Show More
@@ -0,0 +1,5 b'' | |||||
|
1 | # basic auth for traefik middleware. | |||
|
2 | # format here is <user>:<bcrypt_password> | |||
|
3 | # to generate bcrypt password one can use | |||
|
4 | # curl --verbose --request POST --data "password=XlokiAuth101&cost=10" https://www.toptal.com/developers/bcrypt/api/generate-hash.json | |||
|
5 | loki-auth:$2b$10$U8Cui8cO9ZXehYV.7atv8uPuA6rBVrA.Mxzvt8EsdheztkyXZagv6 |
@@ -1,42 +1,45 b'' | |||||
1 | ## Static configuration, needs traefik reload |
|
1 | ## Static configuration, needs traefik reload | |
2 |
|
2 | |||
3 | entryPoints: |
|
3 | entryPoints: | |
4 | http: |
|
4 | http: | |
5 | address: ":80" |
|
5 | address: ":80" | |
6 |
|
6 | |||
7 | https: |
|
7 | https: | |
8 | address: ":443" |
|
8 | address: ":443" | |
9 |
|
9 | |||
10 | ssh: |
|
10 | ssh: | |
11 | address: ":${RC_SSH_PORT:?must-specify-ssh-port}" |
|
11 | address: ":${RC_SSH_PORT:?must-specify-ssh-port}" | |
12 |
|
12 | |||
|
13 | loki: | |||
|
14 | address: ":3100" | |||
|
15 | ||||
13 | traefik: |
|
16 | traefik: | |
14 | address: ":7000" |
|
17 | address: ":7000" | |
15 |
|
18 | |||
16 | api: |
|
19 | api: | |
17 | dashboard: false |
|
20 | dashboard: false | |
18 | insecure: false # change to true to expose dashboard |
|
21 | insecure: false # change to true to expose dashboard | |
19 |
|
22 | |||
20 | accessLog: {} |
|
23 | accessLog: {} | |
21 |
|
24 | |||
22 | log: |
|
25 | log: | |
23 | # DEBUG / INFO |
|
26 | # DEBUG / INFO | |
24 | level: INFO |
|
27 | level: INFO | |
25 |
|
28 | |||
26 | metrics: |
|
29 | metrics: | |
27 | prometheus: {} |
|
30 | prometheus: {} | |
28 |
|
31 | |||
29 |
|
32 | |||
30 | providers: |
|
33 | providers: | |
31 | docker: |
|
34 | docker: | |
32 | exposedByDefault: false |
|
35 | exposedByDefault: false | |
33 | swarmMode: false |
|
36 | swarmMode: false | |
34 |
|
37 | |||
35 | file: |
|
38 | file: | |
36 | filename: "/etc/traefik/traefik_dynamic.yaml" |
|
39 | filename: "/etc/traefik/traefik_dynamic.yaml" | |
37 | watch: true |
|
40 | watch: true | |
38 |
|
41 | |||
39 |
|
42 | |||
40 | serversTransport: |
|
43 | serversTransport: | |
41 | #this disables SSL certificate verification for legacy own cert services like NextCloud etc |
|
44 | #this disables SSL certificate verification for legacy own cert services like NextCloud etc | |
42 | insecureSkipVerify: true |
|
45 | insecureSkipVerify: true |
@@ -1,24 +1,28 b'' | |||||
1 |
|
1 | |||
2 | ## Setting up the middleware for redirect to https ## |
|
2 | ## Setting up the middleware for redirect to https ## | |
3 | http: |
|
3 | http: | |
4 |
|
4 | |||
5 | middlewares: |
|
5 | middlewares: | |
6 |
|
6 | |||
7 | https-redirect: |
|
7 | https-redirect: | |
8 | redirectScheme: |
|
8 | redirectScheme: | |
9 | scheme: https |
|
9 | scheme: https | |
10 | # permanent: true |
|
10 | # permanent: true | |
11 |
|
11 | |||
12 | middlewares-rate-limit: |
|
12 | middlewares-rate-limit: | |
13 | rateLimit: |
|
13 | rateLimit: | |
14 | average: 100 |
|
14 | average: 100 | |
15 | burst: 50 |
|
15 | burst: 50 | |
16 |
|
16 | |||
|
17 | basic-auth: | |||
|
18 | basicAuth: | |||
|
19 | usersfile: /etc/traefik/.htpasswd | |||
|
20 | ||||
17 | # Dynamic configuration for standard file based SSL cert |
|
21 | # Dynamic configuration for standard file based SSL cert | |
18 | # create a custom copy of the traefik into .custom/ and remount this |
|
22 | # create a custom copy of the traefik into .custom/ and remount this | |
19 | # to enable custom certificates |
|
23 | # to enable custom certificates | |
20 | #tls: |
|
24 | #tls: | |
21 | # certificates: |
|
25 | # certificates: | |
22 | # # first certificate |
|
26 | # # first certificate | |
23 | # - certFile: /etc/traefik/certs/rhodecode-com.cert |
|
27 | # - certFile: /etc/traefik/certs/rhodecode-com.cert | |
24 | # keyFile: /etc/traefik/certs/rhodecode-com.key |
|
28 | # keyFile: /etc/traefik/certs/rhodecode-com.key |
@@ -1,336 +1,336 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | x-logging: &custom-logging |
|
3 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
5 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
6 | driver: loki | |
7 | options: |
|
7 | options: | |
8 | #loki-url: "http://loki:3100/loki/api/v1/push" |
|
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://127.0.0.1:3100/loki/api/v1/push" |
|
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
10 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
11 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
12 | loki-max-backoff: "800ms" | |
13 |
|
13 | |||
14 |
|
14 | |||
15 | services: |
|
15 | services: | |
16 |
|
16 | |||
17 | rhodecode: |
|
17 | rhodecode: | |
18 | networks: |
|
18 | networks: | |
19 | - rhodecode_network |
|
19 | - rhodecode_network | |
20 | extra_hosts: |
|
20 | extra_hosts: | |
21 | - "host.docker.internal:host-gateway" |
|
21 | - "host.docker.internal:host-gateway" | |
22 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
22 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
23 | stdin_open: true |
|
23 | stdin_open: true | |
24 | tty: true |
|
24 | tty: true | |
25 | restart: always |
|
25 | restart: always | |
26 | env_file: |
|
26 | env_file: | |
27 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
27 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
28 | command: [ |
|
28 | command: [ | |
29 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", |
|
29 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", | |
30 | "--name=gunicorn-rhodecode-1", |
|
30 | "--name=gunicorn-rhodecode-1", | |
31 | "--error-logfile=-", |
|
31 | "--error-logfile=-", | |
32 | "--paster=/etc/rhodecode/conf/rhodecode.ini", |
|
32 | "--paster=/etc/rhodecode/conf/rhodecode.ini", | |
33 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" |
|
33 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" | |
34 | ] |
|
34 | ] | |
35 | deploy: |
|
35 | deploy: | |
36 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
36 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
37 | replicas: 1 |
|
37 | replicas: 1 | |
38 |
|
38 | |||
39 | # ports: |
|
39 | # ports: | |
40 | # - "127.0.0.1::10020" |
|
40 | # - "127.0.0.1::10020" | |
41 |
|
41 | |||
42 | build: |
|
42 | build: | |
43 | context: . |
|
43 | context: . | |
44 | dockerfile: service/rhodecode/rhodecode.dockerfile |
|
44 | dockerfile: service/rhodecode/rhodecode.dockerfile | |
45 | args: |
|
45 | args: | |
46 | TZ: ${TZ} |
|
46 | TZ: ${TZ} | |
47 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} |
|
47 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} | |
48 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} |
|
48 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} | |
49 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} |
|
49 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} | |
50 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} |
|
50 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} | |
51 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} |
|
51 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} | |
52 |
|
52 | |||
53 | environment: |
|
53 | environment: | |
54 | RC_APP_TYPE: rhodecode_http |
|
54 | RC_APP_TYPE: rhodecode_http | |
55 | RC_APP_PROC: 1 |
|
55 | RC_APP_PROC: 1 | |
56 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
56 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
57 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
57 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
58 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
58 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
59 | GEVENT_RESOLVER: "ares" |
|
59 | GEVENT_RESOLVER: "ares" | |
60 |
|
60 | |||
61 | DB_UPGRADE: 1 # run the DB upgrade |
|
61 | DB_UPGRADE: 1 # run the DB upgrade | |
62 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run |
|
62 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run | |
63 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB |
|
63 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB | |
64 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application |
|
64 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application | |
65 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
65 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
66 |
|
66 | |||
67 | # SVN Specific |
|
67 | # SVN Specific | |
68 | MOD_DAV_SVN_PORT: 8090 |
|
68 | MOD_DAV_SVN_PORT: 8090 | |
69 | APACHE_LOG_DIR: /var/log/rhodecode/svn |
|
69 | APACHE_LOG_DIR: /var/log/rhodecode/svn | |
70 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
70 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
71 |
|
71 | |||
72 | healthcheck: |
|
72 | healthcheck: | |
73 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ] |
|
73 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ] | |
74 | timeout: 30s |
|
74 | timeout: 30s | |
75 | interval: 60s |
|
75 | interval: 60s | |
76 | retries: 10 |
|
76 | retries: 10 | |
77 |
|
77 | |||
78 | # depends_on: |
|
78 | # depends_on: | |
79 | # - database |
|
79 | # - database | |
80 | # - redis |
|
80 | # - redis | |
81 | # - channelstream |
|
81 | # - channelstream | |
82 |
|
82 | |||
83 | volumes: |
|
83 | volumes: | |
84 | - confvolume:/etc/rhodecode/conf |
|
84 | - confvolume:/etc/rhodecode/conf | |
85 | - logvolume:/var/log/rhodecode |
|
85 | - logvolume:/var/log/rhodecode | |
86 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
86 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
87 | - rc_datavolume:/var/opt/rhodecode_data |
|
87 | - rc_datavolume:/var/opt/rhodecode_data | |
88 |
|
88 | |||
89 | tmpfs: |
|
89 | tmpfs: | |
90 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:?specify-RC_DATA_RAMDISK_SIZE-env-var} |
|
90 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:?specify-RC_DATA_RAMDISK_SIZE-env-var} | |
91 |
|
91 | |||
92 | logging: |
|
92 | logging: | |
93 | *custom-logging |
|
93 | *custom-logging | |
94 |
|
94 | |||
95 | labels: |
|
95 | labels: | |
96 | - "traefik.enable=true" |
|
96 | - "traefik.enable=true" | |
97 | - "traefik.http.routers.rhodecode.entrypoints=http" |
|
97 | - "traefik.http.routers.rhodecode.entrypoints=http" | |
98 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" |
|
98 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |
99 | - "traefik.http.routers.rhodecode.service=rhodecode-web" |
|
99 | - "traefik.http.routers.rhodecode.service=rhodecode-web" | |
100 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" |
|
100 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" | |
101 | # SSL + proxy prefix example, should be put into .custom/docker-compose-apps.override.yaml |
|
101 | # SSL + proxy prefix example, should be put into .custom/docker-compose-apps.override.yaml | |
102 | #- "traefik.http.routers.rhodecode-rt.entrypoints=https" |
|
102 | #- "traefik.http.routers.rhodecode-rt.entrypoints=https" | |
103 | #- "traefik.http.routers.rhodecode-rt.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" |
|
103 | #- "traefik.http.routers.rhodecode-rt.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |
104 | #- "traefik.http.routers.rhodecode-rt.tls=true" |
|
104 | #- "traefik.http.routers.rhodecode-rt.tls=true" | |
105 | #- "traefik.http.routers.rhodecode-rt.service=rhodecode-ssl" |
|
105 | #- "traefik.http.routers.rhodecode-rt.service=rhodecode-ssl" | |
106 | #- "traefik.http.services.rhodecode-ssl.loadbalancer.server.port=10020" |
|
106 | #- "traefik.http.services.rhodecode-ssl.loadbalancer.server.port=10020" | |
107 |
|
107 | |||
108 | vcsserver: |
|
108 | vcsserver: | |
109 | networks: |
|
109 | networks: | |
110 | - rhodecode_network |
|
110 | - rhodecode_network | |
111 | extra_hosts: |
|
111 | extra_hosts: | |
112 | - "host.docker.internal:host-gateway" |
|
112 | - "host.docker.internal:host-gateway" | |
113 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
113 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
114 |
|
114 | |||
115 | stdin_open: true |
|
115 | stdin_open: true | |
116 | tty: true |
|
116 | tty: true | |
117 | restart: always |
|
117 | restart: always | |
118 | env_file: |
|
118 | env_file: | |
119 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
119 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
120 | command: [ |
|
120 | command: [ | |
121 | "/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn", |
|
121 | "/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn", | |
122 | "--name=gunicorn-vcsserver-1", |
|
122 | "--name=gunicorn-vcsserver-1", | |
123 | "--error-logfile=-", |
|
123 | "--error-logfile=-", | |
124 | "--paster=/etc/rhodecode/conf/vcsserver.ini", |
|
124 | "--paster=/etc/rhodecode/conf/vcsserver.ini", | |
125 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" |
|
125 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" | |
126 | ] |
|
126 | ] | |
127 | deploy: |
|
127 | deploy: | |
128 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
128 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
129 | replicas: 1 |
|
129 | replicas: 1 | |
130 |
|
130 | |||
131 | # ports: |
|
131 | # ports: | |
132 | # - "127.0.0.1::10010" |
|
132 | # - "127.0.0.1::10010" | |
133 |
|
133 | |||
134 | healthcheck: |
|
134 | healthcheck: | |
135 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ] |
|
135 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ] | |
136 | timeout: 30s |
|
136 | timeout: 30s | |
137 | interval: 60s |
|
137 | interval: 60s | |
138 | retries: 10 |
|
138 | retries: 10 | |
139 |
|
139 | |||
140 | environment: |
|
140 | environment: | |
141 | RC_APP_TYPE: rhodecode_vcsserver |
|
141 | RC_APP_TYPE: rhodecode_vcsserver | |
142 | RC_APP_PROC: 1 |
|
142 | RC_APP_PROC: 1 | |
143 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini |
|
143 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini | |
144 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
144 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
145 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
145 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
146 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
146 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
147 |
|
147 | |||
148 | # depends_on: |
|
148 | # depends_on: | |
149 | # - redis |
|
149 | # - redis | |
150 |
|
150 | |||
151 | volumes: |
|
151 | volumes: | |
152 | - confvolume:/etc/rhodecode/conf |
|
152 | - confvolume:/etc/rhodecode/conf | |
153 | - logvolume:/var/log/rhodecode |
|
153 | - logvolume:/var/log/rhodecode | |
154 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
154 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
155 | - rc_datavolume:/var/opt/rhodecode_data |
|
155 | - rc_datavolume:/var/opt/rhodecode_data | |
156 |
|
156 | |||
157 | logging: |
|
157 | logging: | |
158 | *custom-logging |
|
158 | *custom-logging | |
159 |
|
159 | |||
160 | celery: |
|
160 | celery: | |
161 | networks: |
|
161 | networks: | |
162 | - rhodecode_network |
|
162 | - rhodecode_network | |
163 | extra_hosts: |
|
163 | extra_hosts: | |
164 | - "host.docker.internal:host-gateway" |
|
164 | - "host.docker.internal:host-gateway" | |
165 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
165 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
166 |
|
166 | |||
167 | stdin_open: true |
|
167 | stdin_open: true | |
168 | tty: true |
|
168 | tty: true | |
169 | restart: always |
|
169 | restart: always | |
170 | env_file: |
|
170 | env_file: | |
171 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
171 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
172 | command: [ |
|
172 | command: [ | |
173 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
173 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
174 | "worker", |
|
174 | "worker", | |
175 | "--task-events", |
|
175 | "--task-events", | |
176 | "--autoscale=10,2", |
|
176 | "--autoscale=10,2", | |
177 | "--no-color", |
|
177 | "--no-color", | |
178 | "--app=rhodecode.lib.celerylib.loader", |
|
178 | "--app=rhodecode.lib.celerylib.loader", | |
179 | "--loglevel=DEBUG", |
|
179 | "--loglevel=DEBUG", | |
180 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
180 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
181 | ] |
|
181 | ] | |
182 |
|
182 | |||
183 | environment: |
|
183 | environment: | |
184 | RC_APP_TYPE: rhodecode_celery |
|
184 | RC_APP_TYPE: rhodecode_celery | |
185 | RC_APP_PROC: 1 |
|
185 | RC_APP_PROC: 1 | |
186 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
186 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
187 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
187 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
188 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
188 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
189 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
189 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
190 |
|
190 | |||
191 | # depends_on: |
|
191 | # depends_on: | |
192 | # - database |
|
192 | # - database | |
193 | # - redis |
|
193 | # - redis | |
194 |
|
194 | |||
195 | volumes: |
|
195 | volumes: | |
196 | - confvolume:/etc/rhodecode/conf |
|
196 | - confvolume:/etc/rhodecode/conf | |
197 | - logvolume:/var/log/rhodecode |
|
197 | - logvolume:/var/log/rhodecode | |
198 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
198 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
199 | - rc_datavolume:/var/opt/rhodecode_data |
|
199 | - rc_datavolume:/var/opt/rhodecode_data | |
200 |
|
200 | |||
201 | logging: |
|
201 | logging: | |
202 | *custom-logging |
|
202 | *custom-logging | |
203 |
|
203 | |||
204 | labels: |
|
204 | labels: | |
205 | - "traefik.enable=false" |
|
205 | - "traefik.enable=false" | |
206 |
|
206 | |||
207 | celery-beat: |
|
207 | celery-beat: | |
208 | # This service is not scalable |
|
208 | # This service is not scalable | |
209 | networks: |
|
209 | networks: | |
210 | - rhodecode_network |
|
210 | - rhodecode_network | |
211 | extra_hosts: |
|
211 | extra_hosts: | |
212 | - "host.docker.internal:host-gateway" |
|
212 | - "host.docker.internal:host-gateway" | |
213 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
213 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
214 |
|
214 | |||
215 | stdin_open: true |
|
215 | stdin_open: true | |
216 | tty: true |
|
216 | tty: true | |
217 | restart: always |
|
217 | restart: always | |
218 | env_file: |
|
218 | env_file: | |
219 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
219 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
220 | command: [ |
|
220 | command: [ | |
221 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
221 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
222 | "beat", |
|
222 | "beat", | |
223 | "--no-color", |
|
223 | "--no-color", | |
224 | "--app=rhodecode.lib.celerylib.loader", |
|
224 | "--app=rhodecode.lib.celerylib.loader", | |
225 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", |
|
225 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", | |
226 | "--loglevel=DEBUG", |
|
226 | "--loglevel=DEBUG", | |
227 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
227 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
228 | ] |
|
228 | ] | |
229 |
|
229 | |||
230 | environment: |
|
230 | environment: | |
231 | RC_APP_TYPE: rhodecode_beat |
|
231 | RC_APP_TYPE: rhodecode_beat | |
232 | RC_APP_PROC: 1 |
|
232 | RC_APP_PROC: 1 | |
233 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
233 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
234 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
234 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
235 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
235 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
236 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
236 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
237 |
|
237 | |||
238 | # depends_on: |
|
238 | # depends_on: | |
239 | # - database |
|
239 | # - database | |
240 | # - redis |
|
240 | # - redis | |
241 |
|
241 | |||
242 | volumes: |
|
242 | volumes: | |
243 | - confvolume:/etc/rhodecode/conf |
|
243 | - confvolume:/etc/rhodecode/conf | |
244 | - logvolume:/var/log/rhodecode |
|
244 | - logvolume:/var/log/rhodecode | |
245 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
245 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
246 | - rc_datavolume:/var/opt/rhodecode_data |
|
246 | - rc_datavolume:/var/opt/rhodecode_data | |
247 |
|
247 | |||
248 | logging: |
|
248 | logging: | |
249 | *custom-logging |
|
249 | *custom-logging | |
250 |
|
250 | |||
251 | labels: |
|
251 | labels: | |
252 | - "traefik.enable=false" |
|
252 | - "traefik.enable=false" | |
253 |
|
253 | |||
254 | svn: |
|
254 | svn: | |
255 | networks: |
|
255 | networks: | |
256 | - rhodecode_network |
|
256 | - rhodecode_network | |
257 | extra_hosts: |
|
257 | extra_hosts: | |
258 | - "host.docker.internal:host-gateway" |
|
258 | - "host.docker.internal:host-gateway" | |
259 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
259 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
260 |
|
260 | |||
261 | # build: |
|
261 | # build: | |
262 | # context: . |
|
262 | # context: . | |
263 | # dockerfile: service/svn/rhodecode_svn.dockerfile |
|
263 | # dockerfile: service/svn/rhodecode_svn.dockerfile | |
264 | # args: |
|
264 | # args: | |
265 | # APACHE_VER: 1.3 |
|
265 | # APACHE_VER: 1.3 | |
266 |
|
266 | |||
267 | stdin_open: true |
|
267 | stdin_open: true | |
268 | tty: true |
|
268 | tty: true | |
269 | restart: always |
|
269 | restart: always | |
270 | env_file: |
|
270 | env_file: | |
271 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
271 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
272 | command: ["apachectl", "-D", "FOREGROUND"] |
|
272 | command: ["apachectl", "-D", "FOREGROUND"] | |
273 |
|
273 | |||
274 | environment: |
|
274 | environment: | |
275 | RC_APP_TYPE: rhodecode_svn |
|
275 | RC_APP_TYPE: rhodecode_svn | |
276 |
|
276 | |||
277 | # SVN Specific |
|
277 | # SVN Specific | |
278 | MOD_DAV_SVN_PORT: 8090 |
|
278 | MOD_DAV_SVN_PORT: 8090 | |
279 | APACHE_LOG_DIR: /var/log/rhodecode/svn |
|
279 | APACHE_LOG_DIR: /var/log/rhodecode/svn | |
280 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
280 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
281 |
|
281 | |||
282 | # ports: |
|
282 | # ports: | |
283 | # - "127.0.0.1::8090" |
|
283 | # - "127.0.0.1::8090" | |
284 |
|
284 | |||
285 | healthcheck: |
|
285 | healthcheck: | |
286 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ] |
|
286 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ] | |
287 | timeout: 30s |
|
287 | timeout: 30s | |
288 | interval: 60s |
|
288 | interval: 60s | |
289 | retries: 10 |
|
289 | retries: 10 | |
290 |
|
290 | |||
291 | volumes: |
|
291 | volumes: | |
292 | - confvolume:/etc/rhodecode/conf |
|
292 | - confvolume:/etc/rhodecode/conf | |
293 | - logvolume:/var/log/rhodecode |
|
293 | - logvolume:/var/log/rhodecode | |
294 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
294 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
295 | - rc_datavolume:/var/opt/rhodecode_data |
|
295 | - rc_datavolume:/var/opt/rhodecode_data | |
296 |
|
296 | |||
297 | logging: |
|
297 | logging: | |
298 | *custom-logging |
|
298 | *custom-logging | |
299 |
|
299 | |||
300 | sshd: |
|
300 | sshd: | |
301 | networks: |
|
301 | networks: | |
302 | - rhodecode_network |
|
302 | - rhodecode_network | |
303 | extra_hosts: |
|
303 | extra_hosts: | |
304 | - "host.docker.internal:host-gateway" |
|
304 | - "host.docker.internal:host-gateway" | |
305 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
305 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
306 |
|
306 | |||
307 | stdin_open: true |
|
307 | stdin_open: true | |
308 | tty: true |
|
308 | tty: true | |
309 | restart: always |
|
309 | restart: always | |
310 | env_file: |
|
310 | env_file: | |
311 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
311 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
312 | command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"] |
|
312 | command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"] | |
313 |
|
313 | |||
314 | environment: |
|
314 | environment: | |
315 | RC_APP_TYPE: rhodecode_sshd |
|
315 | RC_APP_TYPE: rhodecode_sshd | |
316 | SSH_BOOTSTRAP: 1 |
|
316 | SSH_BOOTSTRAP: 1 | |
317 |
|
317 | |||
318 | # ports: |
|
318 | # ports: | |
319 | # # set from .env file |
|
319 | # # set from .env file | |
320 | # - "${RC_SSH_PORT:?must-specify-ssh-port}:22" |
|
320 | # - "${RC_SSH_PORT:?must-specify-ssh-port}:22" | |
321 |
|
321 | |||
322 | volumes: |
|
322 | volumes: | |
323 | - confvolume:/etc/rhodecode/conf |
|
323 | - confvolume:/etc/rhodecode/conf | |
324 | - logvolume:/var/log/rhodecode |
|
324 | - logvolume:/var/log/rhodecode | |
325 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
325 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
326 | - rc_datavolume:/var/opt/rhodecode_data |
|
326 | - rc_datavolume:/var/opt/rhodecode_data | |
327 |
|
327 | |||
328 | logging: |
|
328 | logging: | |
329 | *custom-logging |
|
329 | *custom-logging | |
330 |
|
330 | |||
331 | labels: |
|
331 | labels: | |
332 | - "traefik.enable=true" |
|
332 | - "traefik.enable=true" | |
333 | - "traefik.http.routers.sshd.entrypoints=ssh" |
|
333 | - "traefik.http.routers.sshd.entrypoints=ssh" | |
334 | - "traefik.http.routers.sshd.rule=Host(`*`)" |
|
334 | - "traefik.http.routers.sshd.rule=Host(`*`)" | |
335 | - "traefik.http.routers.sshd.service=rhodecode-ssh" |
|
335 | - "traefik.http.routers.sshd.service=rhodecode-ssh" | |
336 | - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT:?must-specify-ssh-port}" |
|
336 | - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT:?must-specify-ssh-port}" |
@@ -1,55 +1,55 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | ## Shared base stuff for all compose files in stack |
|
3 | ## Shared base stuff for all compose files in stack | |
4 |
|
4 | |||
5 | x-logging: &custom-logging |
|
5 | x-logging: &custom-logging | |
6 | # Install loki plugin |
|
6 | # Install loki plugin | |
7 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
7 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
8 | # NOTE: loki logging driver ONLY works for host type networks... |
|
8 | # NOTE: loki logging driver ONLY works for host type networks... | |
9 | # To cleanly uninstall the plugin, disable and remove it |
|
9 | # To cleanly uninstall the plugin, disable and remove it | |
10 | # docker plugin disable loki --force && docker plugin rm loki |
|
10 | # docker plugin disable loki --force && docker plugin rm loki | |
11 | # debug: sudo journalctl -u docker.service | grep loki |
|
11 | # debug: sudo journalctl -u docker.service | grep loki | |
12 | driver: loki |
|
12 | driver: loki | |
13 | options: |
|
13 | options: | |
14 | #loki-url: "http://loki:3100/loki/api/v1/push" |
|
14 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
15 | loki-url: "http://127.0.0.1:3100/loki/api/v1/push" |
|
15 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
16 | loki-retries: "5" |
|
16 | loki-retries: "5" | |
17 | loki-timeout: "1s" |
|
17 | loki-timeout: "1s" | |
18 | loki-max-backoff: "800ms" |
|
18 | loki-max-backoff: "800ms" | |
19 |
|
19 | |||
20 | volumes: |
|
20 | volumes: | |
21 | # shared logvolume |
|
21 | # shared logvolume | |
22 | logvolume: |
|
22 | logvolume: | |
23 | driver: local |
|
23 | driver: local | |
24 | driver_opts: |
|
24 | driver_opts: | |
25 | type: none |
|
25 | type: none | |
26 | o: bind |
|
26 | o: bind | |
27 | device: $PWD/logs |
|
27 | device: $PWD/logs | |
28 |
|
28 | |||
29 | # bind-mount with configs |
|
29 | # bind-mount with configs | |
30 | confvolume: |
|
30 | confvolume: | |
31 | driver: local |
|
31 | driver: local | |
32 | driver_opts: |
|
32 | driver_opts: | |
33 | type: none |
|
33 | type: none | |
34 | o: bind |
|
34 | o: bind | |
35 | device: $PWD/config/_shared |
|
35 | device: $PWD/config/_shared | |
36 |
|
36 | |||
37 | # SHARED volume for rhodecode caches, archive caches, nginx static, |
|
37 | # SHARED volume for rhodecode caches, archive caches, nginx static, | |
38 | # must be run via: docker volume create --name=rc_datavolume |
|
38 | # must be run via: docker volume create --name=rc_datavolume | |
39 | rc_datavolume: |
|
39 | rc_datavolume: | |
40 | external: true |
|
40 | external: true | |
41 |
|
41 | |||
42 | # volume for RhodeCode repo-store, it's where the repositories will be stored |
|
42 | # volume for RhodeCode repo-store, it's where the repositories will be stored | |
43 | # must be run via: docker volume create --name=rc_reposvolume |
|
43 | # must be run via: docker volume create --name=rc_reposvolume | |
44 | rc_reposvolume: |
|
44 | rc_reposvolume: | |
45 | external: true |
|
45 | external: true | |
46 |
|
46 | |||
47 | networks: |
|
47 | networks: | |
48 |
|
48 | |||
49 | # SHARED network for all containers |
|
49 | # SHARED network for all containers | |
50 | # must be run via: docker network create --name=rhodecode_network |
|
50 | # must be run via: docker network create --name=rhodecode_network | |
51 | rhodecode_network: |
|
51 | rhodecode_network: | |
52 | name: rhodecode_network |
|
52 | name: rhodecode_network | |
53 | driver: bridge |
|
53 | driver: bridge | |
54 | external: true |
|
54 | external: true | |
55 |
|
55 |
@@ -1,131 +1,138 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | volumes: |
|
3 | volumes: | |
4 |
|
4 | |||
5 | prometheus_data: |
|
5 | prometheus_data: | |
6 | labels: |
|
6 | labels: | |
7 | "keep": 1 |
|
7 | "keep": 1 | |
8 |
|
8 | |||
9 | grafana_data: |
|
9 | grafana_data: | |
10 | labels: |
|
10 | labels: | |
11 | "keep": 1 |
|
11 | "keep": 1 | |
12 |
|
12 | |||
13 | services: |
|
13 | services: | |
14 |
|
14 | |||
15 | statsd-exporter: |
|
15 | statsd-exporter: | |
16 | image: prom/statsd-exporter:v0.22.8 |
|
16 | image: prom/statsd-exporter:v0.22.8 | |
17 | restart: always |
|
17 | restart: always | |
18 | command: [ |
|
18 | command: [ | |
19 | '--statsd.mapping-config=/etc/statsd/statsd.yaml', |
|
19 | '--statsd.mapping-config=/etc/statsd/statsd.yaml', | |
20 | '--statsd.listen-udp=:9125', |
|
20 | '--statsd.listen-udp=:9125', | |
21 | '--web.listen-address=:9102' |
|
21 | '--web.listen-address=:9102' | |
22 | ] |
|
22 | ] | |
23 | networks: |
|
23 | networks: | |
24 | - rhodecode_network |
|
24 | - rhodecode_network | |
25 | # ports: |
|
25 | # ports: | |
26 | # - "9125:9125/udp" |
|
26 | # - "9125:9125/udp" | |
27 | # - "9102:9102" |
|
27 | # - "9102:9102" | |
28 |
|
28 | |||
29 | volumes: |
|
29 | volumes: | |
30 | - ./config/statsd-exporter:/etc/statsd |
|
30 | - ./config/statsd-exporter:/etc/statsd | |
31 | labels: |
|
31 | labels: | |
32 | - "traefik.enable=false" |
|
32 | - "traefik.enable=false" | |
33 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125" |
|
33 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9125" | |
34 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102" |
|
34 | - "traefik.http.services.statsd-exporter.loadbalancer.server.port=9102" | |
35 |
|
35 | |||
36 | node-exporter: |
|
36 | node-exporter: | |
37 | image: prom/node-exporter:v1.4.1 |
|
37 | image: prom/node-exporter:v1.4.1 | |
38 | command: |
|
38 | command: | |
39 | - "--path.procfs=/host/proc" |
|
39 | - "--path.procfs=/host/proc" | |
40 | - "--path.rootfs=/rootfs" |
|
40 | - "--path.rootfs=/rootfs" | |
41 | - "--path.sysfs=/host/sys" |
|
41 | - "--path.sysfs=/host/sys" | |
42 | - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)" |
|
42 | - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)" | |
43 | - "--collector.systemd" |
|
43 | - "--collector.systemd" | |
44 | - "--collector.processes" |
|
44 | - "--collector.processes" | |
45 | networks: |
|
45 | networks: | |
46 | - rhodecode_network |
|
46 | - rhodecode_network | |
47 | pid: host |
|
47 | pid: host | |
48 | restart: always |
|
48 | restart: always | |
49 | # ports: |
|
49 | # ports: | |
50 | # - "9100:9100" |
|
50 | # - "9100:9100" | |
51 | volumes: |
|
51 | volumes: | |
52 | - "/proc:/host/proc:ro" |
|
52 | - "/proc:/host/proc:ro" | |
53 | - "/sys:/host/sys:ro" |
|
53 | - "/sys:/host/sys:ro" | |
54 | - "/:/rootfs:ro" |
|
54 | - "/:/rootfs:ro" | |
55 | labels: |
|
55 | labels: | |
56 | - "traefik.enable=false" |
|
56 | - "traefik.enable=false" | |
57 | - "traefik.http.services.node-exporter.loadbalancer.server.port=9100" |
|
57 | - "traefik.http.services.node-exporter.loadbalancer.server.port=9100" | |
58 |
|
58 | |||
59 | prometheus: |
|
59 | prometheus: | |
60 | image: prom/prometheus:v2.40.6 |
|
60 | image: prom/prometheus:v2.40.6 | |
61 | restart: always |
|
61 | restart: always | |
62 | command: |
|
62 | command: | |
63 | - "--config.file=/etc/prometheus/prometheus.yml" |
|
63 | - "--config.file=/etc/prometheus/prometheus.yml" | |
64 | - "--storage.tsdb.path=/prometheus" |
|
64 | - "--storage.tsdb.path=/prometheus" | |
65 | - "--web.console.libraries=/etc/prometheus/console_libraries" |
|
65 | - "--web.console.libraries=/etc/prometheus/console_libraries" | |
66 | - "--web.console.templates=/etc/prometheus/consoles" |
|
66 | - "--web.console.templates=/etc/prometheus/consoles" | |
67 | - "--storage.tsdb.retention.time=24h" |
|
67 | - "--storage.tsdb.retention.time=24h" | |
68 | - "--web.enable-lifecycle" |
|
68 | - "--web.enable-lifecycle" | |
69 | # ports: |
|
69 | # ports: | |
70 | # - "9090:9090" |
|
70 | # - "9090:9090" | |
71 | networks: |
|
71 | networks: | |
72 | - rhodecode_network |
|
72 | - rhodecode_network | |
73 | volumes: |
|
73 | volumes: | |
74 | - ./config/prometheus:/etc/prometheus |
|
74 | - ./config/prometheus:/etc/prometheus | |
75 | - prometheus_data:/prometheus |
|
75 | - prometheus_data:/prometheus | |
76 | labels: |
|
76 | labels: | |
77 | - "traefik.enable=false" |
|
77 | - "traefik.enable=false" | |
78 | - "traefik.http.services.prometheus.loadbalancer.server.port=9090" |
|
78 | - "traefik.http.services.prometheus.loadbalancer.server.port=9090" | |
79 |
|
79 | |||
80 | grafana: |
|
80 | grafana: | |
81 | image: grafana/grafana:9.3.1 |
|
81 | image: grafana/grafana:9.3.1 | |
82 | restart: always |
|
82 | restart: always | |
83 | # ports: |
|
83 | # ports: | |
84 | # - "3000:3000" |
|
84 | # - "3000:3000" | |
85 | volumes: |
|
85 | volumes: | |
86 | - grafana_data:/var/lib/grafana |
|
86 | - grafana_data:/var/lib/grafana | |
87 | - ./config/grafana:/etc/grafana |
|
87 | - ./config/grafana:/etc/grafana | |
88 | networks: |
|
88 | networks: | |
89 | - rhodecode_network |
|
89 | - rhodecode_network | |
90 | labels: |
|
90 | labels: | |
91 | - "traefik.enable=true" |
|
91 | - "traefik.enable=true" | |
92 | - "traefik.http.routers.grafana.entrypoints=http" |
|
92 | - "traefik.http.routers.grafana.entrypoints=http" | |
93 | - "traefik.http.routers.grafana.rule=PathPrefix(`/_grafana`)" |
|
93 | - "traefik.http.routers.grafana.rule=PathPrefix(`/_grafana`)" | |
94 | - "traefik.http.routers.grafana.service=grafana-http" |
|
94 | - "traefik.http.routers.grafana.service=grafana-http" | |
95 | - "traefik.http.services.grafana-http.loadbalancer.server.port=3000" |
|
95 | - "traefik.http.services.grafana-http.loadbalancer.server.port=3000" | |
96 | # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml |
|
96 | # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml | |
97 | #- "traefik.http.routers.grafana-rt.entrypoints=https" |
|
97 | #- "traefik.http.routers.grafana-rt.entrypoints=https" | |
98 | #- "traefik.http.routers.grafana-rt.rule=Host(`metrics.example.com`) && PathPrefix(`/_grafana`)" |
|
98 | #- "traefik.http.routers.grafana-rt.rule=Host(`metrics.example.com`) && PathPrefix(`/_grafana`)" | |
99 | #- "traefik.http.routers.grafana-rt.tls=true" |
|
99 | #- "traefik.http.routers.grafana-rt.tls=true" | |
100 | #- "traefik.http.routers.grafana-rt.service=grafana-ssl" |
|
100 | #- "traefik.http.routers.grafana-rt.service=grafana-ssl" | |
101 | #- "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000" |
|
101 | #- "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000" | |
102 |
|
102 | |||
103 | loki: |
|
103 | loki: | |
104 | image: grafana/loki:2.7.1 |
|
104 | image: grafana/loki:2.7.1 | |
105 | restart: always |
|
105 | restart: always | |
106 | ports: |
|
106 | # ports: | |
107 | # Loki port is the only one that needs explicitly |
|
107 | # - "3100:3100" | |
108 | # be exposed because of logging driver host-only woking mode |
|
|||
109 | - "3100:3100" |
|
|||
110 | # - "9095:9095" |
|
108 | # - "9095:9095" | |
111 | command: [ |
|
109 | command: [ | |
112 | "-config.file=/etc/loki/loki-config.yaml" |
|
110 | "-config.file=/etc/loki/loki-config.yaml" | |
113 | ] |
|
111 | ] | |
114 | networks: |
|
112 | networks: | |
115 | - rhodecode_network |
|
113 | - rhodecode_network | |
116 | volumes: |
|
114 | volumes: | |
117 | - ./config/loki:/etc/loki |
|
115 | - ./config/loki:/etc/loki | |
|
116 | # optionally mount host container to scrape docker logs... | |||
|
117 | # - /var/lib/docker/containers:/var/lib/docker/containers:ro | |||
|
118 | labels: | |||
|
119 | # Loki port is the only one that needs explicitly | |||
|
120 | # be exposed because of logging driver host-only working mode | |||
|
121 | - "traefik.enable=true" | |||
|
122 | - "traefik.http.routers.loki.entrypoints=loki" | |||
|
123 | - "traefik.http.routers.loki.rule=PathPrefix(`/`)" | |||
|
124 | - "traefik.http.routers.loki.middlewares=basic-auth@file" | |||
|
125 | - "traefik.http.routers.loki.service=loki-http" | |||
|
126 | - "traefik.http.services.loki-http.loadbalancer.server.port=3100" | |||
118 |
|
127 | |||
119 | promtail: |
|
128 | promtail: | |
120 | image: grafana/promtail:2.7.1 |
|
129 | image: grafana/promtail:2.7.1 | |
121 | command: [ |
|
130 | command: [ | |
122 | "-config.file=/etc/promtail/promtail-config.yaml" |
|
131 | "-config.file=/etc/promtail/promtail-config.yaml" | |
123 | ] |
|
132 | ] | |
124 | networks: |
|
133 | networks: | |
125 | - rhodecode_network |
|
134 | - rhodecode_network | |
126 | volumes: |
|
135 | volumes: | |
127 | - /var/log:/var/log |
|
136 | - /var/log:/var/log | |
128 | - logvolume:/var/log_volume |
|
137 | - logvolume:/var/log_volume | |
129 | - ./config/promtail:/etc/promtail |
|
138 | - ./config/promtail:/etc/promtail | |
130 | labels: |
|
|||
131 | - "traefik.enable=false" |
|
@@ -1,44 +1,46 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | x-logging: &custom-logging |
|
3 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
5 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
6 | driver: loki | |
7 | options: |
|
7 | options: | |
8 | #loki-url: "http://loki:3100/loki/api/v1/push" |
|
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://127.0.0.1:3100/loki/api/v1/push" |
|
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
10 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
11 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
12 | loki-max-backoff: "800ms" | |
13 |
|
13 | |||
14 | ## docker network create -d overlay lb-net |
|
14 | ## docker network create -d overlay lb-net | |
15 | services: |
|
15 | services: | |
16 |
|
16 | |||
17 | traefik: |
|
17 | traefik: | |
18 |
|
18 | |||
19 | image: traefik:v2.9.6 |
|
19 | image: traefik:v2.9.6 | |
20 |
|
20 | |||
21 | ports: |
|
21 | ports: | |
22 | # The HTTP port, exposed as http entrypoint |
|
22 | # The HTTP port, exposed as http entrypoint | |
23 | - "80:80" |
|
23 | - "80:80" | |
24 | # The HTTPS port, exposed as https entrypoint |
|
24 | # The HTTPS port, exposed as https entrypoint | |
25 | - "443:443" |
|
25 | - "443:443" | |
|
26 | # The loki port, exposed as http entrypoint behind auth | |||
|
27 | - "3100:3100" | |||
26 | # The SSH port |
|
28 | # The SSH port | |
27 | - "${RC_SSH_PORT}:${RC_SSH_PORT}" |
|
29 | - "${RC_SSH_PORT}:${RC_SSH_PORT}" | |
28 | volumes: |
|
30 | volumes: | |
29 | # So that Traefik can listen to the Docker events |
|
31 | # So that Traefik can listen to the Docker events | |
30 | - /var/run/docker.sock:/var/run/docker.sock |
|
32 | - /var/run/docker.sock:/var/run/docker.sock | |
31 | - ./config/traefik:/etc/traefik |
|
33 | - ./config/traefik:/etc/traefik | |
32 | deploy: |
|
34 | deploy: | |
33 | placement: |
|
35 | placement: | |
34 | constraints: |
|
36 | constraints: | |
35 | # limit swarm deploy to MANAGER only |
|
37 | # limit swarm deploy to MANAGER only | |
36 | - node.role == manager |
|
38 | - node.role == manager | |
37 | networks: |
|
39 | networks: | |
38 | - rhodecode_network |
|
40 | - rhodecode_network | |
39 |
|
41 | |||
40 | labels: |
|
42 | labels: | |
41 | - "traefik.enable=true" |
|
43 | - "traefik.enable=true" | |
42 |
|
44 | |||
43 | logging: |
|
45 | logging: | |
44 | *custom-logging |
|
46 | *custom-logging |
@@ -1,248 +1,248 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | x-logging: &custom-logging |
|
3 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
5 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
6 | driver: loki | |
7 | options: |
|
7 | options: | |
8 | #loki-url: "http://loki:3100/loki/api/v1/push" |
|
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://127.0.0.1:3100/loki/api/v1/push" |
|
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
10 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
11 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
12 | loki-max-backoff: "800ms" | |
13 |
|
13 | |||
14 | volumes: |
|
14 | volumes: | |
15 |
|
15 | |||
16 | # volume for redis data store |
|
16 | # volume for redis data store | |
17 | redis_data: |
|
17 | redis_data: | |
18 | labels: |
|
18 | labels: | |
19 | "keep": 1 |
|
19 | "keep": 1 | |
20 |
|
20 | |||
21 | # volume for Postgres db store |
|
21 | # volume for Postgres db store | |
22 |
|
22 | |||
23 | # volume for Postgres Data |
|
23 | # volume for Postgres Data | |
24 | pg_data: |
|
24 | pg_data: | |
25 | labels: |
|
25 | labels: | |
26 | "keep": 1 |
|
26 | "keep": 1 | |
27 |
|
27 | |||
28 | # volume for rhodecode elasticsearch |
|
28 | # volume for rhodecode elasticsearch | |
29 | es_data: |
|
29 | es_data: | |
30 | labels: |
|
30 | labels: | |
31 | "keep": 1 |
|
31 | "keep": 1 | |
32 |
|
32 | |||
33 |
|
33 | |||
34 | services: |
|
34 | services: | |
35 |
|
35 | |||
36 | channelstream: |
|
36 | channelstream: | |
37 | networks: |
|
37 | networks: | |
38 | - rhodecode_network |
|
38 | - rhodecode_network | |
39 | image: channelstream/channelstream:0.7.1 |
|
39 | image: channelstream/channelstream:0.7.1 | |
40 |
|
40 | |||
41 | restart: always |
|
41 | restart: always | |
42 |
|
42 | |||
43 | # ports: |
|
43 | # ports: | |
44 | # - "127.0.0.1:9800:9800" |
|
44 | # - "127.0.0.1:9800:9800" | |
45 | env_file: |
|
45 | env_file: | |
46 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
46 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
47 | command: ["channelstream"] |
|
47 | command: ["channelstream"] | |
48 |
|
48 | |||
49 | healthcheck: |
|
49 | healthcheck: | |
50 | test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ] |
|
50 | test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ] | |
51 | timeout: 5s |
|
51 | timeout: 5s | |
52 | interval: 60s |
|
52 | interval: 60s | |
53 | retries: 10 |
|
53 | retries: 10 | |
54 |
|
54 | |||
55 | volumes: |
|
55 | volumes: | |
56 | - confvolume:/etc/rhodecode/conf |
|
56 | - confvolume:/etc/rhodecode/conf | |
57 | - logvolume:/var/log/rhodecode |
|
57 | - logvolume:/var/log/rhodecode | |
58 |
|
58 | |||
59 | logging: |
|
59 | logging: | |
60 | *custom-logging |
|
60 | *custom-logging | |
61 |
|
61 | |||
62 | labels: |
|
62 | labels: | |
63 | - "traefik.enable=false" |
|
63 | - "traefik.enable=false" | |
64 | #- "traefik.http.routers.channelstream.entrypoints=http" |
|
64 | #- "traefik.http.routers.channelstream.entrypoints=http" | |
65 | #- "traefik.http.services.channelstream.loadbalancer.server.port=9800" |
|
65 | #- "traefik.http.services.channelstream.loadbalancer.server.port=9800" | |
66 |
|
66 | |||
67 | profiles: |
|
67 | profiles: | |
68 | ["channelstream"] |
|
68 | ["channelstream"] | |
69 |
|
69 | |||
70 | nginx: |
|
70 | nginx: | |
71 | networks: |
|
71 | networks: | |
72 | - rhodecode_network |
|
72 | - rhodecode_network | |
73 | image: library/nginx:1.23.3 |
|
73 | image: library/nginx:1.23.3 | |
74 |
|
74 | |||
75 | restart: always |
|
75 | restart: always | |
76 |
|
76 | |||
77 | environment: |
|
77 | environment: | |
78 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 |
|
78 | NGINX_ENTRYPOINT_QUIET_LOGS: 1 | |
79 | env_file: |
|
79 | env_file: | |
80 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
80 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
81 |
|
81 | |||
82 | healthcheck: |
|
82 | healthcheck: | |
83 | # change port 80 to 443 when only using SSL |
|
83 | # change port 80 to 443 when only using SSL | |
84 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:80/_health" ] |
|
84 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:80/_health" ] | |
85 | timeout: 30s |
|
85 | timeout: 30s | |
86 | interval: 60s |
|
86 | interval: 60s | |
87 | retries: 10 |
|
87 | retries: 10 | |
88 |
|
88 | |||
89 | # depends_on: |
|
89 | # depends_on: | |
90 | # - channelstream |
|
90 | # - channelstream | |
91 |
|
91 | |||
92 | volumes: |
|
92 | volumes: | |
93 | - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro |
|
93 | - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro | |
94 | - ./config/nginx/http.conf:/etc/nginx/http.conf:ro |
|
94 | - ./config/nginx/http.conf:/etc/nginx/http.conf:ro | |
95 | - ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro |
|
95 | - ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro | |
96 | - logvolume:/var/log/rhodecode |
|
96 | - logvolume:/var/log/rhodecode | |
97 | - rc_datavolume:/var/opt/rhodecode_data |
|
97 | - rc_datavolume:/var/opt/rhodecode_data | |
98 |
|
98 | |||
99 | logging: |
|
99 | logging: | |
100 | *custom-logging |
|
100 | *custom-logging | |
101 |
|
101 | |||
102 | labels: |
|
102 | labels: | |
103 | - "traefik.enable=true" |
|
103 | - "traefik.enable=true" | |
104 | - "traefik.http.routers.nginx.entrypoints=http" |
|
104 | - "traefik.http.routers.nginx.entrypoints=http" | |
105 | - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && ( PathPrefix(`/_health`) || PathPrefix(`/_channelstream`) || PathPrefix(`/_static/rhodecode`) )" |
|
105 | - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && ( PathPrefix(`/_health`) || PathPrefix(`/_channelstream`) || PathPrefix(`/_static/rhodecode`) )" | |
106 | - "traefik.http.services.nginx.loadbalancer.server.port=80" |
|
106 | - "traefik.http.services.nginx.loadbalancer.server.port=80" | |
107 |
|
107 | |||
108 | elasticsearch: |
|
108 | elasticsearch: | |
109 | networks: |
|
109 | networks: | |
110 | - rhodecode_network |
|
110 | - rhodecode_network | |
111 | image: elasticsearch:6.8.23 |
|
111 | image: elasticsearch:6.8.23 | |
112 |
|
112 | |||
113 | environment: |
|
113 | environment: | |
114 | - cluster.name=elasticsearch-cluster |
|
114 | - cluster.name=elasticsearch-cluster | |
115 | - network.host=0.0.0.0 |
|
115 | - network.host=0.0.0.0 | |
116 | - bootstrap.memory_lock=true |
|
116 | - bootstrap.memory_lock=true | |
117 | - discovery.type=single-node |
|
117 | - discovery.type=single-node | |
118 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" |
|
118 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" | |
119 | env_file: |
|
119 | env_file: | |
120 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
120 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
121 | healthcheck: |
|
121 | healthcheck: | |
122 | # change port 80 to 443 when only using SSL |
|
122 | # change port 80 to 443 when only using SSL | |
123 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ] |
|
123 | test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ] | |
124 | timeout: 30s |
|
124 | timeout: 30s | |
125 | interval: 60s |
|
125 | interval: 60s | |
126 | retries: 10 |
|
126 | retries: 10 | |
127 |
|
127 | |||
128 | ulimits: |
|
128 | ulimits: | |
129 | memlock: |
|
129 | memlock: | |
130 | soft: -1 |
|
130 | soft: -1 | |
131 | hard: -1 |
|
131 | hard: -1 | |
132 |
|
132 | |||
133 | volumes: |
|
133 | volumes: | |
134 | - es_data:/usr/share/elasticsearch/data |
|
134 | - es_data:/usr/share/elasticsearch/data | |
135 |
|
135 | |||
136 | logging: |
|
136 | logging: | |
137 | *custom-logging |
|
137 | *custom-logging | |
138 |
|
138 | |||
139 | profiles: |
|
139 | profiles: | |
140 | ["elasticsearch"] |
|
140 | ["elasticsearch"] | |
141 |
|
141 | |||
142 | redis: |
|
142 | redis: | |
143 | networks: |
|
143 | networks: | |
144 | - rhodecode_network |
|
144 | - rhodecode_network | |
145 | image: library/redis:7.0.6 |
|
145 | image: library/redis:7.0.6 | |
146 |
|
146 | |||
147 | restart: always |
|
147 | restart: always | |
148 | env_file: |
|
148 | env_file: | |
149 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
149 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
150 | command: |
|
150 | command: | |
151 | - "redis-server" |
|
151 | - "redis-server" | |
152 | - "/etc/redis/redis.conf" |
|
152 | - "/etc/redis/redis.conf" | |
153 | - "--maxmemory-policy allkeys-lru" |
|
153 | - "--maxmemory-policy allkeys-lru" | |
154 | - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}" |
|
154 | - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}" | |
155 |
|
155 | |||
156 | # ports: |
|
156 | # ports: | |
157 | # - "127.0.0.1::6379" |
|
157 | # - "127.0.0.1::6379" | |
158 |
|
158 | |||
159 | healthcheck: |
|
159 | healthcheck: | |
160 | test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ] |
|
160 | test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ] | |
161 | interval: 60s |
|
161 | interval: 60s | |
162 |
|
162 | |||
163 | volumes: |
|
163 | volumes: | |
164 | - ./config/redis/redis.conf:/etc/redis/redis.conf:ro |
|
164 | - ./config/redis/redis.conf:/etc/redis/redis.conf:ro | |
165 | - logvolume:/var/log/rhodecode |
|
165 | - logvolume:/var/log/rhodecode | |
166 | - redis_data:/data |
|
166 | - redis_data:/data | |
167 |
|
167 | |||
168 | profiles: |
|
168 | profiles: | |
169 | ["redis"] |
|
169 | ["redis"] | |
170 |
|
170 | |||
171 | logging: |
|
171 | logging: | |
172 | *custom-logging |
|
172 | *custom-logging | |
173 |
|
173 | |||
174 | database: |
|
174 | database: | |
175 | networks: |
|
175 | networks: | |
176 | - rhodecode_network |
|
176 | - rhodecode_network | |
177 | image: library/postgres:14.6 |
|
177 | image: library/postgres:14.6 | |
178 |
|
178 | |||
179 | environment: |
|
179 | environment: | |
180 | POSTGRES_DB: ${DB_NAME:?must-specify-db-name} |
|
180 | POSTGRES_DB: ${DB_NAME:?must-specify-db-name} | |
181 | POSTGRES_USER: ${DB_USER:?must-specify-db-user} |
|
181 | POSTGRES_USER: ${DB_USER:?must-specify-db-user} | |
182 | PGUSER: ${DB_USER:?must-specify-db-user} |
|
182 | PGUSER: ${DB_USER:?must-specify-db-user} | |
183 | POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
183 | POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
184 | POSTGRES_HOST_AUTH_METHOD: md5 |
|
184 | POSTGRES_HOST_AUTH_METHOD: md5 | |
185 | POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5" |
|
185 | POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5" | |
186 | env_file: |
|
186 | env_file: | |
187 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
187 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
188 |
|
188 | |||
189 | restart: always |
|
189 | restart: always | |
190 | command: |
|
190 | command: | |
191 | - "postgres" |
|
191 | - "postgres" | |
192 | - "-c" |
|
192 | - "-c" | |
193 | - "log_statement=ddl" |
|
193 | - "log_statement=ddl" | |
194 | - "-c" |
|
194 | - "-c" | |
195 | - "config_file=/etc/conf.d/pg_customized.conf" |
|
195 | - "config_file=/etc/conf.d/pg_customized.conf" | |
196 |
|
196 | |||
197 | # ports: |
|
197 | # ports: | |
198 | # - "127.0.0.1::5432" |
|
198 | # - "127.0.0.1::5432" | |
199 |
|
199 | |||
200 | healthcheck: |
|
200 | healthcheck: | |
201 | test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"] |
|
201 | test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"] | |
202 | interval: 10s |
|
202 | interval: 10s | |
203 | timeout: 5s |
|
203 | timeout: 5s | |
204 | retries: 5 |
|
204 | retries: 5 | |
205 |
|
205 | |||
206 | volumes: |
|
206 | volumes: | |
207 | - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro |
|
207 | - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro | |
208 | # db dumps reverse mount |
|
208 | # db dumps reverse mount | |
209 | - $PWD/.custom/db_dump:/var/rc-data-dump |
|
209 | - $PWD/.custom/db_dump:/var/rc-data-dump | |
210 | # save the pg_data volume |
|
210 | # save the pg_data volume | |
211 | - pg_data:/var/lib/postgresql/data |
|
211 | - pg_data:/var/lib/postgresql/data | |
212 | - logvolume:/var/log/rhodecode |
|
212 | - logvolume:/var/log/rhodecode | |
213 |
|
213 | |||
214 | profiles: |
|
214 | profiles: | |
215 | ["postgres"] |
|
215 | ["postgres"] | |
216 |
|
216 | |||
217 | logging: |
|
217 | logging: | |
218 | *custom-logging |
|
218 | *custom-logging | |
219 |
|
219 | |||
220 | database-mysql: |
|
220 | database-mysql: | |
221 | networks: |
|
221 | networks: | |
222 | - rhodecode_network |
|
222 | - rhodecode_network | |
223 | image: library/mysql:8.0.31 |
|
223 | image: library/mysql:8.0.31 | |
224 |
|
224 | |||
225 | environment: |
|
225 | environment: | |
226 | MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name} |
|
226 | MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name} | |
227 | MYSQL_USER: ${DB_USER:?must-specify-db-user} |
|
227 | MYSQL_USER: ${DB_USER:?must-specify-db-user} | |
228 | MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
228 | MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
229 | MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} |
|
229 | MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} | |
230 | env_file: |
|
230 | env_file: | |
231 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
231 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
232 |
|
232 | |||
233 | restart: always |
|
233 | restart: always | |
234 |
|
234 | |||
235 | # ports: |
|
235 | # ports: | |
236 | # - "127.0.0.1::3306" |
|
236 | # - "127.0.0.1::3306" | |
237 |
|
237 | |||
238 | volumes: |
|
238 | volumes: | |
239 | - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro |
|
239 | - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro | |
240 | # save the mysql_data volume |
|
240 | # save the mysql_data volume | |
241 | - $PWD/mysql_dir:/var/lib/mysql |
|
241 | - $PWD/mysql_dir:/var/lib/mysql | |
242 | - logvolume:/var/log/rhodecode |
|
242 | - logvolume:/var/log/rhodecode | |
243 |
|
243 | |||
244 | profiles: |
|
244 | profiles: | |
245 | ["mysql"] |
|
245 | ["mysql"] | |
246 |
|
246 | |||
247 | logging: |
|
247 | logging: | |
248 | *custom-logging |
|
248 | *custom-logging |
@@ -1,33 +1,42 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | services: |
|
3 | services: | |
4 |
|
4 | |||
5 | rhodecode: |
|
5 | rhodecode: | |
6 | ports: |
|
6 | #ports: | |
7 | - "10020:10020" |
|
7 | # # expose port for optional direct port connection | |
|
8 | # - "10020:10020" | |||
8 | environment: |
|
9 | environment: | |
9 | DB_UPGRADE: 0 # run the DB upgrade |
|
10 | DB_UPGRADE: 0 # run the DB upgrade | |
10 | SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run |
|
11 | SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run | |
11 |
|
12 | |||
|
13 | #healthcheck: | |||
|
14 | # # disable the healthcheck | |||
|
15 | # test: ['CMD','true'] | |||
|
16 | ||||
12 | deploy: |
|
17 | deploy: | |
13 | replicas: 1 |
|
18 | replicas: 1 | |
14 |
|
19 | |||
15 | vcsserver: |
|
20 | vcsserver: | |
16 |
|
21 | |||
17 | environment: |
|
22 | environment: | |
18 | {} |
|
23 | {} | |
19 |
|
24 | |||
20 | deploy: |
|
25 | deploy: | |
21 | replicas: 1 |
|
26 | replicas: 1 | |
22 |
|
27 | |||
|
28 | #healthcheck: | |||
|
29 | # # disable the healthcheck | |||
|
30 | # test: ['CMD','true'] | |||
|
31 | ||||
23 | sshd: |
|
32 | sshd: | |
24 | {} |
|
33 | {} | |
25 |
|
34 | |||
26 | svn: |
|
35 | svn: | |
27 | {} |
|
36 | {} | |
28 |
|
37 | |||
29 | celery-beat: |
|
38 | celery-beat: | |
30 | {} |
|
39 | {} | |
31 |
|
40 | |||
32 | celery: |
|
41 | celery: | |
33 | {} |
|
42 | {} |
General Comments 0
You need to be logged in to leave comments.
Login now