services: # === TAILSCALE === tailscale: image: tailscale/tailscale:latest container_name: infrahub-tailscale hostname: infrahub environment: - TS_AUTHKEY=${TS_AUTHKEY} - TS_STATE_DIR=/var/lib/tailscale - TS_SERVE_CONFIG=/config/serve-config.json volumes: - tailscale-state:/var/lib/tailscale - ./serve-config.json:/config/serve-config.json:ro cap_add: - NET_ADMIN - SYS_MODULE restart: unless-stopped # === NEO4J (Graph Database) === database: image: neo4j:5.23-community container_name: infrahub-database environment: - NEO4J_AUTH=neo4j/${NEO4J_PASSWORD:-infrahub} - NEO4J_PLUGINS=["apoc"] - NEO4J_dbms_security_procedures_unrestricted=apoc.* - NEO4J_dbms_security_procedures_allowlist=apoc.* - NEO4J_server_memory_heap_initial__size=1G - NEO4J_server_memory_heap_max__size=2G - NEO4J_server_memory_pagecache_size=1G volumes: - neo4j-data:/data - neo4j-logs:/logs healthcheck: test: ["CMD", "wget", "-q", "--spider", "http://localhost:7474"] interval: 30s timeout: 10s retries: 5 start_period: 60s restart: unless-stopped # === REDIS (Cache) === cache: image: redis:7-alpine container_name: infrahub-cache command: redis-server --appendonly yes volumes: - redis-data:/data healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 5s retries: 3 restart: unless-stopped # === RABBITMQ (Message Queue) === message-queue: image: rabbitmq:3-management-alpine container_name: infrahub-message-queue environment: - RABBITMQ_DEFAULT_USER=${RABBITMQ_USER:-infrahub} - RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD:-infrahub} volumes: - rabbitmq-data:/var/lib/rabbitmq healthcheck: test: ["CMD", "rabbitmq-diagnostics", "check_running"] interval: 30s timeout: 10s retries: 5 start_period: 30s restart: unless-stopped # === INFRAHUB SERVER === infrahub-server: image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest} container_name: infrahub-server network_mode: service:tailscale depends_on: tailscale: condition: service_started database: condition: service_healthy cache: condition: service_healthy message-queue: condition: service_healthy environment: - INFRAHUB_DB_TYPE=neo4j - INFRAHUB_DB_ADDRESS=database - INFRAHUB_DB_PORT=7687 - INFRAHUB_DB_USERNAME=neo4j - INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub} - INFRAHUB_CACHE_ADDRESS=cache - INFRAHUB_CACHE_PORT=6379 - INFRAHUB_BROKER_ADDRESS=message-queue - INFRAHUB_BROKER_PORT=5672 - INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub} - INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub} - INFRAHUB_INITIAL_ADMIN_TOKEN=${INFRAHUB_ADMIN_TOKEN} - INFRAHUB_SECURITY_SECRET_KEY=${INFRAHUB_SECRET_KEY} - INFRAHUB_ALLOW_ANONYMOUS_ACCESS=${INFRAHUB_ALLOW_ANONYMOUS:-false} - INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO} - INFRAHUB_API_HOST=0.0.0.0 - INFRAHUB_API_PORT=8000 command: infrahub server start restart: unless-stopped # === INFRAHUB TASK WORKER === task-worker: image: registry.opsmill.io/opsmill/infrahub:${VERSION:-latest} container_name: infrahub-task-worker depends_on: - infrahub-server environment: - INFRAHUB_DB_TYPE=neo4j - INFRAHUB_DB_ADDRESS=database - INFRAHUB_DB_PORT=7687 - INFRAHUB_DB_USERNAME=neo4j - INFRAHUB_DB_PASSWORD=${NEO4J_PASSWORD:-infrahub} - INFRAHUB_CACHE_ADDRESS=cache - INFRAHUB_CACHE_PORT=6379 - INFRAHUB_BROKER_ADDRESS=message-queue - INFRAHUB_BROKER_PORT=5672 - INFRAHUB_BROKER_USERNAME=${RABBITMQ_USER:-infrahub} - INFRAHUB_BROKER_PASSWORD=${RABBITMQ_PASSWORD:-infrahub} - INFRAHUB_LOG_LEVEL=${INFRAHUB_LOG_LEVEL:-INFO} command: infrahub server start --worker restart: unless-stopped volumes: tailscale-state: neo4j-data: neo4j-logs: redis-data: rabbitmq-data: