feat: add docker-compose.yml for Infrahub deployment
This commit is contained in:
135
docker-compose.yml
Normal file
135
docker-compose.yml
Normal file
@@ -0,0 +1,135 @@
|
|||||||
|
services:
|
||||||
|
# === TAILSCALE ===
|
||||||
|
tailscale:
|
||||||
|
image: tailscale/tailscale:latest
|
||||||
|
container_name: infrahub-tailscale
|
||||||
|
hostname: infrahub
|
||||||
|
environment:
|
||||||
|
- TS_AUTHKEY=${TS_AUTHKEY}
|
||||||
|
- TS_STATE_DIR=/var/lib/tailscale
|
||||||
|
- TS_SERVE_CONFIG=/config/serve-config.json
|
||||||
|
volumes:
|
||||||
|
- tailscale-state:/var/lib/tailscale
|
||||||
|
- ./serve-config.json:/config/serve-config.json:ro
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_MODULE
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# === NEO4J (Graph Database) ===
|
||||||
|
database:
|
||||||
|
image: neo4j:5.23-community
|
||||||
|
container_name: infrahub-database
|
||||||
|
environment:
|
||||||
|
- NEO4J_AUTH=neo4j/${NEO4J_PASSWORD:-infrahub}
|
||||||
|
- NEO4J_PLUGINS=["apoc"]
|
||||||
|
- NEO4J_dbms_security_procedures_unrestricted=apoc.*
|
||||||
|
- NEO4J_dbms_security_procedures_allowlist=apoc.*
|
||||||
|
- NEO4J_server_memory_heap_initial__size=1G
|
||||||
|
- NEO4J_server_memory_heap_max__size=2G
|
||||||
|
- NEO4J_server_memory_pagecache_size=1G
|
||||||
|
volumes:
|
||||||
|
- neo4j-data:/data
|
||||||
|
- neo4j-logs:/logs
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "-q", "--spider", "http://localhost:7474"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 5
|
||||||
|
start_period: 60s
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# === REDIS (Cache) ===
|
||||||
|
cache:
|
||||||
|
image: redis:7-alpine
|
||||||
|
container_name: infrahub-cache
|
||||||
|
command: redis-server --appendonly yes
|
||||||
|
volumes:
|
||||||
|
- redis-data:/data
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "redis-cli", "ping"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 3
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# === RABBITMQ (Message Queue) ===
|
||||||
|
message-queue:
|
||||||
|
image: rabbitmq:3-management-alpine
|
||||||
|
container_name: infrahub-message-queue
|
||||||
|
environment:
|
||||||
|
- RABBITMQ_DEFAULT_USER=${RABBITMQ_USER:-infrahub}
|
||||||
|
- RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD:-infrahub}
|
||||||
|
volumes:
|
||||||
|
- rabbitmq-data:/var/lib/rabbitmq
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 5
|
||||||
|
start_period: 30s
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# === INFRAHUB SERVER ===
|
||||||
|
infrahub-server:
|
||||||
|
image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest}
|
||||||
|
container_name: infrahub-server
|
||||||
|
network_mode: service:tailscale
|
||||||
|
depends_on:
|
||||||
|
tailscale:
|
||||||
|
condition: service_started
|
||||||
|
database:
|
||||||
|
condition: service_healthy
|
||||||
|
cache:
|
||||||
|
condition: service_healthy
|
||||||
|
message-queue:
|
||||||
|
condition: service_healthy
|
||||||
|
environment:
|
||||||
|
- INFRAHUB_DB_TYPE=neo4j
|
||||||
|
- INFRAHUB_DB_ADDRESS=database
|
||||||
|
- INFRAHUB_DB_PORT=7687
|
||||||
|
- INFRAHUB_DB_USERNAME=neo4j
|
||||||
|
- INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub}
|
||||||
|
- INFRAHUB_CACHE_ADDRESS=cache
|
||||||
|
- INFRAHUB_CACHE_PORT=6379
|
||||||
|
- INFRAHUB_BROKER_ADDRESS=message-queue
|
||||||
|
- INFRAHUB_BROKER_PORT=5672
|
||||||
|
- INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub}
|
||||||
|
- INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub}
|
||||||
|
- INFRAHUB_INITIAL_ADMIN_TOKEN=${INFRAHUB_ADMIN_TOKEN}
|
||||||
|
- INFRAHUB_SECURITY_SECRET_KEY=${INFRAHUB_SECRET_KEY}
|
||||||
|
- INFRAHUB_ALLOW_ANONYMOUS_ACCESS=${INFRAHUB_ALLOW_ANONYMOUS:-false}
|
||||||
|
- INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO}
|
||||||
|
- INFRAHUB_API_HOST=0.0.0.0
|
||||||
|
- INFRAHUB_API_PORT=8000
|
||||||
|
command: infrahub server start
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# === INFRAHUB TASK WORKER ===
|
||||||
|
task-worker:
|
||||||
|
image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest}
|
||||||
|
container_name: infrahub-task-worker
|
||||||
|
depends_on:
|
||||||
|
- infrahub-server
|
||||||
|
environment:
|
||||||
|
- INFRAHUB_DB_TYPE=neo4j
|
||||||
|
- INFRAHUB_DB_ADDRESS=database
|
||||||
|
- INFRAHUB_DB_PORT=7687
|
||||||
|
- INFRAHUB_DB_USERNAME=neo4j
|
||||||
|
- INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub}
|
||||||
|
- INFRAHUB_CACHE_ADDRESS=cache
|
||||||
|
- INFRAHUB_CACHE_PORT=6379
|
||||||
|
- INFRAHUB_BROKER_ADDRESS=message-queue
|
||||||
|
- INFRAHUB_BROKER_PORT=5672
|
||||||
|
- INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub}
|
||||||
|
- INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub}
|
||||||
|
- INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO}
|
||||||
|
command: infrahub server start --worker
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
tailscale-state:
|
||||||
|
neo4j-data:
|
||||||
|
neo4j-logs:
|
||||||
|
redis-data:
|
||||||
|
rabbitmq-data:
|
||||||
Reference in New Issue
Block a user