diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..5ff5202 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,135 @@ +services: + # === TAILSCALE === + tailscale: + image: tailscale/tailscale:latest + container_name: infrahub-tailscale + hostname: infrahub + environment: + - TS_AUTHKEY=${TS_AUTHKEY} + - TS_STATE_DIR=/var/lib/tailscale + - TS_SERVE_CONFIG=/config/serve-config.json + volumes: + - tailscale-state:/var/lib/tailscale + - ./serve-config.json:/config/serve-config.json:ro + cap_add: + - NET_ADMIN + - SYS_MODULE + restart: unless-stopped + + # === NEO4J (Graph Database) === + database: + image: neo4j:5.23-community + container_name: infrahub-database + environment: + - NEO4J_AUTH=neo4j/${NEO4J_PASSWORD:-infrahub} + - NEO4J_PLUGINS=["apoc"] + - NEO4J_dbms_security_procedures_unrestricted=apoc.* + - NEO4J_dbms_security_procedures_allowlist=apoc.* + - NEO4J_server_memory_heap_initial__size=1G + - NEO4J_server_memory_heap_max__size=2G + - NEO4J_server_memory_pagecache_size=1G + volumes: + - neo4j-data:/data + - neo4j-logs:/logs + healthcheck: + test: ["CMD", "wget", "-q", "--spider", "http://localhost:7474"] + interval: 30s + timeout: 10s + retries: 5 + start_period: 60s + restart: unless-stopped + + # === REDIS (Cache) === + cache: + image: redis:7-alpine + container_name: infrahub-cache + command: redis-server --appendonly yes + volumes: + - redis-data:/data + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 10s + timeout: 5s + retries: 3 + restart: unless-stopped + + # === RABBITMQ (Message Queue) === + message-queue: + image: rabbitmq:3-management-alpine + container_name: infrahub-message-queue + environment: + - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER:-infrahub} + - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD:-infrahub} + volumes: + - rabbitmq-data:/var/lib/rabbitmq + healthcheck: + test: ["CMD", "rabbitmq-diagnostics", "check_running"] + interval: 30s + timeout: 10s + retries: 5 + start_period: 30s + restart: unless-stopped + + # === INFRAHUB SERVER === + infrahub-server: + image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest} + container_name: infrahub-server + network_mode: service:tailscale + depends_on: + tailscale: + condition: service_started + database: + condition: service_healthy + cache: + condition: service_healthy + message-queue: + condition: service_healthy + environment: + - INFRAHUB_DB_TYPE=neo4j + - INFRAHUB_DB_ADDRESS=database + - INFRAHUB_DB_PORT=7687 + - INFRAHUB_DB_USERNAME=neo4j + - INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub} + - INFRAHUB_CACHE_ADDRESS=cache + - INFRAHUB_CACHE_PORT=6379 + - INFRAHUB_BROKER_ADDRESS=message-queue + - INFRAHUB_BROKER_PORT=5672 + - INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub} + - INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub} + - INFRAHUB_INITIAL_ADMIN_TOKEN=${INFRAHUB_ADMIN_TOKEN} + - INFRAHUB_SECURITY_SECRET_KEY=${INFRAHUB_SECRET_KEY} + - INFRAHUB_ALLOW_ANONYMOUS_ACCESS=${INFRAHUB_ALLOW_ANONYMOUS:-false} + - INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO} + - INFRAHUB_API_HOST=0.0.0.0 + - INFRAHUB_API_PORT=8000 + command: infrahub server start + restart: unless-stopped + + # === INFRAHUB TASK WORKER === + task-worker: + image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest} + container_name: infrahub-task-worker + depends_on: + - infrahub-server + environment: + - INFRAHUB_DB_TYPE=neo4j + - INFRAHUB_DB_ADDRESS=database + - INFRAHUB_DB_PORT=7687 + - INFRAHUB_DB_USERNAME=neo4j + - INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub} + - INFRAHUB_CACHE_ADDRESS=cache + - INFRAHUB_CACHE_PORT=6379 + - INFRAHUB_BROKER_ADDRESS=message-queue + - INFRAHUB_BROKER_PORT=5672 + - INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub} + - INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub} + - INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO} + command: infrahub server start --worker + restart: unless-stopped + +volumes: + tailscale-state: + neo4j-data: + neo4j-logs: + redis-data: + rabbitmq-data: