mrckndt/CS-Repro-Mattermost
1
0
Fork 1
mirror of https://github.com/coltoneshaw/CS-Repro-Mattermost.git synced 2025-12-23 18:11:34 +01:00
Code Releases Activity
Files
87f24d2469a27a3e778a301bc4f7832ec0a1478a
CS-Repro-Mattermost/docker-compose.yml
Sven Hüster 87f24d2469 Add Promtail and Loki support for viewing Logs in Grafana (#20) 
* add promtail loki support

* updated images and removed arch directives in docker-compose

* fix grafana logs

* add restart-grafana make command

* clean up enhanced logs dashboard

* update both mattermost servers to use the same version

* update docker-compose and promtail config to use host path mounts for logs

* clean up dashboard for good
2025-05-09 21:35:07 +02:00

312 lines
10 KiB
YAML
Raw Blame History

services:
postgres:
container_name: cs-repro-postgres
image: postgres:16-alpine
restart: unless-stopped
ports:
- "5432:5432"
security_opt:
- no-new-privileges:true
pids_limit: 100
read_only: false
tmpfs:
- /tmp
- /var/run/postgresql
volumes:
- ./volumes/db/primary/data:/var/lib/postgresql/data
- ./files/postgres/primary/init.sh:/docker-entrypoint-initdb.d/init.sh
- ./files/postgres/primary/primary_config.conf:/files/postgres/primary/primary_config.conf
healthcheck:
test: pg_isready -U mmuser -d mattermost
interval: 10s
timeout: 3s
retries: 3
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- POSTGRES_DB=mattermost
- LISTEN_ADDRESS="*"
openldap:
platform: linux/amd64
container_name: cs-repro-openldap
hostname: openldap
restart: unless-stopped
image: rroemhild/test-openldap:latest
volumes:
- ./ldap:/mattermost/config:rw
ports:
- "10389:10389"
- "10636:10636"
prometheus:
container_name: cs-repro-prometheus
image: prom/prometheus:latest
restart: unless-stopped
ports:
- 9090:9090
volumes:
- ./files/prometheus.yml:/etc/prometheus/prometheus.yml:ro
- ./volumes/prometheus:/prometheus
loki:
container_name: cs-repro-loki
image: grafana/loki:3.2.2
restart: unless-stopped
ports:
- 3100:3100
volumes:
- ./files/loki:/etc/loki
- ./volumes/logs-node-1:/logs/node-1
- ./volumes/logs-node-2:/logs/node-2
command: -config.file=/etc/loki/loki-config.yaml
promtail:
container_name: cs-repro-promtail
image: grafana/promtail:3.2.2
restart: unless-stopped
ports:
- 9080:9080
volumes:
- ./files/promtail:/etc/promtail
- ./volumes/logs-node-1:/logs-node-1
- ./volumes/logs-node-2:/logs-node-2
command: -config.file=/etc/promtail/promtail-config.yaml
depends_on:
- loki
grafana:
container_name: cs-repro-grafana
image: grafana/grafana:10.0.4
ports:
- 3000:3000
restart: unless-stopped
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=admin
- GF_USERS_ALLOW_SIGN_UP=false
volumes:
- ./files/grafana/dashboards:/var/lib/grafana/dashboards
- ./files/grafana/provisioning:/etc/grafana/provisioning
- ./volumes/grafana:/var/lib/grafana
mattermost:
platform: linux/amd64
container_name: cs-repro-mattermost
depends_on:
postgres:
condition: service_healthy
mitmproxy:
condition: service_started
image: mattermost/mattermost-enterprise-edition:10.7
restart: unless-stopped
security_opt:
- no-new-privileges:true
pids_limit: 200
read_only: false
ports:
- "8065:8065"
- "8067:8067"
tmpfs:
- /tmp
volumes:
- ./volumes/mattermost/config:/mattermost/config:rw
- ./volumes/mattermost/data:/mattermost/data:rw
- ./volumes/logs-node-1:/mattermost/logs:rw
- ./volumes/mattermost/plugins:/mattermost/plugins:rw
- ./volumes/mattermost/client/plugins:/mattermost/client/plugins:rw
- ./volumes/mattermost/bleve-indexes:/mattermost/bleve-indexes:rw
## Files are required for the mitmproxy on the box
- ./files/mitmproxy/mitmproxy-ca.pem:/etc/ssl/certs/mitmproxy-ca.pem
- ./files/mitmproxy/mitmproxy-dhparam.pem:/etc/ssl/certs/mitmproxy-dhparam.pem
environment:
# - HTTP_PROXY=http://cs-repro-mitmproxy:8080
# - HTTPS_PROXY=http://cs-repro-mitmproxy:8080
- MM_SqlSettings_DriverName=postgres
- MM_SqlSettings_DataSource=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes
- MM_SAMLSETTINGS_IDPCERTIFICATEFILE=/mattermost/config/saml-cert.crt
- MM_ServiceSettings_EnableLocalMode=true
- MM_ServiceSettings_LocalModeSocketLocation=/var/tmp/mattermost_local.socket
- MM_ServiceSettings_LicenseFileLocation=/mattermost/config/license.mattermost-enterprise
- MM_LogSettings_Directory=
## mysql Settings
# - MM_SqlSettings_DriverName=mysql
# - MM_SqlSettings_DataSource=mmuser:mmuser_password@tcp(mysql:3306)/mattermost?charset=utf8mb4,utf8&writeTimeout=30s
## Disable this to migrate your config to the database
# - MM_CONFIG=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes
keycloak:
container_name: cs-repro-keycloak
restart: unless-stopped
image: quay.io/keycloak/keycloak:18.0
volumes:
- ./volumes/keycloak:/opt/keycloak/data:rw
environment:
- PROXY_ADDRESS_FORWARDING="true"
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=admin
ports:
- 8080:8080
command:
- start-dev
elasticsearch:
image: elasticsearch:7.17.10
container_name: cs-repro-elasticsearch
restart: unless-stopped
environment:
- xpack.security.enabled=false
- discovery.type=single-node
- logger.level=DEBUG
ulimits:
memlock:
soft: -1
hard: -1
cap_add:
- IPC_LOCK
volumes:
- ./volumes/elastic/data:/usr/share/elasticsearch/data
- ./volumes/elastic/plugins:/usr/share/elasticsearch/plugins
command: >
/bin/sh -c "./bin/elasticsearch-plugin list | grep -q analysis-icu
|| yes | ./bin/elasticsearch-plugin install --silent analysis-icu;
/usr/local/bin/docker-entrypoint.sh eswrapper"
ports:
- 9200:9200
- 9300:9300
postgres-replica-1:
container_name: cs-repro-postgres-replica-1
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- LISTEN_ADDRESS="*"
- REPLICA_NAME=replica_1
image: postgres:16-alpine
restart: unless-stopped
ports:
- "5433:5432"
security_opt:
- no-new-privileges:true
pids_limit: 100
read_only: false
tmpfs:
- /tmp
- /var/run/postgresql
volumes:
- ./files/postgres/replica/init.sh:/docker-entrypoint-initdb.d/init.sh
- ./volumes/db/replica_1/data:/var/lib/postgresql/data
- ./files/postgres/replica:/files/postgres/replica
depends_on:
- postgres
postgres-replica-2:
container_name: cs-repro-postgres-replica-2
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- LISTEN_ADDRESS="*"
- REPLICA_NAME=replica_2
image: postgres:16-alpine
restart: unless-stopped
ports:
- "5434:5432"
security_opt:
- no-new-privileges:true
pids_limit: 100
read_only: false
tmpfs:
- /tmp
- /var/run/postgresql
volumes:
- ./files/postgres/replica/init.sh:/docker-entrypoint-initdb.d/init.sh
- ./files/postgres/replica:/files/postgres/replica
- ./volumes/db/replica_2/data:/var/lib/postgresql/data
depends_on:
- postgres
mattermost-2:
platform: linux/amd64
container_name: cs-repro-mattermost-2
depends_on:
postgres:
condition: service_healthy
mitmproxy:
condition: service_started
image: mattermost/mattermost-enterprise-edition:10.7
restart: unless-stopped
security_opt:
- no-new-privileges:true
pids_limit: 200
read_only: false
ports:
- "8066:8065"
- "8068:8067"
tmpfs:
- /tmp
volumes:
- ./volumes/mattermost/config:/mattermost/config:rw
- ./volumes/mattermost/data:/mattermost/data:rw
- ./volumes/logs-node-2:/mattermost-1/logs:rw
- ./volumes/mattermost_2/plugins:/mattermost/plugins:rw
- ./volumes/mattermost_2/client/plugins:/mattermost/client/plugins:rw
- ./volumes/mattermost_2/bleve-indexes:/mattermost/bleve-indexes:rw
# - ./license.mattermost:/mattermost/config/license.mattermost-enterprise:ro
# - ./files/mattermost/samlCert.crt:/mattermost/config/saml-cert.crt
# - ./files/mattermost/defaultConfig.json:/mattermost/config/defaultConfig.json:ro
# - ./files/mattermost/replicaConfig.json:/mattermost/config/replicaConfig.json:ro
## Files are required for the mitmproxy on the box
- ./files/mitmproxy/mitmproxy-ca.pem:/etc/ssl/certs/mitmproxy-ca.pem
- ./files/mitmproxy/mitmproxy-dhparam.pem:/etc/ssl/certs/mitmproxy-dhparam.pem
environment:
- HTTP_PROXY=http://cs-repro-mitmproxy:8080
- HTTPS_PROXY=http://cs-repro-mitmproxy:8080
- MM_SqlSettings_DriverName=postgres
- MM_SqlSettings_DataSource=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes
- MM_SAMLSETTINGS_IDPCERTIFICATEFILE=/mattermost/config/saml-cert.crt
- MM_ServiceSettings_EnableLocalMode=true
- MM_ServiceSettings_LocalModeSocketLocation=/var/tmp/mattermost_local.socket
- MM_ServiceSettings_LicenseFileLocation=/mattermost/config/license.mattermost-enterprise
- MM_LogSettings_Directory=/mattermost/logs
mattermost-rtcd:
container_name: cs-repro-mattermost-rtcd
platform: linux/amd64
image: mattermost/rtcd:latest
restart: unless-stopped
volumes:
- ./volumes/rtcd/logs:/logs:rw
environment:
- RTCD_LOGGER_ENABLEFILE=true
- RTCD_LOGGER_FILELOCATION=/logs
- RTCD_LOGGER_FILELEVEL=DEBUG
- RTCD_API_SECURITY_ALLOWSELFREGISTRATION=true
- RTCD_LOGGER_CONSOLELEVEL=DEBUG
ports:
- "8443:8443/udp"
- "8443:8443/tcp"
- "8045:8045"
mitmproxy:
container_name: cs-repro-mitmproxy
image: mitmproxy/mitmproxy
command: mitmweb --web-host 0.0.0.0 --set confdir=/certs --mode transparent
# Named volumes section is removed since we're using host path mounts
# mysql:
# container_name: cs-repro-mysql
# image: mysql:8
# restart: always
# environment:
# MYSQL_DATABASE: "mattermost"
# # So you don't have to use root, but you can if you like
# MYSQL_USER: "mmuser"
# # You can use whatever password you like
# MYSQL_PASSWORD: "mmuser_password"
# # Password for root access
# MYSQL_ROOT_PASSWORD: "mmuser_password"
# healthcheck:
# test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
# timeout: 20supdat
# retries: 10
# ports:
# # <Port exposed> : <MySQL Port running inside container>
# - "3306:3306"
# expose:
# # Opens port 3306 on the container
# - "3306"
# # Where our data will be persisted
# volumes:
# - ./volumes/db/mysql:/var/lib/mysql
View Git Blame Copy Permalink