opensource/supermq
1
0
Fork 0
mirror of https://github.com/absmach/supermq.git synced 2026-06-23 06:20:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
main
supermq/docker/docker-compose.yaml
T
dusan 5841d3f7e4 NOISSUE - Update SMQ 
Signed-off-by: dusan <borovcanindusan1@gmail.com>
2026-03-17 19:57:15 +01:00

566 lines
23 KiB
YAML
Raw Permalink Blame History

# Copyright (c) Abstract Machines
# SPDX-License-Identifier: Apache-2.0
name: "magistrala"
include:
- path:
- ./supermq-docker/docker-compose.yaml
- ./supermq-docker/addons/journal/docker-compose.yaml
- ./supermq-docker/addons/certs/docker-compose.yaml
- ./supermq-docker-compose.override.yaml
project_directory: ./supermq-docker
env_file:
- ./supermq-docker/.env
networks:
magistrala-base-net:
driver: bridge
volumes:
magistrala-journal-volume:
magistrala-ui-backend-db-volume:
magistrala-re-db-volume:
magistrala-auth-redis-volume:
magistrala-alarms-db-volume:
magistrala-reports-db-volume:
services:
ui:
image: ghcr.io/absmach/magistrala/ui-mg:latest
container_name: magistrala-ui
ports:
- 3000:3000
networks:
- magistrala-base-net
environment:
MG_AUTH_URL: ${MG_AUTH_URL}
MG_DOMAINS_URL: ${MG_DOMAINS_URL}
MG_USERS_URL: ${MG_USERS_URL}
MG_CLIENTS_URL: ${MG_CLIENTS_URL}
MG_CHANNELS_URL: ${MG_CHANNELS_URL}
MG_GROUPS_URL: ${MG_GROUPS_URL}
MG_BOOTSTRAP_URL: ${MG_BOOTSTRAP_URL}
MG_CERTS_URL: ${MG_CERTS_URL}
MG_HTTP_ADAPTER_URL: ${MG_HTTP_ADAPTER_URL}
MG_READER_URL: ${MG_READER_URL}
MG_BACKEND_URL: ${MG_UI_BACKEND_URL}
MG_JOURNAL_URL: ${MG_JOURNAL_URL}
MG_ALARMS_URL: ${MG_ALARMS_URL}
MG_RE_URL: ${MG_RE_URL}
MG_REPORTS_URL: ${MG_REPORTS_URL}
MG_GOOGLE_CLIENT_ID: ${MG_GOOGLE_CLIENT_ID}
MG_GOOGLE_CLIENT_SECRET: ${MG_GOOGLE_CLIENT_SECRET}
MG_GOOGLE_REDIRECT_URL: ${MG_GOOGLE_REDIRECT_URL}
MG_GOOGLE_STATE: ${MG_GOOGLE_STATE}
MG_UI_BASE_PATH: ${MG_UI_BASE_PATH}
MG_NEXTAUTH_BASE_PATH: ${MG_NEXTAUTH_BASE_PATH}
MG_UI_TYPE: ${MG_UI_TYPE}
MG_UI_BASEURL: ${MG_UI_BASEURL}
NEXTAUTH_URL: ${NEXTAUTH_URL}
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
NEXT_LOG_LEVEL: "debug"
MG_HOST_URL: ${MG_HOST_URL}
MG_UI_IMAGE_URL: ${MG_UI_IMAGE_URL}
MG_UI_DOCKER_ACCEPT_EULA: ${MG_UI_DOCKER_ACCEPT_EULA}
MG_SUPPORT_EMAIL: ${MG_SUPPORT_EMAIL}
MG_SUPPORT_EMAIL_PASS: ${MG_SUPPORT_EMAIL_PASS}
MG_UI_CLI_MQTT_HOST: ${MG_UI_CLI_MQTT_HOST}
MG_UI_CLI_WS_URL: ${MG_UI_CLI_WS_URL}
MG_UI_CLI_COAP_HOST: ${MG_UI_CLI_COAP_HOST}
MG_UI_CLI_COAP_PORT: ${MG_UI_CLI_COAP_PORT}
MG_UI_CLI_HTTP_URL: ${MG_UI_CLI_HTTP_URL}
MG_UI_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
MG_ACCESS_TOKEN_EXPIRY: ${SMQ_AUTH_ACCESS_TOKEN_DURATION}
MG_REFRESH_TOKEN_EXPIRY: ${SMQ_AUTH_REFRESH_TOKEN_DURATION}
MG_UI_SMTP_HOST: ${MG_UI_SMTP_HOST}
MG_UI_SMTP_PORT: ${MG_UI_SMTP_PORT}
MG_UI_SMTP_SECURE: ${MG_UI_SMTP_SECURE}
MG_UI_SUPPORT_FROM: ${MG_UI_SUPPORT_FROM}
ui-backend:
image: ghcr.io/absmach/magistrala/ui-backend:latest
container_name: magistrala-ui-backend
ports:
- ${MG_UI_BACKEND_HTTP_PORT}:${MG_UI_BACKEND_HTTP_PORT}
networks:
- magistrala-base-net
restart: on-failure:3
environment:
MG_BACKEND_LOG_LEVEL: ${MG_UI_BACKEND_LOG_LEVEL}
MG_BACKEND_HTTP_HOST: ${MG_UI_BACKEND_HTTP_HOST}
MG_BACKEND_HTTP_PORT: ${MG_UI_BACKEND_HTTP_PORT}
MG_BACKEND_HTTP_SERVER_CERT: ${MG_UI_BACKEND_HTTP_SERVER_CERT}
MG_BACKEND_HTTP_SERVER_KEY: ${MG_UI_BACKEND_HTTP_SERVER_KEY}
MG_BACKEND_DB_HOST: ${MG_UI_BACKEND_DB_HOST}
MG_BACKEND_DB_PORT: ${MG_UI_BACKEND_DB_PORT}
MG_BACKEND_DB_USER: ${MG_UI_BACKEND_DB_USER}
MG_BACKEND_DB_PASS: ${MG_UI_BACKEND_DB_PASS}
MG_BACKEND_DB_NAME: ${MG_UI_BACKEND_DB_NAME}
MG_BACKEND_DB_SSL_MODE: ${MG_UI_BACKEND_DB_SSL_MODE}
MG_BACKEND_DB_SSL_CERT: ${MG_UI_BACKEND_DB_SSL_CERT}
MG_BACKEND_DB_SSL_KEY: ${MG_UI_BACKEND_DB_SSL_KEY}
MG_BACKEND_DB_SSL_ROOT_CERT: ${MG_UI_BACKEND_DB_SSL_ROOT_CERT}
MG_BACKEND_INSTANCE_ID: ${MG_UI_BACKEND_INSTANCE_ID}
MG_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
MG_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
MG_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
MG_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
MG_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
MG_UI_VERIFICATION_TLS: ${MG_UI_VERIFICATION_TLS}
MG_UI_CONTENT_TYPE: ${MG_UI_CONTENT_TYPE}
MG_READER_URL: ${MG_READER_URL}
MG_UI_DOCKER_ACCEPT_EULA: ${MG_UI_DOCKER_ACCEPT_EULA}
MG_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL}
MG_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT}
MG_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt}
MG_CHANNELS_GRPC_CLIENT_KEY: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:+/channels-grpc-client.key}
MG_CHANNELS_GRPC_SERVER_CA_CERTS: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:+/channels-grpc-server-ca.crt}
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT:+/readers-grpc-client.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY:+/readers-grpc-client.key}
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS:+/readers-grpc-server-ca.crt}
MG_BACKEND_OBJECT_STORAGE_REGION: ${MG_BACKEND_OBJECT_STORAGE_REGION}
MG_BACKEND_OBJECT_STORAGE_BUCKET: ${MG_BACKEND_OBJECT_STORAGE_BUCKET}
MG_BACKEND_OBJECT_STORAGE_ENDPOINT: ${MG_BACKEND_OBJECT_STORAGE_ENDPOINT}
MG_BACKEND_OBJECT_STORAGE_USE_PATH_STYLE: ${MG_BACKEND_OBJECT_STORAGE_USE_PATH_STYLE}
MG_BACKEND_OBJECT_STORAGE_PRESIGN_ENDPOINT: ${MG_BACKEND_OBJECT_STORAGE_PRESIGN_ENDPOINT}
MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY: ${MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY}
MG_BACKEND_OBJECT_STORAGE_SECRET_KEY: ${MG_BACKEND_OBJECT_STORAGE_SECRET_KEY}
MG_BACKEND_OBJECT_STORAGE_TTL: ${MG_BACKEND_OBJECT_STORAGE_TTL}
MG_BACKEND_OBJECT_STORAGE_READ_TTL: ${MG_BACKEND_OBJECT_STORAGE_READ_TTL}
depends_on:
ui-backend-db:
condition: service_healthy
seaweedfs-s3:
condition: service_started
volumes:
# Auth gRPC client certificates
- type: bind
source: ${MG_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /auth-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${MG_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /auth-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${MG_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /auth-grpc-server-ca.crt
bind:
create_host_path: true
# Channels gRPC client certificates
- type: bind
source: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /channels-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /channels-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /channels-grpc-server-ca.crt
bind:
create_host_path: true
# Reader gRPC client certificates
- type: bind
source: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /readers-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /readers-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs}
target: /readers-grpc-server-ca.crt
bind:
create_host_path: true
ui-backend-db:
image: docker.io/postgres:18.0-alpine3.22
container_name: magistrala-ui-backend-db
restart: on-failure
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
environment:
POSTGRES_USER: ${MG_UI_BACKEND_DB_USER}
POSTGRES_PASSWORD: ${MG_UI_BACKEND_DB_PASS}
POSTGRES_DB: ${MG_UI_BACKEND_DB_NAME}
SMQ_POSTGRES_MAX_CONNECTIONS: ${SMQ_POSTGRES_MAX_CONNECTIONS}
ports:
- 6008:5432
networks:
- magistrala-base-net
volumes:
- magistrala-ui-backend-db-volume:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 3s
retries: 60
seaweedfs-s3:
image: chrislusf/seaweedfs:4.16
container_name: magistrala-seaweedfs-s3
command: server -s3 -s3.config=/etc/seaweedfs/s3.json -dir=/data
ports:
- "8333:8333" # S3 endpoint
- "9333:9333" # master UI
- "19333:19333" # volume server
- "8888:8888" # filer UI
volumes:
- ./data/seaweedfs:/data
- ./configs/seaweedfs-s3.json:/etc/seaweedfs/s3.json:ro
networks:
- magistrala-base-net
seaweedfs-init:
image: amazon/aws-cli
container_name: magistrala-seaweedfs-init
entrypoint: /bin/sh
depends_on:
- seaweedfs-s3
command:
- -c
- |
echo "[INIT] Waiting 20s for SeaweedFS S3 to be ready...";
sleep 20;
OUT=$(aws --endpoint-url http://seaweedfs-s3:8333 s3api create-bucket --bucket $${BUCKET} 2>&1);
EXIT=$$?;
if [ $$EXIT -eq 0 ]; then
echo "[INIT] Bucket $${BUCKET} created successfully.";
elif echo "$$OUT" | grep -q 'BucketAlreadyOwnedByYou\|BucketAlreadyExists'; then
echo "[INIT] Bucket $${BUCKET} already exists, skipping.";
else
echo "[INIT] Failed to create bucket $${BUCKET}: $$OUT" >&2;
exit 1;
fi
networks:
- magistrala-base-net
environment:
BUCKET: ${MG_BACKEND_OBJECT_STORAGE_BUCKET}
AWS_ACCESS_KEY_ID: ${MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY}
AWS_SECRET_ACCESS_KEY: ${MG_BACKEND_OBJECT_STORAGE_SECRET_KEY}
AWS_DEFAULT_REGION: ${MG_BACKEND_OBJECT_STORAGE_REGION}
AWS_EC2_METADATA_DISABLED: "true"
re-db:
image: docker.io/postgres:18.0-alpine3.22
container_name: magistrala-re-db
restart: on-failure
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
environment:
POSTGRES_USER: ${MG_RE_DB_USER}
POSTGRES_PASSWORD: ${MG_RE_DB_PASS}
POSTGRES_DB: ${MG_RE_DB_NAME}
ports:
- 6009:5432
networks:
- magistrala-base-net
volumes:
- magistrala-re-db-volume:/var/lib/postgresql/data
re:
image: ghcr.io/absmach/magistrala/re:${MG_RELEASE_TAG}
container_name: magistrala-re
depends_on:
- re-db
- spicedb-migrate
restart: on-failure
environment:
MG_RE_LOG_LEVEL: ${MG_RE_LOG_LEVEL}
MG_RE_HTTP_PORT: ${MG_RE_HTTP_PORT}
MG_RE_HTTP_HOST: ${MG_RE_HTTP_HOST}
MG_RE_HTTP_SERVER_CERT: ${MG_RE_HTTP_SERVER_CERT}
MG_RE_HTTP_SERVER_KEY: ${MG_RE_HTTP_SERVER_KEY}
MG_RE_DB_HOST: ${MG_RE_DB_HOST}
MG_RE_DB_PORT: ${MG_RE_DB_PORT}
MG_RE_DB_USER: ${MG_RE_DB_USER}
MG_RE_DB_PASS: ${MG_RE_DB_PASS}
MG_RE_DB_NAME: ${MG_RE_DB_NAME}
MG_RE_DB_SSL_MODE: ${MG_RE_DB_SSL_MODE}
MG_RE_DB_SSL_CERT: ${MG_RE_DB_SSL_CERT}
MG_RE_DB_SSL_KEY: ${MG_RE_DB_SSL_KEY}
MG_RE_DB_SSL_ROOT_CERT: ${MG_RE_DB_SSL_ROOT_CERT}
MG_RE_CALLOUT_URLS: ${MG_RE_CALLOUT_URLS}
MG_RE_CALLOUT_METHOD: ${MG_RE_CALLOUT_METHOD}
MG_RE_CALLOUT_TLS_VERIFICATION: ${MG_RE_CALLOUT_TLS_VERIFICATION}
MG_RE_CALLOUT_TIMEOUT: ${MG_RE_CALLOUT_TIMEOUT}
MG_RE_CALLOUT_CA_CERT: ${MG_RE_CALLOUT_CA_CERT}
MG_RE_CALLOUT_CERT: ${MG_RE_CALLOUT_CERT}
MG_RE_CALLOUT_KEY: ${MG_RE_CALLOUT_KEY}
MG_RE_CALLOUT_OPERATIONS: ${MG_RE_CALLOUT_OPERATIONS}
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
SMQ_ES_URL: ${SMQ_ES_URL}
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
SMQ_SEND_TELEMETRY: ${SMQ_SEND_TELEMETRY}
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
SMQ_SPICEDB_PRE_SHARED_KEY: ${SMQ_SPICEDB_PRE_SHARED_KEY}
SMQ_SPICEDB_HOST: ${SMQ_SPICEDB_HOST}
SMQ_SPICEDB_PORT: ${SMQ_SPICEDB_PORT}
SMQ_SPICEDB_SCHEMA_FILE: ${SMQ_SPICEDB_SCHEMA_FILE}
SMQ_PERMISSIONS_FILE: ${SMQ_PERMISSIONS_FILE}
MG_RE_INSTANCE_ID: ${MG_RE_INSTANCE_ID}
MG_EMAIL_HOST: ${MG_EMAIL_HOST}
MG_EMAIL_PORT: ${MG_EMAIL_PORT}
MG_EMAIL_USERNAME: ${MG_EMAIL_USERNAME}
MG_EMAIL_PASSWORD: ${MG_EMAIL_PASSWORD}
MG_EMAIL_FROM_ADDRESS: ${MG_EMAIL_FROM_ADDRESS}
MG_EMAIL_FROM_NAME: ${MG_EMAIL_FROM_NAME}
MG_EMAIL_TEMPLATE: ${MG_EMAIL_TEMPLATE}
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT}
MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY}
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
ports:
- ${MG_RE_HTTP_PORT}:${MG_RE_HTTP_PORT}
networks:
- magistrala-base-net
volumes:
- ./permission.yaml:${SMQ_PERMISSIONS_FILE}
- ./spicedb/combined-schema.zed:${SMQ_SPICEDB_SCHEMA_FILE}
- ./templates/${MG_RE_EMAIL_TEMPLATE}:/email.tmpl
# Auth gRPC client certificates
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /auth-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /auth-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /auth-grpc-server-ca.crt
bind:
create_host_path: true
alarms-db:
image: docker.io/postgres:18.0-alpine3.22
container_name: magistrala-alarms-db
restart: on-failure
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
environment:
POSTGRES_USER: ${MG_ALARMS_DB_USER}
POSTGRES_PASSWORD: ${MG_ALARMS_DB_PASS}
POSTGRES_DB: ${MG_ALARMS_DB_NAME}
ports:
- 6019:5432
networks:
- magistrala-base-net
volumes:
- magistrala-alarms-db-volume:/var/lib/postgresql/data
alarms:
image: ghcr.io/absmach/magistrala/alarms:${MG_RELEASE_TAG}
container_name: magistrala-alarms
depends_on:
- alarms-db
- spicedb-migrate
restart: on-failure
environment:
MG_ALARMS_LOG_LEVEL: ${MG_ALARMS_LOG_LEVEL}
MG_ALARMS_HTTP_PORT: ${MG_ALARMS_HTTP_PORT}
MG_ALARMS_HTTP_HOST: ${MG_ALARMS_HTTP_HOST}
MG_ALARMS_HTTP_SERVER_CERT: ${MG_ALARMS_HTTP_SERVER_CERT}
MG_ALARMS_HTTP_SERVER_KEY: ${MG_ALARMS_HTTP_SERVER_KEY}
MG_ALARMS_DB_HOST: ${MG_ALARMS_DB_HOST}
MG_ALARMS_DB_PORT: ${MG_ALARMS_DB_PORT}
MG_ALARMS_DB_USER: ${MG_ALARMS_DB_USER}
MG_ALARMS_DB_PASS: ${MG_ALARMS_DB_PASS}
MG_ALARMS_DB_NAME: ${MG_ALARMS_DB_NAME}
MG_ALARMS_DB_SSL_MODE: ${MG_ALARMS_DB_SSL_MODE}
MG_ALARMS_DB_SSL_CERT: ${MG_ALARMS_DB_SSL_CERT}
MG_ALARMS_DB_SSL_KEY: ${MG_ALARMS_DB_SSL_KEY}
MG_ALARMS_DB_SSL_ROOT_CERT: ${MG_ALARMS_DB_SSL_ROOT_CERT}
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
SMQ_ES_URL: ${SMQ_ES_URL}
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
SMQ_SPICEDB_PRE_SHARED_KEY: ${SMQ_SPICEDB_PRE_SHARED_KEY}
SMQ_SPICEDB_HOST: ${SMQ_SPICEDB_HOST}
SMQ_SPICEDB_PORT: ${SMQ_SPICEDB_PORT}
SMQ_SPICEDB_SCHEMA_FILE: ${SMQ_SPICEDB_SCHEMA_FILE}
SMQ_PERMISSIONS_FILE: ${SMQ_PERMISSIONS_FILE}
MG_ALARMS_INSTANCE_ID: ${MG_ALARMS_INSTANCE_ID}
MG_ALARMS_EVENT_CONSUMER: ${MG_ALARMS_EVENT_CONSUMER}
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
ports:
- ${MG_ALARMS_HTTP_PORT}:${MG_ALARMS_HTTP_PORT}
networks:
- magistrala-base-net
volumes:
- ./permission.yaml:${SMQ_PERMISSIONS_FILE}
- ./spicedb/combined-schema.zed:${SMQ_SPICEDB_SCHEMA_FILE}
# Auth gRPC client certificates
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /auth-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /auth-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /auth-grpc-server-ca.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /domains-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /domains-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /domains-grpc-server-ca.crt
bind:
create_host_path: true
reports-db:
image: docker.io/postgres:18.0-alpine3.22
container_name: magistrala-reports-db
restart: on-failure
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
environment:
POSTGRES_USER: ${MG_REPORTS_DB_USER}
POSTGRES_PASSWORD: ${MG_REPORTS_DB_PASS}
POSTGRES_DB: ${MG_REPORTS_DB_NAME}
ports:
- 6020:5432
networks:
- magistrala-base-net
volumes:
- magistrala-reports-db-volume:/var/lib/postgresql/data
reports:
image: ghcr.io/absmach/magistrala/reports:${MG_RELEASE_TAG}
container_name: magistrala-reports
depends_on:
- reports-db
- spicedb-migrate
restart: on-failure
environment:
MG_REPORTS_LOG_LEVEL: ${MG_REPORTS_LOG_LEVEL}
MG_REPORTS_HTTP_PORT: ${MG_REPORTS_HTTP_PORT}
MG_REPORTS_HTTP_HOST: ${MG_REPORTS_HTTP_HOST}
MG_REPORTS_HTTP_SERVER_CERT: ${MG_REPORTS_HTTP_SERVER_CERT}
MG_REPORTS_HTTP_SERVER_KEY: ${MG_REPORTS_HTTP_SERVER_KEY}
MG_REPORTS_DB_HOST: ${MG_REPORTS_DB_HOST}
MG_REPORTS_DB_PORT: ${MG_REPORTS_DB_PORT}
MG_REPORTS_DB_USER: ${MG_REPORTS_DB_USER}
MG_REPORTS_DB_PASS: ${MG_REPORTS_DB_PASS}
MG_REPORTS_DB_NAME: ${MG_REPORTS_DB_NAME}
MG_REPORTS_DB_SSL_MODE: ${MG_REPORTS_DB_SSL_MODE}
MG_REPORTS_DB_SSL_CERT: ${MG_REPORTS_DB_SSL_CERT}
MG_REPORTS_DB_SSL_KEY: ${MG_REPORTS_DB_SSL_KEY}
MG_REPORTS_DB_SSL_ROOT_CERT: ${MG_REPORTS_DB_SSL_ROOT_CERT}
MG_REPORTS_DEFAULT_TEMPLATE: ${MG_REPORTS_DEFAULT_TEMPLATE}
MG_PDF_CONVERTER_URL: ${MG_PDF_CONVERTER_URL}
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
SMQ_ES_URL: ${SMQ_ES_URL}
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
SMQ_SEND_TELEMETRY: ${SMQ_SEND_TELEMETRY}
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
SMQ_SPICEDB_PRE_SHARED_KEY: ${SMQ_SPICEDB_PRE_SHARED_KEY}
SMQ_SPICEDB_HOST: ${SMQ_SPICEDB_HOST}
SMQ_SPICEDB_PORT: ${SMQ_SPICEDB_PORT}
SMQ_SPICEDB_SCHEMA_FILE: ${SMQ_SPICEDB_SCHEMA_FILE}
SMQ_PERMISSIONS_FILE: ${SMQ_PERMISSIONS_FILE}
MG_REPORTS_INSTANCE_ID: ${MG_RE_INSTANCE_ID}
MG_EMAIL_HOST: ${MG_EMAIL_HOST}
MG_EMAIL_PORT: ${MG_EMAIL_PORT}
MG_EMAIL_USERNAME: ${MG_EMAIL_USERNAME}
MG_EMAIL_PASSWORD: ${MG_EMAIL_PASSWORD}
MG_EMAIL_FROM_ADDRESS: ${MG_EMAIL_FROM_ADDRESS}
MG_EMAIL_FROM_NAME: ${MG_EMAIL_FROM_NAME}
MG_EMAIL_TEMPLATE: ${MG_EMAIL_TEMPLATE}
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT}
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY}
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
ports:
- ${MG_REPORTS_HTTP_PORT}:${MG_REPORTS_HTTP_PORT}
networks:
- magistrala-base-net
volumes:
- ./permission.yaml:${SMQ_PERMISSIONS_FILE}
- ./spicedb/combined-schema.zed:${SMQ_SPICEDB_SCHEMA_FILE}
- ./templates/${MG_REPORTS_EMAIL_TEMPLATE}:/email.tmpl
# Auth gRPC client certificates
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
target: /auth-grpc-client.crt
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
target: /auth-grpc-client.key
bind:
create_host_path: true
- type: bind
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
target: /auth-grpc-server-ca.crt
bind:
create_host_path: true
pdf-generator:
image: gotenberg/gotenberg:8.25.1
container_name: magistrala-pdf
ports:
- "4000:3000"
networks:
- magistrala-base-net
Reference in New Issue View Git Blame Copy Permalink