mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
963cc7e22c
#24385 Some docs change here: https://github.com/fleetdm/fleet/pull/25026. - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [X] Added/updated tests - [X] Manual QA for all new/changed functionality
171 lines
5.1 KiB
YAML
171 lines
5.1 KiB
YAML
---
|
|
services:
|
|
# To test with MariaDB, set FLEET_MYSQL_IMAGE to mariadb:10.6 or the like (note MariaDB is not
|
|
# officially supported).
|
|
# To run in macOS M1, set FLEET_MYSQL_IMAGE=arm64v8/mysql:oracle FLEET_MYSQL_PLATFORM=linux/arm64/v8
|
|
mysql:
|
|
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.36}
|
|
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
|
|
volumes:
|
|
- mysql-persistent-volume:/tmp
|
|
command: [
|
|
"mysqld",
|
|
"--datadir=/tmp/mysqldata",
|
|
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
|
|
"--enforce-gtid-consistency=ON",
|
|
"--log-bin=bin.log",
|
|
"--server-id=master-01",
|
|
# Required for storage of Apple MDM bootstrap packages.
|
|
"--max_allowed_packet=536870912",
|
|
]
|
|
environment: &mysql-default-environment
|
|
MYSQL_ROOT_PASSWORD: toor
|
|
MYSQL_DATABASE: fleet
|
|
MYSQL_USER: fleet
|
|
MYSQL_PASSWORD: insecure
|
|
# This is required by Percona XtraDB server.
|
|
CLUSTER_NAME: fleet
|
|
ports:
|
|
- "3306:3306"
|
|
|
|
mysql_test:
|
|
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.36}
|
|
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
|
|
# innodb-file-per-table=OFF gives ~20% speedup for test runs.
|
|
command: [
|
|
"mysqld",
|
|
"--datadir=/tmpfs",
|
|
"--slow_query_log=1",
|
|
"--log_output=TABLE",
|
|
"--log-queries-not-using-indexes",
|
|
"--innodb-file-per-table=OFF",
|
|
"--table-definition-cache=8192",
|
|
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
|
|
"--enforce-gtid-consistency=ON",
|
|
"--log-bin=bin.log",
|
|
"--server-id=1",
|
|
# Required for storage of Apple MDM bootstrap packages.
|
|
"--max_allowed_packet=536870912",
|
|
]
|
|
environment: *mysql-default-environment
|
|
ports:
|
|
- "3307:3306"
|
|
tmpfs:
|
|
- /var/lib/mysql:rw,noexec,nosuid
|
|
- /tmpfs
|
|
|
|
mysql_replica_test:
|
|
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.36}
|
|
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
|
|
# innodb-file-per-table=OFF gives ~20% speedup for test runs.
|
|
command: [
|
|
"mysqld",
|
|
"--datadir=/tmpfs",
|
|
"--slow_query_log=1",
|
|
"--log_output=TABLE",
|
|
"--log-queries-not-using-indexes",
|
|
"--innodb-file-per-table=OFF",
|
|
"--table-definition-cache=8192",
|
|
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
|
|
"--enforce-gtid-consistency=ON",
|
|
"--log-bin=bin.log",
|
|
"--server-id=2",
|
|
# Required for storage of Apple MDM bootstrap packages.
|
|
"--max_allowed_packet=536870912",
|
|
]
|
|
environment: *mysql-default-environment
|
|
ports:
|
|
# ports 3308 and 3309 are used by the main and replica MySQL containers in tools/mysql-replica-testing/docker-compose.yml
|
|
- "3310:3306"
|
|
tmpfs:
|
|
- /var/lib/mysql:rw,noexec,nosuid
|
|
- /tmpfs
|
|
|
|
# Unauthenticated SMTP server.
|
|
mailhog:
|
|
image: mailhog/mailhog:latest
|
|
ports:
|
|
- "8025:8025"
|
|
- "1025:1025"
|
|
|
|
# SMTP server with Basic Authentication.
|
|
mailpit:
|
|
image: axllent/mailpit:latest
|
|
ports:
|
|
- "8026:8025"
|
|
- "1026:1025"
|
|
volumes:
|
|
- ./tools/mailpit/auth.txt:/auth.txt
|
|
command: ["--smtp-auth-file=/auth.txt", "--smtp-auth-allow-insecure=true"]
|
|
|
|
# SMTP server with TLS
|
|
smtp4dev_test:
|
|
image: rnwood/smtp4dev:v3
|
|
ports:
|
|
- "8028:80"
|
|
- "1027:25"
|
|
volumes:
|
|
- ./tools/smtp4dev:/certs
|
|
environment:
|
|
- ServerOptions__TlsMode=ImplicitTls
|
|
- ServerOptions__TlsCertificate=/certs/fleet.crt
|
|
- ServerOptions__TlsCertificatePrivateKey=/certs/fleet.key
|
|
|
|
redis:
|
|
image: redis:5
|
|
ports:
|
|
- "6379:6379"
|
|
|
|
saml_idp:
|
|
image: fleetdm/docker-idp:latest
|
|
volumes:
|
|
- ./tools/saml/users.php:/var/www/simplesamlphp/config/authsources.php
|
|
- ./tools/saml/config.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php
|
|
ports:
|
|
- "9080:8080"
|
|
- "9443:8443"
|
|
|
|
# CAdvisor container allows monitoring other containers. Useful for
|
|
# development.
|
|
cadvisor:
|
|
image: google/cadvisor:latest
|
|
ports:
|
|
- "5678:8080"
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- /sys:/sys:ro
|
|
- /var/lib/docker/:/var/lib/docker:ro
|
|
|
|
prometheus:
|
|
image: prom/prometheus:latest
|
|
ports:
|
|
- "9090:9090"
|
|
volumes:
|
|
- ./tools/app/prometheus.yml:/etc/prometheus/prometheus.yml
|
|
|
|
# localstack to simulate AWS integrations like firehose & kinesis
|
|
# use http://localhost:4566 as the `--endpoint-url` argument in awscli
|
|
localstack:
|
|
image: localstack/localstack
|
|
ports:
|
|
- "4566:4566"
|
|
- "4571:4571"
|
|
environment:
|
|
- SERVICES=firehose,kinesis
|
|
|
|
# s3 compatible object storage (file carving backend)
|
|
minio:
|
|
image: quay.io/minio/minio
|
|
command: server /data --console-address ":9001"
|
|
ports:
|
|
- "9000:9000"
|
|
- "9001:9001"
|
|
environment:
|
|
MINIO_ROOT_USER: minio
|
|
MINIO_ROOT_PASSWORD: minio123!
|
|
volumes:
|
|
- data-minio:/data
|
|
|
|
volumes:
|
|
mysql-persistent-volume:
|
|
data-minio:
|