mirror of
https://github.com/absmach/supermq.git
synced 2026-06-23 04:20:17 +00:00
Dušan Borovčanin
f5171a2c03
* NOISSUE - Add object storage for UI images Signed-off-by: dusan <borovcanindusan1@gmail.com> * Simplify local object storage Signed-off-by: dusan <borovcanindusan1@gmail.com> * WIP - Seaweed Signed-off-by: dusan <borovcanindusan1@gmail.com> * Add dynamic domain Signed-off-by: dusan <borovcanindusan1@gmail.com> * Update compose Signed-off-by: dusan <borovcanindusan1@gmail.com> * Update bucket init Signed-off-by: dusan <borovcanindusan1@gmail.com> * Update bucket init Signed-off-by: dusan <borovcanindusan1@gmail.com> * Update mod Signed-off-by: dusan <borovcanindusan1@gmail.com> * Fix compose format Signed-off-by: dusan <borovcanindusan1@gmail.com> * Fix UI backend env Signed-off-by: dusan <borovcanindusan1@gmail.com> * Fix env for backend URL Signed-off-by: dusan <borovcanindusan1@gmail.com> --------- Signed-off-by: dusan <borovcanindusan1@gmail.com>
567 lines
23 KiB
YAML
567 lines
23 KiB
YAML
# Copyright (c) Abstract Machines
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
name: "magistrala"
|
|
|
|
include:
|
|
- path:
|
|
- ./supermq-docker/docker-compose.yaml
|
|
- ./supermq-docker/addons/journal/docker-compose.yaml
|
|
- ./supermq-docker/addons/certs/docker-compose.yaml
|
|
- ./supermq-docker-compose.override.yaml
|
|
project_directory: ./supermq-docker
|
|
env_file:
|
|
- ./supermq-docker/.env
|
|
|
|
networks:
|
|
magistrala-base-net:
|
|
driver: bridge
|
|
|
|
volumes:
|
|
magistrala-journal-volume:
|
|
magistrala-ui-backend-db-volume:
|
|
magistrala-re-db-volume:
|
|
magistrala-auth-redis-volume:
|
|
magistrala-alarms-db-volume:
|
|
magistrala-reports-db-volume:
|
|
|
|
services:
|
|
ui:
|
|
image: ghcr.io/absmach/magistrala/ui-mg:latest
|
|
container_name: magistrala-ui
|
|
ports:
|
|
- 3000:3000
|
|
networks:
|
|
- magistrala-base-net
|
|
environment:
|
|
MG_AUTH_URL: ${MG_AUTH_URL}
|
|
MG_DOMAINS_URL: ${MG_DOMAINS_URL}
|
|
MG_USERS_URL: ${MG_USERS_URL}
|
|
MG_CLIENTS_URL: ${MG_CLIENTS_URL}
|
|
MG_CHANNELS_URL: ${MG_CHANNELS_URL}
|
|
MG_GROUPS_URL: ${MG_GROUPS_URL}
|
|
MG_BOOTSTRAP_URL: ${MG_BOOTSTRAP_URL}
|
|
MG_CERTS_URL: ${MG_CERTS_URL}
|
|
MG_HTTP_ADAPTER_URL: ${MG_HTTP_ADAPTER_URL}
|
|
MG_READER_URL: ${MG_READER_URL}
|
|
MG_BACKEND_URL: ${MG_UI_BACKEND_URL}
|
|
MG_JOURNAL_URL: ${MG_JOURNAL_URL}
|
|
MG_BILLING_URL: ${MG_BILLING_URL}
|
|
MG_ALARMS_URL: ${MG_ALARMS_URL}
|
|
MG_RE_URL: ${MG_RE_URL}
|
|
MG_REPORTS_URL: ${MG_REPORTS_URL}
|
|
MG_GOOGLE_CLIENT_ID: ${MG_GOOGLE_CLIENT_ID}
|
|
MG_GOOGLE_CLIENT_SECRET: ${MG_GOOGLE_CLIENT_SECRET}
|
|
MG_GOOGLE_REDIRECT_URL: ${MG_GOOGLE_REDIRECT_URL}
|
|
MG_GOOGLE_STATE: ${MG_GOOGLE_STATE}
|
|
MG_UI_BASE_PATH: ${MG_UI_BASE_PATH}
|
|
MG_NEXTAUTH_BASE_PATH: ${MG_NEXTAUTH_BASE_PATH}
|
|
MG_UI_TYPE: ${MG_UI_TYPE}
|
|
MG_UI_BASEURL: ${MG_UI_BASEURL}
|
|
NEXTAUTH_URL: ${NEXTAUTH_URL}
|
|
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
|
|
NEXT_LOG_LEVEL: "debug"
|
|
MG_HOST_URL: ${MG_HOST_URL}
|
|
MG_UI_IMAGE_URL: ${MG_UI_IMAGE_URL}
|
|
MG_UI_DOCKER_ACCEPT_EULA: ${MG_UI_DOCKER_ACCEPT_EULA}
|
|
MG_SUPPORT_EMAIL: ${MG_SUPPORT_EMAIL}
|
|
MG_SUPPORT_EMAIL_PASS: ${MG_SUPPORT_EMAIL_PASS}
|
|
|
|
ui-backend:
|
|
image: ghcr.io/absmach/magistrala/ui-backend:latest
|
|
container_name: magistrala-ui-backend
|
|
ports:
|
|
- ${MG_UI_BACKEND_HTTP_PORT}:${MG_UI_BACKEND_HTTP_PORT}
|
|
networks:
|
|
- magistrala-base-net
|
|
restart: on-failure:3
|
|
environment:
|
|
MG_BACKEND_LOG_LEVEL: ${MG_UI_BACKEND_LOG_LEVEL}
|
|
MG_BACKEND_HTTP_HOST: ${MG_UI_BACKEND_HTTP_HOST}
|
|
MG_BACKEND_HTTP_PORT: ${MG_UI_BACKEND_HTTP_PORT}
|
|
MG_BACKEND_HTTP_SERVER_CERT: ${MG_UI_BACKEND_HTTP_SERVER_CERT}
|
|
MG_BACKEND_HTTP_SERVER_KEY: ${MG_UI_BACKEND_HTTP_SERVER_KEY}
|
|
MG_BACKEND_DB_HOST: ${MG_UI_BACKEND_DB_HOST}
|
|
MG_BACKEND_DB_PORT: ${MG_UI_BACKEND_DB_PORT}
|
|
MG_BACKEND_DB_USER: ${MG_UI_BACKEND_DB_USER}
|
|
MG_BACKEND_DB_PASS: ${MG_UI_BACKEND_DB_PASS}
|
|
MG_BACKEND_DB_NAME: ${MG_UI_BACKEND_DB_NAME}
|
|
MG_BACKEND_DB_SSL_MODE: ${MG_UI_BACKEND_DB_SSL_MODE}
|
|
MG_BACKEND_DB_SSL_CERT: ${MG_UI_BACKEND_DB_SSL_CERT}
|
|
MG_BACKEND_DB_SSL_KEY: ${MG_UI_BACKEND_DB_SSL_KEY}
|
|
MG_BACKEND_DB_SSL_ROOT_CERT: ${MG_UI_BACKEND_DB_SSL_ROOT_CERT}
|
|
MG_BACKEND_INSTANCE_ID: ${MG_UI_BACKEND_INSTANCE_ID}
|
|
MG_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
|
|
MG_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
|
|
MG_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
|
|
MG_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
|
|
MG_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
|
|
MG_UI_VERIFICATION_TLS: ${MG_UI_VERIFICATION_TLS}
|
|
MG_UI_CONTENT_TYPE: ${MG_UI_CONTENT_TYPE}
|
|
MG_READER_URL: ${MG_READER_URL}
|
|
MG_UI_DOCKER_ACCEPT_EULA: ${MG_UI_DOCKER_ACCEPT_EULA}
|
|
MG_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL}
|
|
MG_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT}
|
|
MG_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt}
|
|
MG_CHANNELS_GRPC_CLIENT_KEY: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:+/channels-grpc-client.key}
|
|
MG_CHANNELS_GRPC_SERVER_CA_CERTS: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:+/channels-grpc-server-ca.crt}
|
|
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
|
|
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT:+/readers-grpc-client.crt}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY:+/readers-grpc-client.key}
|
|
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS:+/readers-grpc-server-ca.crt}
|
|
MG_BACKEND_OBJECT_STORAGE_REGION: ${MG_BACKEND_OBJECT_STORAGE_REGION}
|
|
MG_BACKEND_OBJECT_STORAGE_BUCKET: ${MG_BACKEND_OBJECT_STORAGE_BUCKET}
|
|
MG_BACKEND_OBJECT_STORAGE_ENDPOINT: ${MG_BACKEND_OBJECT_STORAGE_ENDPOINT}
|
|
MG_BACKEND_OBJECT_STORAGE_USE_PATH_STYLE: ${MG_BACKEND_OBJECT_STORAGE_USE_PATH_STYLE}
|
|
MG_BACKEND_OBJECT_STORAGE_REWRITE_URL: ${MG_BACKEND_OBJECT_STORAGE_REWRITE_URL}
|
|
MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY: ${MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY}
|
|
MG_BACKEND_OBJECT_STORAGE_SECRET_KEY: ${MG_BACKEND_OBJECT_STORAGE_SECRET_KEY}
|
|
MG_BACKEND_OBJECT_STORAGE_TTL: ${MG_BACKEND_OBJECT_STORAGE_TTL}
|
|
depends_on:
|
|
- ui-backend-db
|
|
- seaweedfs-s3
|
|
volumes:
|
|
# Auth gRPC client certificates
|
|
- type: bind
|
|
source: ${MG_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /auth-grpc-client${MG_AUTH_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${MG_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /auth-grpc-client${MG_AUTH_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${MG_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /auth-grpc-server-ca${MG_AUTH_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
# Channels gRPC client certificates
|
|
- type: bind
|
|
source: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /channels-grpc-client${SMQ_CHANNELS_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /channels-grpc-client${SMQ_CHANNELS_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /channels-grpc-server-ca${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
# Reader gRPC client certificates
|
|
- type: bind
|
|
source: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /readers-grpc-client${MG_TIMESCALE_READER_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /readers-grpc-client${MG_TIMESCALE_READER_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs}
|
|
target: /readers-grpc-server-ca${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
|
|
ui-backend-db:
|
|
image: postgres:16.2-alpine
|
|
container_name: magistrala-ui-backend-db
|
|
restart: on-failure
|
|
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
|
|
environment:
|
|
POSTGRES_USER: ${MG_UI_BACKEND_DB_USER}
|
|
POSTGRES_PASSWORD: ${MG_UI_BACKEND_DB_PASS}
|
|
POSTGRES_DB: ${MG_UI_BACKEND_DB_NAME}
|
|
SMQ_POSTGRES_MAX_CONNECTIONS: ${SMQ_POSTGRES_MAX_CONNECTIONS}
|
|
ports:
|
|
- 6008:5432
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- magistrala-ui-backend-db-volume:/var/lib/postgresql/data
|
|
|
|
seaweedfs-master:
|
|
image: chrislusf/seaweedfs # use a remote image
|
|
container_name: magistrala-seaweedfs-master
|
|
ports:
|
|
- 9333:9333
|
|
- 19333:19333
|
|
- 9324:9324
|
|
command: "master -ip=seaweedfs-master -ip.bind=0.0.0.0 -metricsPort=9324"
|
|
volumes:
|
|
- ./data/seaweed-master:/data
|
|
networks:
|
|
- magistrala-base-net
|
|
|
|
seaweedfs-volume:
|
|
image: chrislusf/seaweedfs # use a remote image
|
|
container_name: magistrala-seaweedfs-volume
|
|
ports:
|
|
- 9000:8080
|
|
- 18080:18080
|
|
- 9325:9325
|
|
command: 'volume -mserver="seaweedfs-master:9333" -ip.bind=0.0.0.0 -port=8080 -metricsPort=9325'
|
|
depends_on:
|
|
- seaweedfs-master
|
|
volumes:
|
|
- ./data/seaweed-volumes:/data
|
|
networks:
|
|
- magistrala-base-net
|
|
|
|
seaweedfs-filer:
|
|
image: chrislusf/seaweedfs
|
|
container_name: magistrala-seaweedfs-filer
|
|
ports:
|
|
- 8888:8888
|
|
- 18888:18888
|
|
- 9326:9326
|
|
command: 'filer -master="seaweedfs-master:9333" -ip.bind=0.0.0.0 -metricsPort=9326'
|
|
tty: true
|
|
stdin_open: true
|
|
depends_on:
|
|
- seaweedfs-master
|
|
- seaweedfs-volume
|
|
volumes:
|
|
- ./data/seaweed-filer:/data
|
|
networks:
|
|
- magistrala-base-net
|
|
|
|
seaweedfs-s3:
|
|
image: chrislusf/seaweedfs # use a remote image
|
|
container_name: magistrala-seaweedfs-s3
|
|
ports:
|
|
- 8333:8333
|
|
- 9327:9327
|
|
command: 's3 -filer="seaweedfs-filer:8888" -ip.bind=0.0.0.0 -metricsPort=9327'
|
|
depends_on:
|
|
- seaweedfs-master
|
|
- seaweedfs-volume
|
|
- seaweedfs-filer
|
|
volumes:
|
|
- ./seaweedfs/s3.json:/etc/seaweedfs/s3.json
|
|
- ./data/seaweed-s3:/data
|
|
networks:
|
|
- magistrala-base-net
|
|
|
|
seaweedfs-init:
|
|
image: curlimages/curl
|
|
container_name: magistrala-seaweedfs-init
|
|
depends_on:
|
|
- seaweedfs-s3
|
|
command: >
|
|
/bin/sh -c "
|
|
echo 'Creating buckets, wait for 20s...';
|
|
sleep 20;
|
|
HTTP_CODE=$(curl -s -o /dev/null -w '%{http_code}' -f -X PUT http://seaweedfs-s3:8333/$${BUCKET});
|
|
if [ $${HTTP_CODE} = '200' ] || [ $${HTTP_CODE} = '201' ]; then
|
|
echo \"[INIT] Bucket $${BUCKET} created successfully!\";
|
|
curl -s http://seaweedfs-s3:8333/ | grep -o '<Name>[^<]*</Name>';
|
|
exit 0;
|
|
else
|
|
echo \"[INIT] Failed to create bucket $${BUCKET}! HTTP code $${HTTP_CODE}.\" >&2;
|
|
exit 1;
|
|
fi
|
|
"
|
|
networks:
|
|
- magistrala-base-net
|
|
environment:
|
|
BUCKET: ${MG_BACKEND_OBJECT_STORAGE_BUCKET}
|
|
|
|
re-db:
|
|
image: postgres:16.2-alpine
|
|
container_name: magistrala-re-db
|
|
restart: on-failure
|
|
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
|
|
environment:
|
|
POSTGRES_USER: ${MG_RE_DB_USER}
|
|
POSTGRES_PASSWORD: ${MG_RE_DB_PASS}
|
|
POSTGRES_DB: ${MG_RE_DB_NAME}
|
|
ports:
|
|
- 6009:5432
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- magistrala-re-db-volume:/var/lib/postgresql/data
|
|
|
|
re:
|
|
image: ghcr.io/absmach/magistrala/re:${MG_RELEASE_TAG}
|
|
container_name: magistrala-re
|
|
depends_on:
|
|
- re-db
|
|
restart: on-failure
|
|
environment:
|
|
MG_RE_LOG_LEVEL: ${MG_RE_LOG_LEVEL}
|
|
MG_RE_HTTP_PORT: ${MG_RE_HTTP_PORT}
|
|
MG_RE_HTTP_HOST: ${MG_RE_HTTP_HOST}
|
|
MG_RE_HTTP_SERVER_CERT: ${MG_RE_HTTP_SERVER_CERT}
|
|
MG_RE_HTTP_SERVER_KEY: ${MG_RE_HTTP_SERVER_KEY}
|
|
MG_RE_DB_HOST: ${MG_RE_DB_HOST}
|
|
MG_RE_DB_PORT: ${MG_RE_DB_PORT}
|
|
MG_RE_DB_USER: ${MG_RE_DB_USER}
|
|
MG_RE_DB_PASS: ${MG_RE_DB_PASS}
|
|
MG_RE_DB_NAME: ${MG_RE_DB_NAME}
|
|
MG_RE_DB_SSL_MODE: ${MG_RE_DB_SSL_MODE}
|
|
MG_RE_DB_SSL_CERT: ${MG_RE_DB_SSL_CERT}
|
|
MG_RE_DB_SSL_KEY: ${MG_RE_DB_SSL_KEY}
|
|
MG_RE_DB_SSL_ROOT_CERT: ${MG_RE_DB_SSL_ROOT_CERT}
|
|
MG_RE_CALLOUT_URLS: ${MG_RE_CALLOUT_URLS}
|
|
MG_RE_CALLOUT_METHOD: ${MG_RE_CALLOUT_METHOD}
|
|
MG_RE_CALLOUT_TLS_VERIFICATION: ${MG_RE_CALLOUT_TLS_VERIFICATION}
|
|
MG_RE_CALLOUT_TIMEOUT: ${MG_RE_CALLOUT_TIMEOUT}
|
|
MG_RE_CALLOUT_CA_CERT: ${MG_RE_CALLOUT_CA_CERT}
|
|
MG_RE_CALLOUT_CERT: ${MG_RE_CALLOUT_CERT}
|
|
MG_RE_CALLOUT_KEY: ${MG_RE_CALLOUT_KEY}
|
|
MG_RE_CALLOUT_OPERATIONS: ${MG_RE_CALLOUT_OPERATIONS}
|
|
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
|
|
SMQ_ES_URL: ${SMQ_ES_URL}
|
|
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
|
|
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
|
|
SMQ_SEND_TELEMETRY: ${SMQ_SEND_TELEMETRY}
|
|
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
|
|
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
|
|
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
|
|
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
|
|
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
|
|
SMQ_SPICEDB_PRE_SHARED_KEY: ${SMQ_SPICEDB_PRE_SHARED_KEY}
|
|
SMQ_SPICEDB_HOST: ${SMQ_SPICEDB_HOST}
|
|
SMQ_SPICEDB_PORT: ${SMQ_SPICEDB_PORT}
|
|
MG_RE_INSTANCE_ID: ${MG_RE_INSTANCE_ID}
|
|
MG_EMAIL_HOST: ${MG_EMAIL_HOST}
|
|
MG_EMAIL_PORT: ${MG_EMAIL_PORT}
|
|
MG_EMAIL_USERNAME: ${MG_EMAIL_USERNAME}
|
|
MG_EMAIL_PASSWORD: ${MG_EMAIL_PASSWORD}
|
|
MG_EMAIL_FROM_ADDRESS: ${MG_EMAIL_FROM_ADDRESS}
|
|
MG_EMAIL_FROM_NAME: ${MG_EMAIL_FROM_NAME}
|
|
MG_EMAIL_TEMPLATE: ${MG_EMAIL_TEMPLATE}
|
|
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
|
|
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY}
|
|
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
|
|
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
|
|
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
|
|
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
|
|
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
|
|
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
|
|
ports:
|
|
- ${MG_RE_HTTP_PORT}:${MG_RE_HTTP_PORT}
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- ./templates/${MG_RE_EMAIL_TEMPLATE}:/email.tmpl
|
|
# Auth gRPC client certificates
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /auth-grpc-server-ca${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
|
|
alarms-db:
|
|
image: postgres:16.2-alpine
|
|
container_name: magistrala-alarms-db
|
|
restart: on-failure
|
|
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
|
|
environment:
|
|
POSTGRES_USER: ${MG_ALARMS_DB_USER}
|
|
POSTGRES_PASSWORD: ${MG_ALARMS_DB_PASS}
|
|
POSTGRES_DB: ${MG_ALARMS_DB_NAME}
|
|
ports:
|
|
- 6019:5432
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- magistrala-alarms-db-volume:/var/lib/postgresql/data
|
|
|
|
alarms:
|
|
image: ghcr.io/absmach/magistrala/alarms:${MG_RELEASE_TAG}
|
|
container_name: magistrala-alarms
|
|
depends_on:
|
|
- alarms-db
|
|
restart: on-failure
|
|
environment:
|
|
MG_ALARMS_LOG_LEVEL: ${MG_ALARMS_LOG_LEVEL}
|
|
MG_ALARMS_HTTP_PORT: ${MG_ALARMS_HTTP_PORT}
|
|
MG_ALARMS_HTTP_HOST: ${MG_ALARMS_HTTP_HOST}
|
|
MG_ALARMS_HTTP_SERVER_CERT: ${MG_ALARMS_HTTP_SERVER_CERT}
|
|
MG_ALARMS_HTTP_SERVER_KEY: ${MG_ALARMS_HTTP_SERVER_KEY}
|
|
MG_ALARMS_DB_HOST: ${MG_ALARMS_DB_HOST}
|
|
MG_ALARMS_DB_PORT: ${MG_ALARMS_DB_PORT}
|
|
MG_ALARMS_DB_USER: ${MG_ALARMS_DB_USER}
|
|
MG_ALARMS_DB_PASS: ${MG_ALARMS_DB_PASS}
|
|
MG_ALARMS_DB_NAME: ${MG_ALARMS_DB_NAME}
|
|
MG_ALARMS_DB_SSL_MODE: ${MG_ALARMS_DB_SSL_MODE}
|
|
MG_ALARMS_DB_SSL_CERT: ${MG_ALARMS_DB_SSL_CERT}
|
|
MG_ALARMS_DB_SSL_KEY: ${MG_ALARMS_DB_SSL_KEY}
|
|
MG_ALARMS_DB_SSL_ROOT_CERT: ${MG_ALARMS_DB_SSL_ROOT_CERT}
|
|
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
|
|
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
|
|
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
|
|
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
|
|
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
|
|
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
|
|
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
|
|
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
|
|
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
|
|
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
|
|
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
|
|
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
|
|
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
|
|
MG_ALARMS_INSTANCE_ID: ${MG_ALARMS_INSTANCE_ID}
|
|
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
|
|
ports:
|
|
- ${MG_ALARMS_HTTP_PORT}:${MG_ALARMS_HTTP_PORT}
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
# Auth gRPC client certificates
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /auth-grpc-server-ca${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /domains-grpc-client${SMQ_DOMAINS_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /domains-grpc-client${SMQ_DOMAINS_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /domains-grpc-server-ca${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
|
|
reports-db:
|
|
image: postgres:16.2-alpine
|
|
container_name: magistrala-reports-db
|
|
restart: on-failure
|
|
command: postgres -c "max_connections=${SMQ_POSTGRES_MAX_CONNECTIONS}"
|
|
environment:
|
|
POSTGRES_USER: ${MG_REPORTS_DB_USER}
|
|
POSTGRES_PASSWORD: ${MG_REPORTS_DB_PASS}
|
|
POSTGRES_DB: ${MG_REPORTS_DB_NAME}
|
|
ports:
|
|
- 6020:5432
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- magistrala-reports-db-volume:/var/lib/postgresql/data
|
|
|
|
reports:
|
|
image: ghcr.io/absmach/magistrala/reports:${MG_RELEASE_TAG}
|
|
container_name: magistrala-reports
|
|
depends_on:
|
|
- reports-db
|
|
restart: on-failure
|
|
environment:
|
|
MG_REPORTS_LOG_LEVEL: ${MG_REPORTS_LOG_LEVEL}
|
|
MG_REPORTS_HTTP_PORT: ${MG_REPORTS_HTTP_PORT}
|
|
MG_REPORTS_HTTP_HOST: ${MG_REPORTS_HTTP_HOST}
|
|
MG_REPORTS_HTTP_SERVER_CERT: ${MG_REPORTS_HTTP_SERVER_CERT}
|
|
MG_REPORTS_HTTP_SERVER_KEY: ${MG_REPORTS_HTTP_SERVER_KEY}
|
|
MG_REPORTS_DB_HOST: ${MG_REPORTS_DB_HOST}
|
|
MG_REPORTS_DB_PORT: ${MG_REPORTS_DB_PORT}
|
|
MG_REPORTS_DB_USER: ${MG_REPORTS_DB_USER}
|
|
MG_REPORTS_DB_PASS: ${MG_REPORTS_DB_PASS}
|
|
MG_REPORTS_DB_NAME: ${MG_REPORTS_DB_NAME}
|
|
MG_REPORTS_DB_SSL_MODE: ${MG_REPORTS_DB_SSL_MODE}
|
|
MG_REPORTS_DB_SSL_CERT: ${MG_REPORTS_DB_SSL_CERT}
|
|
MG_REPORTS_DB_SSL_KEY: ${MG_REPORTS_DB_SSL_KEY}
|
|
MG_REPORTS_DB_SSL_ROOT_CERT: ${MG_REPORTS_DB_SSL_ROOT_CERT}
|
|
MG_REPORTS_DEFAULT_TEMPLATE: ${MG_REPORTS_DEFAULT_TEMPLATE}
|
|
MG_PDF_CONVERTER_URL: ${MG_PDF_CONVERTER_URL}
|
|
SMQ_MESSAGE_BROKER_URL: ${SMQ_MESSAGE_BROKER_URL}
|
|
SMQ_JAEGER_URL: ${SMQ_JAEGER_URL}
|
|
SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO}
|
|
SMQ_SEND_TELEMETRY: ${SMQ_SEND_TELEMETRY}
|
|
SMQ_AUTH_GRPC_URL: ${SMQ_AUTH_GRPC_URL}
|
|
SMQ_AUTH_GRPC_TIMEOUT: ${SMQ_AUTH_GRPC_TIMEOUT}
|
|
SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt}
|
|
SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key}
|
|
SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt}
|
|
SMQ_SPICEDB_PRE_SHARED_KEY: ${SMQ_SPICEDB_PRE_SHARED_KEY}
|
|
SMQ_SPICEDB_HOST: ${SMQ_SPICEDB_HOST}
|
|
SMQ_SPICEDB_PORT: ${SMQ_SPICEDB_PORT}
|
|
MG_REPORTS_INSTANCE_ID: ${MG_RE_INSTANCE_ID}
|
|
MG_EMAIL_HOST: ${MG_EMAIL_HOST}
|
|
MG_EMAIL_PORT: ${MG_EMAIL_PORT}
|
|
MG_EMAIL_USERNAME: ${MG_EMAIL_USERNAME}
|
|
MG_EMAIL_PASSWORD: ${MG_EMAIL_PASSWORD}
|
|
MG_EMAIL_FROM_ADDRESS: ${MG_EMAIL_FROM_ADDRESS}
|
|
MG_EMAIL_FROM_NAME: ${MG_EMAIL_FROM_NAME}
|
|
MG_EMAIL_TEMPLATE: ${MG_EMAIL_TEMPLATE}
|
|
MG_TIMESCALE_READER_GRPC_URL: ${MG_TIMESCALE_READER_GRPC_URL}
|
|
MG_TIMESCALE_READER_GRPC_TIMEOUT: ${MG_TIMESCALE_READER_GRPC_TIMEOUT}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_CERT: ${MG_TIMESCALE_READER_GRPC_CLIENT_CERT}
|
|
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS: ${MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS}
|
|
MG_TIMESCALE_READER_GRPC_CLIENT_KEY: ${MG_TIMESCALE_READER_GRPC_CLIENT_KEY}
|
|
SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL}
|
|
SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT}
|
|
SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt}
|
|
SMQ_DOMAINS_GRPC_CLIENT_KEY: ${SMQ_DOMAINS_GRPC_CLIENT_KEY:+/domains-grpc-client.key}
|
|
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS: ${SMQ_DOMAINS_GRPC_SERVER_CA_CERTS:+/domains-grpc-server-ca.crt}
|
|
SMQ_ALLOW_UNVERIFIED_USER: ${SMQ_ALLOW_UNVERIFIED_USER}
|
|
ports:
|
|
- ${MG_REPORTS_HTTP_PORT}:${MG_REPORTS_HTTP_PORT}
|
|
networks:
|
|
- magistrala-base-net
|
|
volumes:
|
|
- ./templates/${MG_REPORTS_EMAIL_TEMPLATE}:/email.tmpl
|
|
# Auth gRPC client certificates
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_CERT:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key}
|
|
target: /auth-grpc-client${SMQ_AUTH_GRPC_CLIENT_KEY:+.key}
|
|
bind:
|
|
create_host_path: true
|
|
- type: bind
|
|
source: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca}
|
|
target: /auth-grpc-server-ca${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+.crt}
|
|
bind:
|
|
create_host_path: true
|
|
|
|
pdf-generator:
|
|
image: gotenberg/gotenberg:${MG_RELEASE_TAG}
|
|
container_name: magistrala-pdf
|
|
ports:
|
|
- "4000:3000"
|
|
networks:
|
|
- magistrala-base-net
|