linux-build/mender-server
1
0
Fork 0
mirror of https://github.com/mendersoftware/mender-server.git synced 2025-03-14 10:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
mender-server/docker-compose.yml
Lluis Campos 81558efd5f chore: Revert Use Virtual Device for OS updates in docker composition" 
This reverts commit 9142d7aab449c043000d65b77cd66390d8ace461.

Once that we have branch out 4.0.x with the old Virtual Device, we can
bring back the Virtual Device for Application Updates to `main` \o/

Ticket: MEN-7789

Signed-off-by: Lluis Campos <lluis.campos@northern.tech>
2025-02-11 10:34:41 +01:00

388 lines
14 KiB
YAML
Raw Permalink Blame History

name: mender
include:
- path: compose/docker-compose.seaweedfs.yml
services:
create-artifact-worker:
build:
context: .
dockerfile: ./backend/services/create-artifact-worker/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/create-artifact-worker:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
depends_on:
- workflows
environment:
CREATE_ARTIFACT_SKIPVERIFY: "true"
WORKFLOWS_MONGO_URL: "mongodb://mongo"
WORKFLOWS_NATS_URI: "nats://nats"
deployments:
build:
context: .
dockerfile: ./backend/services/deployments/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/deployments:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
mongo:
condition: service_started
s3:
condition: service_healthy
environment:
DEPLOYMENTS_PRESIGN_URL_HOSTNAME: "docker.mender.io"
DEPLOYMENTS_PRESIGN_SECRET: "aW5zZWN1cmUgc2VjcmV0"
DEPLOYMENTS_INVENTORY_ADDR: http://inventory:8080
DEPLOYMENTS_MENDER_WORKFLOWS: http://workflows:8080
DEPLOYMENTS_MONGO_URL: "mongodb://mongo"
DEPLOYMENTS_STORAGE_BUCKET: "mender"
DEPLOYMENTS_AWS_URI: "http://s3:8080"
DEPLOYMENTS_AWS_EXTERNAL_URI: "https://s3.docker.mender.io"
DEPLOYMENTS_AWS_AUTH_KEY: "${MENDER_ACCESS_KEY_ID:-mender}"
DEPLOYMENTS_AWS_AUTH_SECRET: "${MENDER_SECRET_ACCESS_KEY:-thisisnotsecure}"
labels:
traefik.enable: "true"
traefik.http.services.deployments.loadBalancer.server.port: "8080"
traefik.http.routers.deploymentsDL.middlewares: "sec-headers@file"
traefik.http.routers.deploymentsDL.rule: >-
PathRegexp(`/api/devices/v[0-9]+/deployments/download`)
traefik.http.routers.deploymentsDL.service: deployments
traefik.http.routers.deploymentsDev.middlewares: "devStack@file"
traefik.http.routers.deploymentsDev.rule: >-
PathRegexp(`/api/devices/v[0-9]+/deployments`)
traefik.http.routers.deploymentsDev.service: deployments
traefik.http.routers.deploymentsMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.deploymentsMgmt.rule: >-
PathRegexp(`/api/management/v[0-9]+/deployments`)
traefik.http.routers.deploymentsMgmt.service: deployments
networks:
default:
aliases: [mender-deployments]
deviceauth:
build:
context: .
dockerfile: ./backend/services/deviceauth/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/deviceauth:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
environment:
DEVICEAUTH_INVENTORY_ADDR: http://inventory:8080
DEVICEAUTH_ORCHESTRATOR_ADDR: http://workflows:8080
DEVICEAUTH_MONGO: "mongodb://mongo"
DEVICEAUTH_SERVER_PRIV_KEY_PATH: "/etc/deviceauth/private.pem"
volumes:
- ./compose/config/mender.pem:/etc/deviceauth/private.pem
labels:
traefik.enable: "true"
traefik.http.services.deviceauth.loadBalancer.server.port: "8080"
traefik.http.routers.deviceauthDev.middlewares: "compression@file"
traefik.http.routers.deviceauthDev.rule: >-
PathRegexp(`/api/devices/v[0-9]+/authentication`)
traefik.http.routers.deviceauthDev.service: deviceauth
traefik.http.routers.deviceauthMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.deviceauthMgmt.rule: >-
PathRegexp(`/api/management/v[0-9]+/devauth`)
traefik.http.routers.deviceauthMgmt.service: deviceauth
networks:
default:
aliases: [mender-deviceauth]
deviceconfig:
build:
context: .
dockerfile: ./backend/services/deviceconfig/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/deviceconfig:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
environment:
DEVICECONFIG_INVENTORY_URI: http://inventory:8080
DEVICECONFIG_WORKFLOWS_URL: http://workflows:8080
DEVICECONFIG_MONGO_URL: "mongodb://mongo"
depends_on:
- mongo
labels:
traefik.enable: "true"
traefik.http.services.deviceconfig.loadBalancer.server.port: "8080"
traefik.http.routers.deviceconfigDev.middlewares: "devStack@file"
traefik.http.routers.deviceconfigDev.rule: >-
PathRegexp(`/api/devices/v[0-9]+/deviceconfig`)
traefik.http.routers.deviceconfigDev.service: deviceconfig
traefik.http.routers.deviceconfigMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.deviceconfigMgmt.rule: >-
PathRegexp(`/api/management/v[0-9]+/deviceconfig`)
traefik.http.routers.deviceconfigMgmt.service: deviceconfig
networks:
default:
aliases: [mender-deviceconfig]
deviceconnect:
build:
context: .
dockerfile: ./backend/services/deviceconnect/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/deviceconnect:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
- nats
environment:
DEVICECONNECT_INVENTORY_URI: http://inventory:8080
DEVICECONNECT_WORKFLOWS_URL: http://workflows:8080
DEVICECONNECT_MONGO_URL: "mongodb://mongo"
DEVICECONNECT_NATS_URL: "mongodb://mongo"
labels:
traefik.enable: "true"
traefik.http.services.deviceconnect.loadBalancer.server.port: "8080"
traefik.http.routers.deviceconnectDev.middlewares: "devStack@file"
traefik.http.routers.deviceconnectDev.rule: >-
PathRegexp(`/api/devices/v[0-9]+/deviceconnect`)
traefik.http.routers.deviceconnectDev.service: deviceconnect
traefik.http.routers.deviceconnectMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.deviceconnectMgmt.rule: >-
PathRegexp(`/api/management/v[0-9]+/deviceconnect`)
traefik.http.routers.deviceconnectMgmt.service: deviceconnect
networks:
default:
aliases: [mender-deviceconnect]
gui:
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/gui:${MENDER_IMAGE_TAG:-latest}
build:
context: ./frontend
restart: on-failure:3
labels:
traefik.enable: "true"
traefik.http.services.gui.loadBalancer.server.port: "8090"
traefik.http.services.error-responder.loadBalancer.server.port: "8080"
traefik.http.routers.gui.middlewares: >-
compression@file,sec-headers@file
traefik.http.routers.gui.priority: 1
traefik.http.routers.gui.rule: PathPrefix(`/`)
traefik.http.routers.gui.service: gui
environment:
HAVE_AUDITLOGS: "0"
HAVE_DELTA_PROGRESS: "0"
HAVE_DEVICECONFIG: "1"
HAVE_DEVICECONNECT: "1"
HAVE_ENTERPRISE: "0"
HAVE_MONITOR: "0"
HAVE_MULTITENANT: "0"
networks:
default:
aliases: [mender-gui]
inventory:
build:
context: .
dockerfile: ./backend/services/inventory/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/inventory:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
environment:
INVENTORY_DEVICEMONITOR_ADDR: http://devicemonitor:8080
INVENTORY_ORCHESTRATOR_ADDR: http://workflows:8080
INVENTORY_MONGO: mongodb://mongo
INVENTORY_NATS_URI: "nats://nats"
labels:
traefik.enable: "true"
traefik.http.services.inventory.loadBalancer.server.port: "8080"
traefik.http.routers.inventoryDevV1.middlewares: >-
devStack@file,inventoryV1-replacepathregex@file
traefik.http.routers.inventoryDevV1.rule: >-
PathRegexp(`/api/devices/v1/inventory`)
traefik.http.routers.inventoryDevV1.service: inventory
traefik.http.routers.inventoryMgmtV1.middlewares: >-
mgmtStack@file,inventoryMgmtV1-replacepathregex@file
traefik.http.routers.inventoryMgmtV1.rule: >-
PathRegexp(`/api/management/v1/inventory`)
traefik.http.routers.inventoryMgmtV1.service: inventory
traefik.http.routers.inventoryDev.middlewares: "devStack@file"
traefik.http.routers.inventoryDev.rule: >-
PathRegexp(`/api/devices/v[2-9]/inventory`)
traefik.http.routers.inventoryDev.service: inventory
traefik.http.routers.inventoryMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.inventoryMgmt.rule: >-
PathRegexp(`/api/management/v[2-9]/inventory`)
traefik.http.routers.inventoryMgmt.service: inventory
networks:
default:
aliases: [mender-inventory]
iot-manager:
build:
context: .
dockerfile: ./backend/services/iot-manager/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/iot-manager:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
environment:
IOT_MANAGER_DEVICEAUTH_URL: "http://deviceauth:8080"
IOT_MANAGER_WORKFLOWS_URL: "http://workflows:8080"
IOT_MANAGER_MONGO_URL: "mongodb://mongo"
IOT_MANAGER_NATS_URI: "nats://nats"
labels:
traefik.enable: "true"
traefik.http.services.iot-manager.loadBalancer.server.port: "8080"
traefik.http.routers.iot-managerMgmt.middlewares: "mgmtStack@file"
traefik.http.routers.iot-managerMgmt.rule: >-
PathRegexp(`/api/management/v[0-9]+/iot-manager`)
traefik.http.routers.iot-managerMgmt.service: iot-manager
networks:
default:
aliases: [mender-iot-manager]
useradm:
build:
context: .
dockerfile: ./backend/services/useradm/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/useradm:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
environment:
USERADM_MONGO: "mongodb://mongo"
USERADM_SERVER_PRIV_KEY_PATH: "/etc/useradm/private.pem"
labels:
traefik.enable: "true"
traefik.http.services.useradm.loadBalancer.server.port: "8080"
traefik.http.routers.useradm.middlewares: "mgmtStack@file"
traefik.http.routers.useradm.rule: >-
PathRegexp(`/api/management/v[0-9]+/useradm`)
traefik.http.routers.useradm.service: useradm
traefik.http.routers.userauth.middlewares: >-
compression@file,sec-headers@file
traefik.http.routers.userauth.rule: >-
!PathRegexp(`/api/management/v[0-9]+/useradm/auth/logout`) &&
PathRegexp(`/api/management/v[0-9]+/useradm/(auth|oauth2|oidc)`)
traefik.http.routers.userauth.service: useradm
networks:
default:
aliases: [mender-useradm]
volumes:
- ./compose/config/mender.pem:/etc/useradm/private.pem
workflows-worker:
build:
context: .
dockerfile: ./backend/services/workflows/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/workflows:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: ["worker"]
depends_on:
- workflows
environment:
WORKFLOWS_MONGO_URL: "mongodb://mongo"
WORKFLOWS_NATS_URI: "nats://nats"
DEPLOYMENTS_ADDR: deployments:8080
DEVICEAUTH_ADDR: deviceauth:8080
DEVICECONFIG_ADDR: deviceconfig:8080
DEVICECONNECT_ADDR: deviceconnect:8080
INVENTORY_ADDR: inventory:8080
IOT_MANAGER_ADDR: iot-manager:8080
USERADM_ADDR: useradm:8080
WORKFLOWS_SERVER_ADDR: workflows:8080
WOKRFLOWS_MENDER_URL: https://docker.mender.io
HAVE_DEVICECONFIG: "1"
workflows:
build:
context: .
dockerfile: ./backend/services/workflows/Dockerfile
image: ${MENDER_IMAGE_REGISTRY:-docker.io}/${MENDER_IMAGE_REPOSITORY:-mendersoftware}/workflows:${MENDER_IMAGE_TAG:-latest}
restart: on-failure:3
command: [server, --automigrate]
depends_on:
- mongo
- nats
environment:
WORKFLOWS_MONGO_URL: "mongodb://mongo"
WORKFLOWS_NATS_URI: "nats://nats"
networks:
default:
aliases: [mender-workflows]
traefik:
image: traefik:v3.1
command:
- --api=true
- --api.insecure=true
- --accesslog=true
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entryPoint.scheme=https
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.transport.respondingTimeouts.idleTimeout=7200
- --entrypoints.websecure.transport.respondingTimeouts.readTimeout=7200
- --entrypoints.websecure.transport.respondingTimeouts.writeTimeout=7200
- --entrypoints.websecure.http.tls=true
- --entrypoints.websecure.asDefault=true
- --providers.file.directory=/etc/traefik/config
- --providers.docker=true
- --providers.docker.exposedByDefault=false
volumes:
- ./compose/config/traefik:/etc/traefik/config:ro
- ./compose/certs:/etc/traefik/certs:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 443:443
- 80:80
networks:
default:
aliases:
- s3.localhost
- mender.local
- s3.mender.local
- docker.mender.io
- s3.docker.mender.io
mongo:
image: mongo:7.0
ulimits:
nofile:
soft: 64000
hard: 64000
volumes:
- mongo:/data/db
networks:
default:
aliases: [mender-mongo]
nats:
image: nats:2.10
command: [-js]
networks:
default:
aliases: [mender-nats]
client:
image: mendersoftware/mender-client-docker-addons:mender-master
scale: 0
configs:
- source: client_json
target: /etc/mender/mender.conf
volumes:
- ./compose/certs/mender.crt:/var/lib/mender/mender.crt
configs:
client_json:
content: |
{
"InventoryPollIntervalSeconds": 5,
"RetryPollIntervalSeconds": 5,
"ServerURL": "${SERVER_URL:-https://docker.mender.io}",
"ServerCertificate": "/var/lib/mender/mender.crt",
"UpdatePollIntervalSeconds": 5,
"TenantToken": "${TENANT_TOKEN:-}"
}
volumes:
mongo: {}
Reference in New Issue View Git Blame Copy Permalink