2021-05-05 05:36:55 +08:00
|
|
|
version: "3.4"
|
2021-03-26 00:17:52 +08:00
|
|
|
|
|
|
|
|
services:
|
2021-03-26 00:59:14 +08:00
|
|
|
netmaker:
|
|
|
|
|
container_name: netmaker
|
2022-11-05 02:50:54 +08:00
|
|
|
image: gravitl/netmaker:v0.16.3
|
2021-05-19 01:55:06 +08:00
|
|
|
cap_add:
|
|
|
|
|
- NET_ADMIN
|
2022-02-09 11:22:16 +08:00
|
|
|
- NET_RAW
|
|
|
|
|
- SYS_MODULE
|
|
|
|
|
sysctls:
|
|
|
|
|
- net.ipv4.ip_forward=1
|
|
|
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
2022-04-26 22:41:44 +08:00
|
|
|
- net.ipv6.conf.all.disable_ipv6=0
|
2022-05-02 22:48:00 +08:00
|
|
|
- net.ipv6.conf.all.forwarding=1
|
2021-03-26 00:17:52 +08:00
|
|
|
restart: always
|
2022-07-07 22:54:18 +08:00
|
|
|
volumes:
|
|
|
|
|
- dnsconfig:/root/config/dnsconfig
|
|
|
|
|
- sqldata:/root/data
|
2022-09-27 20:06:33 +08:00
|
|
|
- mosquitto_data:/etc/netmaker
|
2021-05-17 23:55:03 +08:00
|
|
|
environment:
|
2022-11-02 23:22:40 +08:00
|
|
|
BROKER_NAME: "broker.NETMAKER_BASE_DOMAIN"
|
|
|
|
|
SERVER_NAME: "NETMAKER_BASE_DOMAIN"
|
2021-08-12 00:19:28 +08:00
|
|
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
2021-09-23 12:12:32 +08:00
|
|
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
2021-08-12 00:19:28 +08:00
|
|
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
|
|
|
|
DNS_MODE: "on"
|
2021-09-23 12:12:32 +08:00
|
|
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
2021-08-12 00:19:28 +08:00
|
|
|
API_PORT: "8081"
|
2021-10-07 23:28:24 +08:00
|
|
|
CLIENT_MODE: "on"
|
2021-08-12 00:19:28 +08:00
|
|
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
|
|
|
|
CORS_ALLOWED_ORIGIN: "*"
|
2021-11-17 11:39:28 +08:00
|
|
|
DISPLAY_KEYS: "on"
|
2022-01-23 01:31:32 +08:00
|
|
|
DATABASE: "sqlite"
|
2021-11-04 04:50:42 +08:00
|
|
|
NODE_ID: "netmaker-server-1"
|
2022-02-09 11:22:16 +08:00
|
|
|
MQ_HOST: "mq"
|
2022-07-07 22:54:18 +08:00
|
|
|
MQ_PORT: "443"
|
2022-07-08 03:57:19 +08:00
|
|
|
MQ_SERVER_PORT: "1883"
|
2022-02-09 11:22:16 +08:00
|
|
|
HOST_NETWORK: "off"
|
|
|
|
|
VERBOSITY: "1"
|
2022-05-03 23:40:45 +08:00
|
|
|
MANAGE_IPTABLES: "on"
|
2022-05-25 03:17:39 +08:00
|
|
|
PORT_FORWARD_SERVICES: "dns"
|
2022-09-27 20:06:33 +08:00
|
|
|
MQ_ADMIN_PASSWORD: "REPLACE_MQ_ADMIN_PASSWORD"
|
2022-01-23 01:31:32 +08:00
|
|
|
ports:
|
|
|
|
|
- "51821-51830:51821-51830/udp"
|
2022-07-07 22:54:18 +08:00
|
|
|
expose:
|
|
|
|
|
- "8081"
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
|
|
|
|
- traefik.http.routers.netmaker-api.entrypoints=websecure
|
|
|
|
|
- traefik.http.routers.netmaker-api.rule=Host(`api.NETMAKER_BASE_DOMAIN`)
|
|
|
|
|
- traefik.http.routers.netmaker-api.service=netmaker-api
|
|
|
|
|
- traefik.http.services.netmaker-api.loadbalancer.server.port=8081
|
2021-03-26 00:59:14 +08:00
|
|
|
netmaker-ui:
|
|
|
|
|
container_name: netmaker-ui
|
2022-11-05 02:50:54 +08:00
|
|
|
image: gravitl/netmaker-ui:v0.16.3
|
2021-03-26 00:17:52 +08:00
|
|
|
depends_on:
|
2021-03-26 00:59:14 +08:00
|
|
|
- netmaker
|
2021-05-05 05:36:55 +08:00
|
|
|
links:
|
|
|
|
|
- "netmaker:api"
|
2022-07-07 22:54:18 +08:00
|
|
|
restart: always
|
2021-03-26 00:17:52 +08:00
|
|
|
environment:
|
2021-08-12 00:19:28 +08:00
|
|
|
BACKEND_URL: "https://api.NETMAKER_BASE_DOMAIN"
|
2022-07-07 22:54:18 +08:00
|
|
|
expose:
|
|
|
|
|
- "80"
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.accessControlAllowOriginList=*.NETMAKER_BASE_DOMAIN
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.stsSeconds=31536000
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.browserXssFilter=true
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.customFrameOptionsValue=SAMEORIGIN
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.customResponseHeaders.X-Robots-Tag=none
|
|
|
|
|
- traefik.http.middlewares.nmui-security.headers.customResponseHeaders.Server= # Remove the server name
|
|
|
|
|
- traefik.http.routers.netmaker-ui.entrypoints=websecure
|
|
|
|
|
- traefik.http.routers.netmaker-ui.middlewares=nmui-security@docker
|
|
|
|
|
- traefik.http.routers.netmaker-ui.rule=Host(`dashboard.NETMAKER_BASE_DOMAIN`)
|
|
|
|
|
- traefik.http.routers.netmaker-ui.service=netmaker-ui
|
|
|
|
|
- traefik.http.services.netmaker-ui.loadbalancer.server.port=80
|
2021-05-19 01:55:06 +08:00
|
|
|
coredns:
|
2022-07-07 22:54:18 +08:00
|
|
|
container_name: coredns
|
2021-05-19 01:55:06 +08:00
|
|
|
image: coredns/coredns
|
|
|
|
|
command: -conf /root/dnsconfig/Corefile
|
2022-07-07 22:54:18 +08:00
|
|
|
depends_on:
|
|
|
|
|
- netmaker
|
2021-05-19 01:55:06 +08:00
|
|
|
restart: always
|
|
|
|
|
volumes:
|
|
|
|
|
- dnsconfig:/root/dnsconfig
|
2022-07-07 22:54:18 +08:00
|
|
|
traefik:
|
2022-11-11 04:04:14 +08:00
|
|
|
image: traefik:v2.9
|
2022-07-07 22:54:18 +08:00
|
|
|
container_name: traefik
|
|
|
|
|
command:
|
|
|
|
|
- "--certificatesresolvers.http.acme.email=YOUR_EMAIL"
|
|
|
|
|
- "--certificatesresolvers.http.acme.storage=/letsencrypt/acme.json"
|
|
|
|
|
- "--certificatesresolvers.http.acme.tlschallenge=true"
|
|
|
|
|
- "--entrypoints.websecure.address=:443"
|
|
|
|
|
- "--entrypoints.websecure.http.tls=true"
|
|
|
|
|
- "--entrypoints.websecure.http.tls.certResolver=http"
|
|
|
|
|
- "--log.level=INFO"
|
|
|
|
|
- "--providers.docker=true"
|
|
|
|
|
- "--providers.docker.exposedByDefault=false"
|
|
|
|
|
- "--serverstransport.insecureskipverify=true"
|
|
|
|
|
restart: always
|
|
|
|
|
volumes:
|
|
|
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
|
|
|
- traefik_certs:/letsencrypt
|
2022-05-25 03:17:39 +08:00
|
|
|
ports:
|
|
|
|
|
- "443:443"
|
2022-02-09 11:22:16 +08:00
|
|
|
mq:
|
2022-07-07 22:54:18 +08:00
|
|
|
container_name: mq
|
2022-11-11 04:04:14 +08:00
|
|
|
image: eclipse-mosquitto:2.0.15-openssl
|
2022-04-26 23:02:21 +08:00
|
|
|
depends_on:
|
|
|
|
|
- netmaker
|
2022-02-09 11:22:16 +08:00
|
|
|
restart: unless-stopped
|
2022-09-26 19:23:32 +08:00
|
|
|
command: ["/mosquitto/config/wait.sh"]
|
|
|
|
|
environment:
|
2022-10-01 01:58:43 +08:00
|
|
|
NETMAKER_SERVER_HOST: "https://api.NETMAKER_BASE_DOMAIN"
|
2022-02-09 11:22:16 +08:00
|
|
|
volumes:
|
|
|
|
|
- /root/mosquitto.conf:/mosquitto/config/mosquitto.conf
|
2022-09-26 19:23:32 +08:00
|
|
|
- /root/wait.sh:/mosquitto/config/wait.sh
|
2022-02-09 11:22:16 +08:00
|
|
|
- mosquitto_data:/mosquitto/data
|
|
|
|
|
- mosquitto_logs:/mosquitto/log
|
2022-07-07 22:54:18 +08:00
|
|
|
expose:
|
|
|
|
|
- "8883"
|
|
|
|
|
labels:
|
|
|
|
|
- traefik.enable=true
|
2022-11-10 19:29:15 +08:00
|
|
|
- traefik.http.routers.mqtt_websocket.rule=Host(`broker.NETMAKER_BASE_DOMAIN`)
|
2022-11-10 14:37:49 +08:00
|
|
|
- traefik.http.routers.mqtt_websocket.entrypoints=websecure
|
2022-11-09 22:34:13 +08:00
|
|
|
- traefik.http.routers.mqtt_websocket.tls.certresolver=http
|
|
|
|
|
- traefik.http.services.mqtt_websocket.loadbalancer.server.port=8883
|
2021-03-26 00:17:52 +08:00
|
|
|
volumes:
|
2022-07-07 22:54:18 +08:00
|
|
|
traefik_certs: {}
|
2021-08-12 00:19:28 +08:00
|
|
|
sqldata: {}
|
2021-05-19 01:55:06 +08:00
|
|
|
dnsconfig: {}
|
2022-02-09 11:22:16 +08:00
|
|
|
mosquitto_data: {}
|
2022-09-28 23:35:27 +08:00
|
|
|
mosquitto_logs: {}
|
