version: '3.9' x-logging: &custom-logging # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions # NOTE: loki logging driver ONLY works for host type networks... driver: loki options: #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" loki-retries: "5" loki-timeout: "1s" loki-max-backoff: "800ms" services: # base shared options for RhodeCode type services common_base: image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} stdin_open: true tty: true restart: always deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up replicas: 0 networks: - rhodecode_network extra_hosts: - "host.docker.internal:host-gateway" volumes: - confvolume:/etc/rhodecode/conf - rc_reposvolume:/var/opt/rhodecode_repo_store - rc_datavolume:/var/opt/rhodecode_data logging: *custom-logging # base definition WITHOUT labels to full control over override and custom service # main rhodecode will use extends + service from that base rhodecode_base: extends: service: common_base env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "/usr/local/bin/rhodecode_bin/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf/rhodecode.ini", "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" ] build: context: . dockerfile: service/rhodecode/rhodecode_5.dockerfile args: TZ: ${TZ:-UTC} RHODECODE_VERSION: ${RC_VERSION:-4.28.0} RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} environment: RC_APP_TYPE: rhodecode_http RC_APP_PROC: 1 RC_APP_PORT: "10020" SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" GEVENT_RESOLVER: "ares" GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" DB_UPGRADE: 1 # run the DB upgrade SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini # SVN Specific MOD_DAV_SVN_PORT: 8090 MOD_DAV_SVN_LOG_LEVEL: info APACHE_LOG_DIR: /var/log MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf healthcheck: test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping # requires docker engine 25 #start_period: 2m #start_interval: 5s interval: 60s timeout: 30s retries: 10 tmpfs: - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} rhodecode: # depends_on: # - redis # - database # - channelstream # ports: # - "127.0.0.1::10020" extends: service: rhodecode_base deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up # replicas of rhodecode and vcsserver should be equal in most cases replicas: 1 volumes: - ./.custom/static_files:/var/opt/rhodecode_static_data labels: - "autoheal=true" - "traefik.enable=true" - "traefik.http.routers.rhodecode.entrypoints=http" - "traefik.http.routers.rhodecode.priority=10" - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" - "traefik.http.routers.rhodecode.service=rhodecode-web" - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml #- "traefik.http.routers.rhodecode.entrypoints=http,https" vcsserver: # depends_on: # - redis # ports: # - "127.0.0.1::10010" extends: service: common_base env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf/vcsserver.ini", "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" ] deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up # replicas of rhodecode and vcsserver should be equal in most cases replicas: 1 environment: RC_APP_TYPE: rhodecode_vcsserver RC_APP_PROC: 1 RC_APP_PORT: "10010" MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" healthcheck: test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status timeout: 30s start_period: 5s interval: 60s retries: 10 labels: - "autoheal=true" celery: extends: service: common_base # depends_on: # - database # - redis env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "/usr/local/bin/rhodecode_bin/bin/celery", "--no-color", "--app=rhodecode.lib.celerylib.loader", "worker", "--autoscale=20,2", "--task-events", "--loglevel=DEBUG", "--ini=/etc/rhodecode/conf/rhodecode.ini" ] deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up replicas: 1 environment: RC_APP_TYPE: rhodecode_celery RC_APP_PROC: 1 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" labels: - "autoheal=true" celery-beat: extends: service: common_base # depends_on: # - database # - redis env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "/usr/local/bin/rhodecode_bin/bin/celery", "--no-color", "--app=rhodecode.lib.celerylib.loader", "beat", "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", "--loglevel=DEBUG", "--ini=/etc/rhodecode/conf/rhodecode.ini" ] deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up replicas: 1 environment: RC_APP_TYPE: rhodecode_beat RC_APP_PROC: 1 MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" labels: - "autoheal=true" svn: extends: service: common_base # depends_on: # - database # - redis # build: # context: . # dockerfile: service/svn/rhodecode_svn.dockerfile # args: # APACHE_VER: 1.3 env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "apachectl", "-D", "FOREGROUND" ] deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up replicas: 1 environment: RC_APP_TYPE: rhodecode_svn # SVN Specific APACHE_LOG_DIR: /var/log MOD_DAV_SVN_PORT: 8090 MOD_DAV_SVN_LOG_LEVEL: info MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf # image specific, can be skipped, as the info is stored inside the image #MOD_DAV_CORE_MODULES_DIR: /home/rhodecode/apache2/modules/ #MOD_DAV_SVN_MODULE: /home/rhodecode/apache2/modules/mod_dav.so healthcheck: test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status timeout: 30s interval: 60s retries: 10 # ports: # - "127.0.0.1::8090" labels: - "autoheal=true" sshd: extends: service: common_base # depends_on: # - database # - redis env_file: - ${RC_ENV_FILE:?must-specify-rc-env-file} command: [ "/usr/sbin/sshd", "-f", "/etc/rhodecode/sshd_config", "-D", "-e" ] deploy: # override this in .custom/docker-compose-apps.override.yaml to scale up replicas: 1 environment: RC_APP_TYPE: rhodecode_sshd SSH_BOOTSTRAP: 1 SSH_ENSURE_PERMS: 1 healthcheck: # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused test: /usr/bin/ssh -p$${RC_SSH_PORT} -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null timeout: 30s interval: 60s retries: 10 # ports: # # 9022 is set from .env file too. # - "9022:$RC_SSH_PORT" labels: - "autoheal=true" - "traefik.enable=true" - "traefik.tcp.routers.sshd.entrypoints=ssh" - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" - "traefik.tcp.routers.sshd.service=rhodecode-ssh" - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT}"