version: '3.9' volumes: # bind volume with logs # note this is used as well to scrape logs using promtail # any changes here should be made as well into docker-compose-grafana.yaml file logvolume: driver: local driver_opts: type: none o: bind device: $PWD/logs # bind-mount with configs confvolume: driver: local driver_opts: type: none o: bind device: $PWD/config # volume for rhodecode caches, archive caches, elasticsearch etc datavolume: {} # volume for RhodeCode repo-store, it's where the repositories will be stored rhodecode_repos: labels: "keep": 1 # volume for Postgres db store pg_data: labels: "keep": 1 # volume for MySQL db store mysql_data: labels: "keep": 1 # volume for rhodecode elasticsearch es_data: labels: "keep": 1 networks: rhodecode_network: name: rhodecode_network driver: bridge services: rhodecode: networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: [ "/var/opt/rhodecode_bin/bin/gunicorn", "--name=gunicorn-rhodecode-1", "--error-logfile=-", "--paster=/etc/rhodecode/conf/compose/rhodecode.optimized.ini", "--config=/etc/rhodecode/conf/gunicorn_conf.py" ] ports: - "127.0.0.1::10020" build: context: . dockerfile: service/rhodecode/rhodecode.dockerfile args: TZ: ${TZ} RHODECODE_VERSION: ${RC_VERSION:?specify-RC_VERSION-env-var} RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} environment: RC_APP_TYPE: rhodecode_http RC_APP_PROC: 1 ENV_RC_BASE_URL: ${RHODECODE_BASE_URL} SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" GEVENT_RESOLVER: "ares" DB_UPGRADE: 1 # run the DB upgrade SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application MAIN_INI_PATH: /etc/rhodecode/conf/compose/rhodecode.optimized.ini # SVN Specific MOD_DAV_SVN_PORT: 8090 APACHE_LOG_DIR: /var/log/rhodecode/svn MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf healthcheck: test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ] timeout: 30s interval: 60s retries: 10 depends_on: - database - redis - channelstream volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store - datavolume:/var/opt/rhodecode_data tmpfs: - /data_ramdisk:size=1G vcsserver: networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: [ "/home/rhodecode/.rccontrol/vcsserver-1/profile/bin/gunicorn", "--name=gunicorn-vcsserver-1", "--error-logfile=-", "--paster=/etc/rhodecode/conf/compose/vcsserver.optimized.ini", "--config=/etc/rhodecode/conf/gunicorn_conf.py" ] ports: - "127.0.0.1::10010" healthcheck: test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10010/status" ] timeout: 30s interval: 60s retries: 10 environment: RC_APP_TYPE: rhodecode_vcsserver RC_APP_PROC: 1 MAIN_INI_PATH: /etc/rhodecode/conf/compose/vcsserver.optimized.ini ENV_RC_BASE_URL: ${RHODECODE_BASE_URL} SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" depends_on: - redis volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store - datavolume:/var/opt/rhodecode_data celery: networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: [ "/var/opt/rhodecode_bin/bin/celery", "worker", "--task-events", "--autoscale=10,2", "--no-color", "--app=rhodecode.lib.celerylib.loader", "--loglevel=DEBUG", "--ini=/etc/rhodecode/conf/compose/rhodecode.optimized.ini" ] environment: RC_APP_TYPE: rhodecode_celery RC_APP_PROC: 1 MAIN_INI_PATH: /etc/rhodecode/conf/compose/rhodecode.optimized.ini ENV_RC_BASE_URL: ${RHODECODE_BASE_URL} SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" depends_on: - database - redis volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store - datavolume:/var/opt/rhodecode_data beat: # This service is not scalable networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: [ "/var/opt/rhodecode_bin/bin/celery", "beat", "--no-color", "--app=rhodecode.lib.celerylib.loader", "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", "--loglevel=DEBUG", "--ini=/etc/rhodecode/conf/compose/rhodecode.optimized.ini" ] environment: RC_APP_TYPE: rhodecode_beat RC_APP_PROC: 1 MAIN_INI_PATH: /etc/rhodecode/conf/compose/rhodecode.optimized.ini ENV_RC_BASE_URL: ${RHODECODE_BASE_URL} SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" depends_on: - database - redis volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store - datavolume:/var/opt/rhodecode_data svn: networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: ["apachectl", "-D", "FOREGROUND"] environment: RC_APP_TYPE: rhodecode_svn # SVN Specific MOD_DAV_SVN_PORT: 8090 APACHE_LOG_DIR: /var/log/rhodecode/svn MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf ports: - "127.0.0.1::8090" healthcheck: test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:8090/_server_status" ] timeout: 30s interval: 60s retries: 10 volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store sshd: networks: - rhodecode_network image: rhodecode/app:${RC_VERSION:?specify-RC_VERSION-env-var} stdin_open: true tty: true restart: unless-stopped command: ["/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e"] environment: RC_APP_TYPE: rhodecode_sshd SSH_BOOTSTRAP: 1 ports: # set from .env file - "${RC_SSH_PORT:?must-specify-ssh-port}:22" volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - rhodecode_repos:/var/opt/rhodecode_repo_store - datavolume:/var/opt/rhodecode_data elasticsearch: networks: - rhodecode_network image: docker.elastic.co/elasticsearch/elasticsearch:6.8.23 environment: - cluster.name=elasticsearch-cluster - network.host=0.0.0.0 - bootstrap.memory_lock=true - discovery.type=single-node - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 hard: -1 volumes: - es_data:/usr/share/elasticsearch/data channelstream: networks: - rhodecode_network image: channelstream/channelstream:0.7.1 restart: unless-stopped ports: - "127.0.0.1:9800:9800" command: ["channelstream", "-i", "/etc/rhodecode/conf/compose/channelstream.ini"] environment: CHANNELSTREAM_ALLOW_POSTING_FROM: 0.0.0.0 healthcheck: test: [ "CMD", "curl", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:9800/admin/sign_in" ] timeout: 30s interval: 60s retries: 10 volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode redis: networks: - rhodecode_network image: rhodecode/redis:7.0.5 build: context: . dockerfile: service/redis/rhodecode_redis.dockerfile args: REDIS_BUILD: 7.0.5 restart: unless-stopped ports: - "127.0.0.1::6379" volumes: - logvolume:/var/log/rhodecode - datavolume:/var/opt/rhodecode_data database: networks: - rhodecode_network image: rhodecode/database:13.8 build: context: . dockerfile: service/database/rhodecode_database.dockerfile args: POSTGRES_BUILD: 13.8 environment: POSTGRES_DB: ${DB_NAME:?must-specify-db-name} POSTGRES_USER: ${DB_USER:?must-specify-db-user} POSTGRES_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} POSTGRES_HOST_AUTH_METHOD: md5 restart: unless-stopped ports: - "127.0.0.1::5432" volumes: # save the pg_data volume - pg_data:/var/lib/postgresql/data - logvolume:/var/log/rhodecode database-mysql: networks: - rhodecode_network image: rhodecode/database_mysql:8.0.30 build: context: . dockerfile: service/database/rhodecode_database_mysql.dockerfile args: MYSQL_BUILD: 8.0.30 environment: MYSQL_DATABASE: ${DB_NAME:?must-specify-db-name} MYSQL_USER: ${DB_USER:?must-specify-db-user} MYSQL_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} MYSQL_ROOT_PASSWORD: ${DB_PASSWORD:?must-specify-db-password} restart: unless-stopped ports: - "127.0.0.1::3306" volumes: # save the mysql_data volume - mysql_data:/var/lib/mysql - logvolume:/var/log/rhodecode nginx: networks: - rhodecode_network image: rhodecode/nginx:1.23.2 build: context: . dockerfile: service/nginx/rhodecode_nginx.dockerfile args: NGINX_BUILD: 1.23.2 restart: unless-stopped ports: # set from .env file - "${RC_HTTP_PORT:?must-specify-http-port}:80" - "${RC_HTTPS_PORT:?must-specify-https-port}:443" healthcheck: # change port 80 to 443 when only using SSL test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:80/_admin/ops/ping" ] timeout: 30s interval: 60s retries: 10 depends_on: - channelstream volumes: - confvolume:/etc/rhodecode/conf - logvolume:/var/log/rhodecode - datavolume:/var/opt/rhodecode_data