rhodecode-enterprise-docker Commit - r262:fe797f50

1

version: '3.9'

1

version: '3.9'

2

3

x-logging: &custom-logging

3

x-logging: &custom-logging

4

# docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions

4

# docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions

5

# NOTE: loki logging driver ONLY works for host type networks...

5

# NOTE: loki logging driver ONLY works for host type networks...

6

driver: loki

6

driver: loki

7

options:

7

options:

8

#loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"

8

#loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"

9

loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"

9

loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"

10

loki-retries: "5"

10

loki-retries: "5"

11

loki-timeout: "1s"

11

loki-timeout: "1s"

12

loki-max-backoff: "800ms"

12

loki-max-backoff: "800ms"

13

14

volumes:

14

volumes:

15

16

# volume for redis data store

16

# volume for redis data store

17

redis_data:

17

redis_data:

18

labels:

18

labels:

19

"keep": 1

19

"keep": 1

20

21

# volume for Postgres db store

21

# volume for Postgres db store

22

23

# volume for Postgres Data

23

# volume for Postgres Data

24

pg_data:

24

pg_data:

25

labels:

25

labels:

26

"keep": 1

26

"keep": 1

27

28

# volume for rhodecode elasticsearch

28

# volume for rhodecode elasticsearch

29

es_data:

29

es_data:

30

labels:

30

labels:

31

"keep": 1

31

"keep": 1

32

33

services:

33

services:

34

35

channelstream:

35

channelstream:

36

networks:

36

networks:

37

- rhodecode_network

37

- rhodecode_network

38

image: channelstream/channelstream:0.7.1

38

image: channelstream/channelstream:0.7.1

39

40

restart: always

40

restart: always

41

42

# ports:

42

# ports:

43

# - "127.0.0.1:8000:8000"

43

# - "127.0.0.1:8000:8000"

44

env_file:

44

env_file:

45

- ${RC_ENV_FILE:?must-specify-rc-env-file}

45

- ${RC_ENV_FILE:?must-specify-rc-env-file}

46

command: ["channelstream"]

46

command: ["channelstream"]

47

48

healthcheck:

48

healthcheck:

49

test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ]

49

test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ]

50

timeout: 5s

50

timeout: 5s

51

interval: 60s

51

interval: 60s

52

retries: 10

52

retries: 10

53

54

volumes:

54

volumes:

55

- confvolume:/etc/rhodecode/conf

55

- confvolume:/etc/rhodecode/conf

56

57

logging:

57

logging:

58

*custom-logging

58

*custom-logging

59

60

labels:

60

labels:

61

- "traefik.enable=true"

61

- "traefik.enable=true"

62

- "traefik.http.routers.channelstream.entrypoints=http"

62

- "traefik.http.routers.channelstream.entrypoints=http"

63

- "traefik.http.routers.channelstream.priority=20"

63

- "traefik.http.routers.channelstream.priority=20"

64

- "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)"

64

- "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)"

65

- "traefik.http.routers.channelstream.service=channelstream-web"

65

- "traefik.http.routers.channelstream.service=channelstream-web"

66

- "traefik.http.routers.channelstream.middlewares=strip-cs"

66

- "traefik.http.routers.channelstream.middlewares=strip-cs"

67

- "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream"

67

- "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream"

68

- "traefik.http.services.channelstream-web.loadbalancer.server.port=8000"

68

- "traefik.http.services.channelstream-web.loadbalancer.server.port=8000"

69

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

69

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

70

#- "traefik.http.routers.channelstream.entrypoints=http,https"

70

#- "traefik.http.routers.channelstream.entrypoints=http,https"

71

72

profiles:

72

profiles:

73

["channelstream"]

73

["channelstream"]

74

75

nginx-statics:

75

nginx-statics:

76

77

# used to serve static files

77

# used to serve static files

78

networks:

78

networks:

79

- rhodecode_network

79

- rhodecode_network

80

image: library/nginx:1.25.2

80

image: library/nginx:1.25.2

81

82

restart: always

82

restart: always

83

84

environment:

84

environment:

85

NGINX_ENTRYPOINT_QUIET_LOGS: 1

85

NGINX_ENTRYPOINT_QUIET_LOGS: 1

86

env_file:

86

env_file:

87

- ${RC_ENV_FILE:?must-specify-rc-env-file}

87

- ${RC_ENV_FILE:?must-specify-rc-env-file}

88

89

healthcheck:

89

healthcheck:

90

# change port 80 to 443 when only using SSL

90

# change port 80 to 443 when only using SSL

91

test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "--fail", "http://127.0.0.1:80/_health_static", "||", "exit 1" ]

91

test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "--fail", "http://127.0.0.1:80/_health_static", "||", "exit 1" ]

92

timeout: 30s

92

timeout: 30s

93

interval: 60s

93

interval: 60s

94

retries: 10

94

retries: 10

95

96

# depends_on:

96

# depends_on:

97

# - channelstream

97

# - channelstream

98

99

volumes:

99

volumes:

100

- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro

100

- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro

101

- ./config/nginx/http.conf:/etc/nginx/http.conf:ro

101

- ./config/nginx/http.conf:/etc/nginx/http.conf:ro

102

- ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro

102

- ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro

103

- ./.custom/static_files:/var/opt/rhodecode_static_data

103

- ./.custom/static_files:/var/opt/rhodecode_static_data

104

- rc_datavolume:/var/opt/rhodecode_data

104

- rc_datavolume:/var/opt/rhodecode_data

105

106

logging:

106

logging:

107

*custom-logging

107

*custom-logging

108

109

labels:

109

labels:

110

- "traefik.enable=true"

110

- "traefik.enable=true"

111

- "traefik.http.routers.nginx.entrypoints=http"

111

- "traefik.http.routers.nginx.entrypoints=http"

112

- "traefik.http.routers.nginx.priority=40"

112

- "traefik.http.routers.nginx.priority=40"

113

- "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`)"

113

- "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`)"

114

- "traefik.http.routers.nginx.service=nginx-serv"

114

- "traefik.http.routers.nginx.service=nginx-serv"

115

- "traefik.http.services.nginx-serv.loadbalancer.server.port=80"

115

- "traefik.http.services.nginx-serv.loadbalancer.server.port=80"

116

117

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

117

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

118

#- "traefik.http.routers.error-router.entrypoints=http, https"

118

#- "traefik.http.routers.error-router.entrypoints=http, https"

119

120

nginx-errors:

120

nginx-errors:

121

networks:

121

networks:

122

- rhodecode_network

122

- rhodecode_network

123

image: library/nginx:1.25.2

123

image: library/nginx:1.25.2

124

125

restart: always

125

restart: always

126

127

environment:

127

environment:

128

NGINX_ENTRYPOINT_QUIET_LOGS: 1

128

NGINX_ENTRYPOINT_QUIET_LOGS: 1

129

130

env_file:

130

env_file:

131

- ${RC_ENV_FILE:?must-specify-rc-env-file}

131

- ${RC_ENV_FILE:?must-specify-rc-env-file}

132

133

volumes:

133

volumes:

134

- ./config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro

134

- ./config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro

135

- ./config/nginx/error_pages:/etc/nginx/error_pages

135

- ./config/nginx/error_pages:/etc/nginx/error_pages

136

137

- rc_datavolume:/var/opt/rhodecode_data

137

- rc_datavolume:/var/opt/rhodecode_data

138

139

labels:

139

labels:

140

- "traefik.enable=true"

140

- "traefik.enable=true"

141

142

# error-middleware

142

# error-middleware

143

- "traefik.http.middlewares.error-pages-middleware.errors.status=404"

143

- "traefik.http.middlewares.error-pages-middleware.errors.status=404"

144

- "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service"

144

- "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service"

145

- "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"

145

- "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"

146

147

# error handling router

147

# error handling router

148

- "traefik.http.routers.error-router.entrypoints=http"

148

- "traefik.http.routers.error-router.entrypoints=http"

149

- "traefik.http.routers.error-router.priority=5"

149

- "traefik.http.routers.error-router.priority=5"

150

- "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"

150

- "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"

151

- "traefik.http.routers.error-router.service=error-pages-service"

151

- "traefik.http.routers.error-router.service=error-pages-service"

152

- "traefik.http.routers.error-router.middlewares=error-pages-middleware"

152

- "traefik.http.routers.error-router.middlewares=error-pages-middleware"

153

154

- "traefik.http.services.error-pages-service.loadbalancer.server.port=80"

154

- "traefik.http.services.error-pages-service.loadbalancer.server.port=80"

155

156

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

156

# HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml

157

#- "traefik.http.routers.error-router.entrypoints=http, https"

157

#- "traefik.http.routers.error-router.entrypoints=http, https"

158

159

elasticsearch:

159

elasticsearch:

160

networks:

160

networks:

161

- rhodecode_network

161

- rhodecode_network

162

image: elasticsearch:6.8.23

162

image: elasticsearch:6.8.23

163

restart: always

163

restart: always

164

environment:

164

environment:

165

- cluster.name=elasticsearch-cluster

165

- cluster.name=elasticsearch-cluster

166

- network.host=0.0.0.0

166

- network.host=0.0.0.0

167

- bootstrap.memory_lock=true

167

- bootstrap.memory_lock=true

168

- discovery.type=single-node

168

- discovery.type=single-node

169

- "ES_JAVA_OPTS=-Xms512m -Xmx512m"

169

- "ES_JAVA_OPTS=-Xms512m -Xmx512m"

170

env_file:

170

env_file:

171

- ${RC_ENV_FILE:?must-specify-rc-env-file}

171

- ${RC_ENV_FILE:?must-specify-rc-env-file}

172

healthcheck:

172

healthcheck:

173

# change port 80 to 443 when only using SSL

173

# change port 80 to 443 when only using SSL

174

test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ]

174

test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ]

175

timeout: 30s

175

timeout: 30s

176

interval: 60s

176

interval: 60s

177

retries: 10

177

retries: 10

178

179

ulimits:

179

# compat problems within some systems on settings those

180

memlock:

180

#ulimits:

181

soft: -1

181

#memlock:

182

~~hard~~: -1

182

#soft: -1

183

#hard: -1

183

184

volumes:

185

volumes:

185

- es_data:/usr/share/elasticsearch/data

186

- es_data:/usr/share/elasticsearch/data

186

187

logging:

188

logging:

188

*custom-logging

189

*custom-logging

189

190

profiles:

191

profiles:

191

["elasticsearch"]

192

["elasticsearch"]

192

193

redis:

194

redis:

194

networks:

195

networks:

195

- rhodecode_network

196

- rhodecode_network

196

image: library/redis:7.0.12

197

image: library/redis:7.0.12

197

198

restart: always

199

restart: always

199

env_file:

200

env_file:

200

- ${RC_ENV_FILE:?must-specify-rc-env-file}

201

- ${RC_ENV_FILE:?must-specify-rc-env-file}

201

command:

202

command:

202

- "redis-server"

203

- "redis-server"

203

- "/etc/redis/redis.conf"

204

- "/etc/redis/redis.conf"

204

- "--maxmemory-policy allkeys-lru"

205

- "--maxmemory-policy allkeys-lru"

205

- "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}"

206

- "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}"

206

207

# ports:

208

# ports:

208

# - "127.0.0.1::6379"

209

# - "127.0.0.1::6379"

209

210

healthcheck:

211

healthcheck:

211

test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]

212

test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]

212

interval: 60s

213

interval: 60s

213

214

volumes:

215

volumes:

215

- ./config/redis/redis.conf:/etc/redis/redis.conf:ro

216

- ./config/redis/redis.conf:/etc/redis/redis.conf:ro

216

217

- redis_data:/data

218

- redis_data:/data

218

219

profiles:

220

profiles:

220

["redis"]

221

["redis"]

221

222

logging:

223

logging:

223

*custom-logging

224

*custom-logging

224

225

database:

226

database:

226

networks:

227

networks:

227

- rhodecode_network

228

- rhodecode_network

228

image: library/postgres:14.9

229

image: library/postgres:14.9

229

230

environment:

231

environment:

231

POSTGRES_DB: ${DB_NAME:?must-specify-db-name}

232

POSTGRES_DB: ${DB_NAME:?must-specify-db-name}

232

POSTGRES_USER: ${DB_USER:?must-specify-db-user}

233

POSTGRES_USER: ${DB_USER:?must-specify-db-user}

233

PGUSER: ${DB_USER:?must-specify-db-user}

234

PGUSER: ${DB_USER:?must-specify-db-user}

234

POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

235

POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

235

POSTGRES_HOST_AUTH_METHOD: md5

236

POSTGRES_HOST_AUTH_METHOD: md5

236

POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5"

237

POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5"

237

env_file:

238

env_file:

238

- ${RC_ENV_FILE:?must-specify-rc-env-file}

239

- ${RC_ENV_FILE:?must-specify-rc-env-file}

239

240

restart: always

241

restart: always

241

command:

242

command:

242

- "postgres"

243

- "postgres"

243

- "-c"

244

- "-c"

244

- "log_statement=ddl"

245

- "log_statement=ddl"

245

- "-c"

246

- "-c"

246

- "config_file=/etc/conf.d/pg_customized.conf"

247

- "config_file=/etc/conf.d/pg_customized.conf"

247

248

# ports:

249

# ports:

249

# - "127.0.0.1::5432"

250

# - "127.0.0.1::5432"

250

251

healthcheck:

252

healthcheck:

252

test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"]

253

test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"]

253

interval: 10s

254

interval: 10s

254

timeout: 5s

255

timeout: 5s

255

retries: 5

256

retries: 5

256

257

volumes:

258

volumes:

258

- $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro

259

- $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro

259

# db dumps reverse mount

260

# db dumps reverse mount

260

- $PWD/.custom/db_dump:/var/rc-data-dump

261

- $PWD/.custom/db_dump:/var/rc-data-dump

261

# save the pg_data volume

262

# save the pg_data volume

262

- pg_data:/var/lib/postgresql/data

263

- pg_data:/var/lib/postgresql/data

263

264

265

profiles:

266

profiles:

266

["postgres", "database"]

267

["postgres", "database"]

267

268

logging:

269

logging:

269

*custom-logging

270

*custom-logging

270

271

database-mysql:

272

database-mysql:

272

networks:

273

networks:

273

- rhodecode_network

274

- rhodecode_network

274

image: library/mysql:8.0.32

275

image: library/mysql:8.0.32

275

276

environment:

277

environment:

277

MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name}

278

MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name}

278

MYSQL_USER: ${DB_USER:?must-specify-db-user}

279

MYSQL_USER: ${DB_USER:?must-specify-db-user}

279

MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

280

MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

280

MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

281

MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}

281

env_file:

282

env_file:

282

- ${RC_ENV_FILE:?must-specify-rc-env-file}

283

- ${RC_ENV_FILE:?must-specify-rc-env-file}

283

284

restart: always

285

restart: always

285

286

# ports:

287

# ports:

287

# - "127.0.0.1::3306"

288

# - "127.0.0.1::3306"

288

289

volumes:

290

volumes:

290

- ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro

291

- ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro

291

# save the mysql_data volume

292

# save the mysql_data volume

292

- $PWD/mysql_dir:/var/lib/mysql

293

- $PWD/mysql_dir:/var/lib/mysql

293

294

profiles:

295

profiles:

295

["mysql"]

296

["mysql"]

296

297

logging:

298

logging:

298

*custom-logging

299

*custom-logging

299

300

# DEBUG/DEVEL

301

# DEBUG/DEVEL

301

httpbin:

302

httpbin:

302

networks:

303

networks:

303

- rhodecode_network

304

- rhodecode_network

304

image: kennethreitz/httpbin:latest

305

image: kennethreitz/httpbin:latest

305

ports:

306

ports:

306

# expose on 9090 to not block 80 for traefik

307

# expose on 9090 to not block 80 for traefik

307

- "9090:80"

308

- "9090:80"

308

profiles:

309

profiles:

309

["testing"]

310

["testing"]

310

311

restart: always

312

restart: always

312

313

ldap-server:

314

ldap-server:

314

networks:

315

networks:

315

- rhodecode_network

316

- rhodecode_network

316

image: rroemhild/test-openldap:latest

317

image: rroemhild/test-openldap:latest

317

ports:

318

ports:

318

# expose on 10389 (ldap) 10636 (ldaps)

319

# expose on 10389 (ldap) 10636 (ldaps)

319

- "10389:10389"

320

- "10389:10389"

320

- "10636:10636"

321

- "10636:10636"

321

profiles:

322

profiles:

322

["testing"]

323

["testing"]

323

324

restart: always No newline at end of file

325

restart: always

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             version: '3.9'
             x-logging: &custom-logging
               # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions
               # NOTE: loki logging driver ONLY works for host type networks...
               driver: loki
               options:
                 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
                 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
                 loki-retries: "5"
                 loki-timeout: "1s"
                 loki-max-backoff: "800ms"
             volumes:
               # volume for redis data store
               redis_data:
                 labels:
                   "keep": 1
                # volume for Postgres db store
               # volume for Postgres Data
               pg_data:
                 labels:
                   "keep": 1
               # volume for rhodecode elasticsearch
               es_data:
                 labels:
                   "keep": 1
             services:
               channelstream:
                 networks:
                   - rhodecode_network
                 image: channelstream/channelstream:0.7.1
                 restart: always
             #    ports:
             #      - "127.0.0.1:8000:8000"
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 command: ["channelstream"]
                 healthcheck:
                     test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://channelstream:8000/admin/sign_in" ]
                     timeout: 5s
                     interval: 60s
                     retries: 10
                 volumes:
                   - confvolume:/etc/rhodecode/conf
                 logging:
                   *custom-logging
                 labels:
                   - "traefik.enable=true"
                   - "traefik.http.routers.channelstream.entrypoints=http"
                   - "traefik.http.routers.channelstream.priority=20"
                   - "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)"
                   - "traefik.http.routers.channelstream.service=channelstream-web"
                   - "traefik.http.routers.channelstream.middlewares=strip-cs"
                   - "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream"
                   - "traefik.http.services.channelstream-web.loadbalancer.server.port=8000"
                   # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml
                   #- "traefik.http.routers.channelstream.entrypoints=http,https"
                 profiles:
                   ["channelstream"]
               nginx-statics:
                 # used to serve static files
                 networks:
                   - rhodecode_network
                 image: library/nginx:1.25.2
                 restart: always
                 environment:
                   NGINX_ENTRYPOINT_QUIET_LOGS: 1
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 healthcheck:
                   # change port 80 to 443 when only using SSL
                   test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "--fail", "http://127.0.0.1:80/_health_static", "||", "exit 1" ]
                   timeout: 30s
                   interval: 60s
                   retries: 10
             #    depends_on:
             #      - channelstream
                 volumes:
                   - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
                   - ./config/nginx/http.conf:/etc/nginx/http.conf:ro
                   - ./config/nginx/proxy.conf:/etc/nginx/proxy.conf:ro
                   - ./.custom/static_files:/var/opt/rhodecode_static_data
                   - rc_datavolume:/var/opt/rhodecode_data
                 logging:
                   *custom-logging
                 labels:
                   - "traefik.enable=true"
                   - "traefik.http.routers.nginx.entrypoints=http"
                   - "traefik.http.routers.nginx.priority=40"
                   - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`)"
                   - "traefik.http.routers.nginx.service=nginx-serv"
                   - "traefik.http.services.nginx-serv.loadbalancer.server.port=80"
                   # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml
                   #- "traefik.http.routers.error-router.entrypoints=http, https"
               nginx-errors:
                 networks:
                   - rhodecode_network
                 image: library/nginx:1.25.2
                 restart: always
                 environment:
                   NGINX_ENTRYPOINT_QUIET_LOGS: 1
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 volumes:
                   - ./config/nginx/nginx_errors.conf:/etc/nginx/nginx.conf:ro
                   - ./config/nginx/error_pages:/etc/nginx/error_pages
                   - rc_datavolume:/var/opt/rhodecode_data
                 labels:
                   - "traefik.enable=true"
                   # error-middleware
                   - "traefik.http.middlewares.error-pages-middleware.errors.status=404"
                   - "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service"
                   - "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"
                   # error handling router
                   - "traefik.http.routers.error-router.entrypoints=http"
                   - "traefik.http.routers.error-router.priority=5"
                   - "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"
                   - "traefik.http.routers.error-router.service=error-pages-service"
                   - "traefik.http.routers.error-router.middlewares=error-pages-middleware"
                   - "traefik.http.services.error-pages-service.loadbalancer.server.port=80"
                   # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml
                   #- "traefik.http.routers.error-router.entrypoints=http, https"
               elasticsearch:
                 networks:
                   - rhodecode_network
                 image: elasticsearch:6.8.23
                 restart: always
                 environment:
                   - cluster.name=elasticsearch-cluster
                   - network.host=0.0.0.0
                   - bootstrap.memory_lock=true
                   - discovery.type=single-node
                   - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 healthcheck:
                   # change port 80 to 443 when only using SSL
                   test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "elasticsearch:9200/_cat/health" ]
                   timeout: 30s
                   interval: 60s
                   retries: 10
-                ulimits:
+                # compat problems within some systems on settings those
-                  memlock:
+                #ulimits:
-                    soft: -1
+                  #memlock:
-                    hard: -1
+                    #soft: -1
+                    #hard: -1
                 volumes:
                   - es_data:/usr/share/elasticsearch/data
                 logging:
                   *custom-logging
                 profiles:
                   ["elasticsearch"]
               redis:
                 networks:
                   - rhodecode_network
                 image: library/redis:7.0.12
                 restart: always
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 command:
                   - "redis-server"
                   - "/etc/redis/redis.conf"
                   - "--maxmemory-policy allkeys-lru"
                   - "--maxmemory ${RC_REDIS_MAXMEMORY:?must-specify-redis-maxmemory}"
             #    ports:
             #      - "127.0.0.1::6379"
                 healthcheck:
                   test: [ "CMD", "redis-cli", "--raw", "incr", "ping" ]
                   interval: 60s
                 volumes:
                   - ./config/redis/redis.conf:/etc/redis/redis.conf:ro
                   - redis_data:/data
                 profiles:
                   ["redis"]
                 logging:
                   *custom-logging
               database:
                 networks:
                   - rhodecode_network
                 image: library/postgres:14.9
                 environment:
                   POSTGRES_DB: ${DB_NAME:?must-specify-db-name}
                   POSTGRES_USER: ${DB_USER:?must-specify-db-user}
                   PGUSER: ${DB_USER:?must-specify-db-user}
                   POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
                   POSTGRES_HOST_AUTH_METHOD: md5
                   POSTGRES_INITDB_ARGS: "--auth-host=md5 --auth-local=md5"
                 env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                 restart: always
                 command:
                   - "postgres"
                   - "-c"
                   - "log_statement=ddl"
                   - "-c"
                   - "config_file=/etc/conf.d/pg_customized.conf"
             #    ports:
             #      - "127.0.0.1::5432"
                 healthcheck:
                   test: ["CMD-SHELL", "pg_isready", '-U', "$DB_USER"]
                   interval: 10s
                   timeout: 5s
                   retries: 5
                 volumes:
                   - $PWD/config/database/pg_customized.conf:/etc/conf.d/pg_customized.conf:ro
                   # db dumps reverse mount
                   - $PWD/.custom/db_dump:/var/rc-data-dump
                   # save the pg_data volume
                   - pg_data:/var/lib/postgresql/data
                 profiles:
                   ["postgres", "database"]
                 logging:
                   *custom-logging
               database-mysql:
                   networks:
                     - rhodecode_network
                   image: library/mysql:8.0.32
                   environment:
                     MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name}
                     MYSQL_USER: ${DB_USER:?must-specify-db-user}
                     MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
                     MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password}
                   env_file:
                     - ${RC_ENV_FILE:?must-specify-rc-env-file}
                   restart: always
             #      ports:
             #        - "127.0.0.1::3306"
                   volumes:
                     - ./config/database/mysql_customized.conf:/etc/mysql/conf.d/config-file.cnf:ro
                     # save the mysql_data volume
                     - $PWD/mysql_dir:/var/lib/mysql
                   profiles:
                     ["mysql"]
                   logging:
                     *custom-logging
               # DEBUG/DEVEL
               httpbin:
                 networks:
                   - rhodecode_network
                 image: kennethreitz/httpbin:latest
                 ports:
                   # expose on 9090 to not block 80 for traefik
                   - "9090:80"
                 profiles:
                   ["testing"]
                 restart: always
               ldap-server:
                 networks:
                   - rhodecode_network
                 image: rroemhild/test-openldap:latest
                 ports:
                   # expose on 10389 (ldap) 10636 (ldaps)
                   - "10389:10389"
                   - "10636:10636"
                 profiles:
                   ["testing"]
                 restart: always