--- services: # To test with MariaDB, set FLEET_MYSQL_IMAGE to mariadb:10.6 or the like (note MariaDB is not # officially supported). # To run in macOS M1, set FLEET_MYSQL_IMAGE=arm64v8/mysql:oracle FLEET_MYSQL_PLATFORM=linux/arm64/v8 mysql: image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44} platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64} volumes: - mysql-persistent-volume:/tmp command: [ "mysqld", "--datadir=/tmp/mysqldata", # These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it. "--enforce-gtid-consistency=ON", "--log-bin=bin.log", "--server-id=master-01", # Required for storage of Apple MDM bootstrap packages. "--max_allowed_packet=536870912", # Automatically expire binary logs after 1 day to save disk space in dev. Default is 30 days. "--binlog-expire-logs-seconds=86400", ] environment: &mysql-default-environment MYSQL_ROOT_PASSWORD: toor MYSQL_DATABASE: fleet MYSQL_USER: fleet MYSQL_PASSWORD: insecure # This is required by Percona XtraDB server. CLUSTER_NAME: fleet ports: - "127.0.0.1:${FLEET_MYSQL_PORT:-3306}:3306" mysql_test: image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44} platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64} # innodb-file-per-table=OFF gives ~20% speedup for test runs. command: [ "mysqld", "--datadir=/tmpfs", "--slow_query_log=1", "--log_output=TABLE", "--log-queries-not-using-indexes", "--innodb-file-per-table=OFF", "--table-definition-cache=8192", # These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it. "--enforce-gtid-consistency=ON", "--log-bin=bin.log", "--server-id=1", # Required for storage of Apple MDM bootstrap packages. "--max_allowed_packet=536870912", # Automatically expire binary logs after 1 day to save disk space in dev. Default is 30 days. "--binlog-expire-logs-seconds=86400", ] environment: *mysql-default-environment ports: - "127.0.0.1:${FLEET_MYSQL_TEST_PORT:-3307}:3306" tmpfs: - /var/lib/mysql:rw,noexec,nosuid - /tmpfs mysql_replica_test: image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44} platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64} # innodb-file-per-table=OFF gives ~20% speedup for test runs. command: [ "mysqld", "--datadir=/tmpfs", "--slow_query_log=1", "--log_output=TABLE", "--log-queries-not-using-indexes", "--innodb-file-per-table=OFF", "--table-definition-cache=8192", # These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it. "--enforce-gtid-consistency=ON", "--log-bin=bin.log", "--server-id=2", # Required for storage of Apple MDM bootstrap packages. "--max_allowed_packet=536870912", # Automatically expire binary logs after 1 day to save disk space in dev. Default is 30 days. "--binlog-expire-logs-seconds=86400", ] environment: *mysql-default-environment ports: # ports 3308 and 3309 are used by the main and replica MySQL containers in tools/mysql-replica-testing/docker-compose.yml - "127.0.0.1:${FLEET_MYSQL_REPLICA_TEST_PORT:-3310}:3306" tmpfs: - /var/lib/mysql:rw,noexec,nosuid - /tmpfs # Unauthenticated SMTP server. mailhog: image: mailhog/mailhog:latest ports: - "127.0.0.1:${FLEET_MAILHOG_WEB_PORT:-8025}:8025" - "127.0.0.1:${FLEET_MAILHOG_SMTP_PORT:-1025}:1025" # SMTP server with Basic Authentication. mailpit: image: axllent/mailpit:latest ports: - "127.0.0.1:${FLEET_MAILPIT_WEB_PORT:-8026}:8025" - "127.0.0.1:${FLEET_MAILPIT_SMTP_PORT:-1026}:1025" volumes: - ./tools/mailpit/auth.txt:/auth.txt command: ["--smtp-auth-file=/auth.txt", "--smtp-auth-allow-insecure=true"] # SMTP server with TLS smtp4dev_test: image: rnwood/smtp4dev:v3 ports: - "127.0.0.1:${FLEET_SMTP4DEV_WEB_PORT:-8028}:80" - "127.0.0.1:${FLEET_SMTP4DEV_SMTP_PORT:-1027}:25" volumes: - ./tools/smtp4dev:/certs environment: - ServerOptions__TlsMode=ImplicitTls - ServerOptions__TlsCertificate=/certs/fleet.crt - ServerOptions__TlsCertificatePrivateKey=/certs/fleet.key redis: image: redis:6 ports: - "127.0.0.1:${FLEET_REDIS_PORT:-6379}:6379" saml_idp: image: fleetdm/docker-idp:latest volumes: - ./tools/saml/users.php:/var/www/simplesamlphp/config/authsources.php - ./tools/saml/config.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php ports: - "127.0.0.1:${FLEET_SAML_IDP_HTTP_PORT:-9080}:8080" - "127.0.0.1:${FLEET_SAML_IDP_HTTPS_PORT:-9443}:8443" # CAdvisor container allows monitoring other containers. Useful for # development. cadvisor: image: gcr.io/cadvisor/cadvisor:latest ports: - "127.0.0.1:${FLEET_CADVISOR_PORT:-5678}:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - /sys:/sys:ro - /var/lib/docker/:/var/lib/docker:ro prometheus: image: prom/prometheus:latest ports: - "127.0.0.1:${FLEET_PROMETHEUS_PORT:-9090}:9090" volumes: - ./tools/app/prometheus.yml:/etc/prometheus/prometheus.yml # localstack to simulate AWS integrations like firehose & kinesis # use http://localhost:4566 as the `--endpoint-url` argument in awscli localstack: image: localstack/localstack:4.5 ports: - "127.0.0.1:${FLEET_LOCALSTACK_PORT:-4566}:4566" - "127.0.0.1:${FLEET_LOCALSTACK_LEGACY_PORT:-4571}:4571" environment: - SERVICES=firehose,kinesis,s3,iam,sts,secretsmanager # s3 compatible object storage (file carving/software installers) s3: image: rustfs/rustfs:1.0.0-alpha.85 ports: - "127.0.0.1:${FLEET_S3_PORT:-9000}:9000" - "127.0.0.1:${FLEET_S3_CONSOLE_PORT:-9001}:9001" environment: - RUSTFS_ADDRESS=0.0.0.0:9000 - RUSTFS_CONSOLE_ADDRESS=0.0.0.0:9001 - RUSTFS_CONSOLE_ENABLE=true - RUSTFS_ACCESS_KEY=locals3 - RUSTFS_SECRET_KEY=locals3 volumes: - data-s3:/data:rw volumes: mysql-persistent-volume: data-s3: