Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/docker-compose.yml
Scott Gress 8ea6f338de
Pin Localstack version (#42253) 
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #42252 

Pins the Localstack image to the last-known-good version (4.5) before
they 🔪 'd the community edition and started requiring an auth token. I
also added a "wait for localstack" as an initial debugging step, and
left it in to catch similar future issues. It's probably redundant since
there likely _is_ no future for Fleet and Localstack beyond this, but it
take milliseconds and would catch any other weird Localstack failures
so, why not.
2026-03-23 12:11:55 -05:00

173 lines
5.7 KiB
YAML
Raw Blame History

---
services:
# To test with MariaDB, set FLEET_MYSQL_IMAGE to mariadb:10.6 or the like (note MariaDB is not
# officially supported).
# To run in macOS M1, set FLEET_MYSQL_IMAGE=arm64v8/mysql:oracle FLEET_MYSQL_PLATFORM=linux/arm64/v8
mysql:
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44}
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
volumes:
- mysql-persistent-volume:/tmp
command: [
"mysqld",
"--datadir=/tmp/mysqldata",
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
"--enforce-gtid-consistency=ON",
"--log-bin=bin.log",
"--server-id=master-01",
# Required for storage of Apple MDM bootstrap packages.
"--max_allowed_packet=536870912",
]
environment: &mysql-default-environment
MYSQL_ROOT_PASSWORD: toor
MYSQL_DATABASE: fleet
MYSQL_USER: fleet
MYSQL_PASSWORD: insecure
# This is required by Percona XtraDB server.
CLUSTER_NAME: fleet
ports:
- "${FLEET_MYSQL_PORT:-3306}:3306"
mysql_test:
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44}
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
# innodb-file-per-table=OFF gives ~20% speedup for test runs.
command: [
"mysqld",
"--datadir=/tmpfs",
"--slow_query_log=1",
"--log_output=TABLE",
"--log-queries-not-using-indexes",
"--innodb-file-per-table=OFF",
"--table-definition-cache=8192",
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
"--enforce-gtid-consistency=ON",
"--log-bin=bin.log",
"--server-id=1",
# Required for storage of Apple MDM bootstrap packages.
"--max_allowed_packet=536870912",
]
environment: *mysql-default-environment
ports:
- "${FLEET_MYSQL_TEST_PORT:-3307}:3306"
tmpfs:
- /var/lib/mysql:rw,noexec,nosuid
- /tmpfs
mysql_replica_test:
image: ${FLEET_MYSQL_IMAGE:-mysql:8.0.44}
platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64}
# innodb-file-per-table=OFF gives ~20% speedup for test runs.
command: [
"mysqld",
"--datadir=/tmpfs",
"--slow_query_log=1",
"--log_output=TABLE",
"--log-queries-not-using-indexes",
"--innodb-file-per-table=OFF",
"--table-definition-cache=8192",
# These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it.
"--enforce-gtid-consistency=ON",
"--log-bin=bin.log",
"--server-id=2",
# Required for storage of Apple MDM bootstrap packages.
"--max_allowed_packet=536870912",
]
environment: *mysql-default-environment
ports:
# ports 3308 and 3309 are used by the main and replica MySQL containers in tools/mysql-replica-testing/docker-compose.yml
- "${FLEET_MYSQL_REPLICA_TEST_PORT:-3310}:3306"
tmpfs:
- /var/lib/mysql:rw,noexec,nosuid
- /tmpfs
# Unauthenticated SMTP server.
mailhog:
image: mailhog/mailhog:latest
ports:
- "${FLEET_MAILHOG_WEB_PORT:-8025}:8025"
- "${FLEET_MAILHOG_SMTP_PORT:-1025}:1025"
# SMTP server with Basic Authentication.
mailpit:
image: axllent/mailpit:latest
ports:
- "${FLEET_MAILPIT_WEB_PORT:-8026}:8025"
- "${FLEET_MAILPIT_SMTP_PORT:-1026}:1025"
volumes:
- ./tools/mailpit/auth.txt:/auth.txt
command: ["--smtp-auth-file=/auth.txt", "--smtp-auth-allow-insecure=true"]
# SMTP server with TLS
smtp4dev_test:
image: rnwood/smtp4dev:v3
ports:
- "${FLEET_SMTP4DEV_WEB_PORT:-8028}:80"
- "${FLEET_SMTP4DEV_SMTP_PORT:-1027}:25"
volumes:
- ./tools/smtp4dev:/certs
environment:
- ServerOptions__TlsMode=ImplicitTls
- ServerOptions__TlsCertificate=/certs/fleet.crt
- ServerOptions__TlsCertificatePrivateKey=/certs/fleet.key
redis:
image: redis:6
ports:
- "${FLEET_REDIS_PORT:-6379}:6379"
saml_idp:
image: fleetdm/docker-idp:latest
volumes:
- ./tools/saml/users.php:/var/www/simplesamlphp/config/authsources.php
- ./tools/saml/config.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php
ports:
- "${FLEET_SAML_IDP_HTTP_PORT:-9080}:8080"
- "${FLEET_SAML_IDP_HTTPS_PORT:-9443}:8443"
# CAdvisor container allows monitoring other containers. Useful for
# development.
cadvisor:
image: gcr.io/cadvisor/cadvisor:latest
ports:
- "${FLEET_CADVISOR_PORT:-5678}:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
prometheus:
image: prom/prometheus:latest
ports:
- "${FLEET_PROMETHEUS_PORT:-9090}:9090"
volumes:
- ./tools/app/prometheus.yml:/etc/prometheus/prometheus.yml
# localstack to simulate AWS integrations like firehose & kinesis
# use http://localhost:4566 as the `--endpoint-url` argument in awscli
localstack:
image: localstack/localstack:4.5
ports:
- "${FLEET_LOCALSTACK_PORT:-4566}:4566"
- "${FLEET_LOCALSTACK_LEGACY_PORT:-4571}:4571"
environment:
- SERVICES=firehose,kinesis,s3,iam,sts,secretsmanager
# s3 compatible object storage (file carving/software installers)
s3:
image: rustfs/rustfs:1.0.0-alpha.85
ports:
- "${FLEET_S3_PORT:-9000}:9000"
- "${FLEET_S3_CONSOLE_PORT:-9001}:9001"
environment:
- RUSTFS_ADDRESS=0.0.0.0:9000
- RUSTFS_CONSOLE_ADDRESS=0.0.0.0:9001
- RUSTFS_CONSOLE_ENABLE=true
- RUSTFS_ACCESS_KEY=locals3
- RUSTFS_SECRET_KEY=locals3
volumes:
- data-s3:/data:rw
volumes:
mysql-persistent-volume:
data-s3:
Reference in a new issue View git blame Copy permalink