data:/data
166 - redis_data:/data
167
167
168 profiles:
168 profiles:
169 ["redis"]
169 ["redis"]
170
170
171 logging:
171 logging:
172 *custom-logging
172 *custom-logging
173
173
174 database:
174 database:
175 networks:
175 networks:
176 - rhodecode_network
176 - rhodecode_network
177 image: library/postgres:14.6
177 image: library/postgres:14.6
178
178
179 environment:
179 environment:
180 POSTGRES_DB: ${DB_NAME:?must-specify-db-name}
180 POSTGRES_DB: ${DB_NAME:?must-specify-db-name}
181 POSTGRES_USER: ${DB_USER:?must-specify-db-user}
181 POSTGRES_USER: ${DB_USER:?must-specify-db-user}
182 PGUSER: ${DB_USER:?must-specify-db-user}
182 PGUSER: ${DB_USER:?must-specify-db-user}
183 POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
183 POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
184 POSTGRES_HOST_AUTH_METHOD: md5
184 POSTGRES_HOST_AUTH_METHOD: md5
185 POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5"
185 POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5"
186 env_file:
186 env_file:
187 - ${RC_ENV_FILE:?must-specify-rc-env-file}
187 - ${RC_ENV_FILE:?must-specify-rc-env-file}
188
188
189 restart: always
189 restart: always
190 command:
190 command:
191 - "postgres"
191 - "postgres"
192 - "-c"
192 - "-c"
193 - "log_statement=ddl"
193 - "log_statement=ddl"
194 - "-c"
194 - "-c"
195 - "config_file=/etc/conf.d/pg_customized.conf"
195 - "config_file=/etc/conf.d/pg_customized.conf"
196
196
197 # ports:
197 # ports:
198 # - "127.0.0.1::5432"
198 # - "127.0.0.1::5432"
199
199
200 healthcheck:
200 healthcheck:
201 test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"]
201 test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"]
202 interval: 10s
202 interval: 10s
203 timeout: 5s
203 timeout: 5s
204 retries: 5
204 retries: 5
205
205
206 volumes:
206 volumes:
207 - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro
207 - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro
208 # db dumps reverse mount
208 # db dumps reverse mount
209 - $PWD/.custom/db_dump:/var/rc-data-dump
209 - $PWD/.custom/db_dump:/var/rc-data-dump
210 # save the pg_data volume
210 # save the pg_data volume
211 - pg_data:/var/lib/postgresql/data
211 - pg_data:/var/lib/postgresql/data
212 - logvolume:/var/log/rhodecode
212 - logvolume:/var/log/rhodecode
213
213
214 profiles:
214 profiles:
215 ["postgres"]
215 ["postgres"]
216
216
217 logging:
217 logging:
218 *custom-logging
218 *custom-logging
219
219
220 database-mysql:
220 database-mysql:
221 networks:
221 networks:
222 - rhodecode_network
222 - rhodecode_network
223 image: library/mysql:8.0.31
223 image: library/mysql:8.0.31
224
224
225 environment:
225 environment:
226 MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name}
226 MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name}
227 MYSQL_USER: ${DB_USER:?must-specify-db-user}
227 MYSQL_USER: ${DB_USER:?must-specify-db-user}
228 MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
228 MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
229 MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
229 MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
230 env_file:
230 env_file:
231 - ${RC_ENV_FILE:?must-specify-rc-env-file}
231 - ${RC_ENV_FILE:?must-specify-rc-env-file}
232
232
233 restart: always
233 restart: always
234
234
235 # ports:
235 # ports:
236 # - "127.0.0.1::3306"
236 # - "127.0.0.1::3306"
237
237
238 volumes:
238 volumes:
239 - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro
239 - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro
240 # save the mysql_data volume
240 # save the mysql_data volume
241 - $PWD/mysql_dir:/var/lib/mysql
241 - $PWD/mysql_dir:/var/lib/mysql
242 - logvolume:/var/log/rhodecode
242 - logvolume:/var/log/rhodecode
243
243
244 profiles:
244 profiles:
245 ["mysql"]
245 ["mysql"]
246
246
247 logging:
247 logging:
248 *custom-logging
248 *custom-logging
Show file before | Show file after | Hide comments
@@ -1,33 +1,42 b''
1 version: '3.9'
1 version: '3.9'
2
2
3 services:
3 services:
4
4
5 rhodecode:
5 rhodecode:
6 ports:
6 #ports:
7 - "10020:10020"
7 # # expose port for optional direct port connection
8 # - "10020:10020"
8 environment:
9 environment:
9 DB_UPGRADE: 0 # run the DB upgrade
10 DB_UPGRADE: 0 # run the DB upgrade
10 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11
12
13 #healthcheck:
14 # # disable the healthcheck
15 # test: ['CMD','true']
16
12 deploy:
17 deploy:
13 replicas: 1
18 replicas: 1
14
19
15 vcsserver:
20 vcsserver:
16
21
17 environment:
22 environment:
18 {}
23 {}
19
24
20 deploy:
25 deploy:
21 replicas: 1
26 replicas: 1
22
27
28 #healthcheck:
29 # # disable the healthcheck
30 # test: ['CMD','true']
31
23 sshd:
32 sshd:
24 {}
33 {}
25
34
26 svn:
35 svn:
27 {}
36 {}
28
37
29 celery-beat:
38 celery-beat:
30 {}
39 {}
31
40
32 celery:
41 celery:
33 {}
42 {}
General Comments 0
You need to be logged in to leave comments. Login now