-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathdocker-compose.yml
executable file
·136 lines (125 loc) · 3.99 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
version: '2'
services:
orientdb:
# this image has multi-architecture intel & Arm64
image: openjdk:11-jdk-slim
command: /entrypoint # this is to override for official images
container_name: orientdb
# means map current user to container's root
user: ${USERID}:0
restart: always
volumes:
- './:/openedrserver'
- './orientdb/entrypoint:/entrypoint'
# entrypoint will extract tar.gz into odb, to avoid building images
- './orientdb/odb:/orientdb'
networks:
- openedr-tier
ports:
# for security, ODB API port is bind to localhost
# change it accordingly for your needs
- '127.0.0.1:2424:2424'
- '${FRONTEND_IP}:2480:2480'
openedr:
#image: keymetrics/pm2:14-slim
image: keymetrics/pm2:16-buster
container_name: openedr-app
user: ${USERID}:0
restart: always
entrypoint: /openedrserver/entrypoint
volumes:
- ./:/openedrserver
- ./.pm2:/.pm2
networks:
- openedr-tier
depends_on:
- orientdb
wekandb:
image: mongo:4.2.7
container_name: wekan-db
user: ${USERID}:0
restart: always
entrypoint: /entrypoint
networks:
- openedr-tier
expose:
- 27017
ports: # useful for debugging, no need for production
- "127.0.0.1:27017:27017"
volumes:
- ./frontend/wekanMods/dump:/dump
- ./frontend/wekanMods/db:/data/db
- ./frontend/wekanMods/startMongo.sh:/entrypoint
wekan:
#-------------------------------------------------------------------------------------
# Based on v3.19 Wekan - modifed cardDetails.styl to autowrap long lines
image: jymcheong/openedr:frontend
#-------------------------------------------------------------------------------------
container_name: wekan-app
user: ${USERID}:0
restart: always
#volumes:
# - ./entrypoint:/entrypoint
networks:
- openedr-tier
ports:
# for security, this investigation interface is bind to localhost
# change it accordingly for your needs
# Note that WEKAN_URL set in .env should resolve to the chosen IP address
- ${FRONTEND_IP}:${FRONTEND_PORT}:8080
environment:
- MONGO_URL=mongodb://wekan-db:27017/wekan
- ROOT_URL=http://${FRONTEND_IP}:${FRONTEND_PORT} # see ./openedrserver/.env
- MAIL_URL=smtp://<mail_url>:25/?ignoreTLS=true&tls={rejectUnauthorized:false}
- MAIL_FROM=Wekan Notifications <noreply.wekan@mydomain.com>
- WITH_API=true
- RICHER_CARD_COMMENT_EDITOR=false
- SCROLLINERTIA=0
- SCROLLAMOUNT=auto
- CARD_OPENED_WEBHOOK_ENABLED=true
- BIGEVENTS_PATTERN=NONE
- BROWSER_POLICY_ENABLED=true
depends_on:
- wekandb
onewaysftp:
image: jymcheong/openedr:sftp
container_name: onewaysftp
# tried very hard to use non-root, somehow not working
#user: ${USERID}:0
# Disable this since bindfs need to start before this container
# see manage/mountUploads.sh script
restart: always
command:
- 'uploader::1001'
volumes:
- './backend/sftp/log:/var/log'
- './backend/sftp/keys:/etc/ssh/keys'
- './clientconf:/home/clientconf'
# events are uploaded to this directory monitored by incrontabd
- './backend/sftp/uploads:/home/uploader/uploads'
# corresponds to .env C2_PATH=/openedrserver/backend/sftp/response/
- './backend/sftp/response:/home/uploader/response:ro'
- './backend/sftp/scripts:/etc/sftp.d'
- './backend/sftp/IPaddresses:/etc/IPaddresses'
ports:
- "${SFTP_HOST}:${SFTP_PORT}:2222"
depends_on:
- wekan
caddy:
image: caddy
container_name: clientconfighosting
# Ubuntu-20-Arm64 refuses to bind 80
#user: ${USERID}:0
restart: always
ports:
- "${SFTP_HOST}:${SFTPCONF_PORT}:80"
volumes:
- ./clientconf:/usr/share/caddy
depends_on:
- onewaysftp
volumes:
wekan-db:
driver: local
networks:
openedr-tier:
driver: bridge