/
docker-compose.yaml
171 lines (163 loc) 路 4.91 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
# Base compose file
services:
api:
build: .
container_name: api
ports:
- "8000:8000"
volumes:
- ./tracecat:/app/tracecat
- app-storage:/var/lib/tracecat
environment:
API_MODULE: "tracecat.api.app:app"
# Shared
LOG_LEVEL: ${LOG_LEVEL}
RABBITMQ_URI: ${RABBITMQ_URI}
TRACECAT__APP_ENV: ${TRACECAT__APP_ENV}
TRACECAT__DB_ENCRYPTION_KEY: ${TRACECAT__DB_ENCRYPTION_KEY}
TRACECAT__DB_URI: ${TRACECAT__DB_URI}
TRACECAT__SERVICE_KEY: ${TRACECAT__SERVICE_KEY}
TRACECAT__SIGNING_SECRET: ${TRACECAT__SIGNING_SECRET}
TRACECAT__API_URL: ${TRACECAT__API_URL}
TRACECAT__RUNNER_URL: ${TRACECAT__RUNNER_URL}
TRACECAT__PUBLIC_RUNNER_URL: ${TRACECAT__PUBLIC_RUNNER_URL}
# Auth
CLERK_FRONTEND_API_URL: ${CLERK_FRONTEND_API_URL}
TRACECAT__DISABLE_AUTH: ${TRACECAT__DISABLE_AUTH}
# Integrations
OPENAI_API_KEY: ${OPENAI_API_KEY}
restart: unless-stopped
depends_on:
rabbitmq:
condition: service_healthy
networks:
- internal-network
runner:
build: .
container_name: runner
ports:
- "8001:8000"
volumes:
- ./tracecat:/app/tracecat
- app-storage:/var/lib/tracecat
environment:
API_MODULE: "tracecat.runner.app:app"
# Shared
LOG_LEVEL: ${LOG_LEVEL}
RABBITMQ_URI: ${RABBITMQ_URI}
TRACECAT__APP_ENV: ${TRACECAT__APP_ENV}
TRACECAT__DB_ENCRYPTION_KEY: ${TRACECAT__DB_ENCRYPTION_KEY}
TRACECAT__DB_URI: ${TRACECAT__DB_URI}
TRACECAT__SERVICE_KEY: ${TRACECAT__SERVICE_KEY}
TRACECAT__SIGNING_SECRET: ${TRACECAT__SIGNING_SECRET}
TRACECAT__API_URL: ${TRACECAT__API_URL}
TRACECAT__RUNNER_URL: ${TRACECAT__RUNNER_URL}
TRACECAT__PUBLIC_RUNNER_URL: ${TRACECAT__PUBLIC_RUNNER_URL}
# Integrations
OPENAI_API_KEY: ${OPENAI_API_KEY}
RESEND_API_KEY: ${RESEND_API_KEY}
restart: unless-stopped
depends_on:
rabbitmq:
condition: service_healthy
networks:
- internal-network
scheduler:
build:
context: .
dockerfile: Dockerfile
container_name: scheduler
ports:
- "8002:8000"
volumes:
- ./tracecat:/app/tracecat
- app-storage:/var/lib/tracecat
environment:
API_MODULE: "tracecat.scheduler.app:app"
# Shared
LOG_LEVEL: ${LOG_LEVEL}
RABBITMQ_URI: ${RABBITMQ_URI}
TRACECAT__APP_ENV: ${TRACECAT__APP_ENV}
TRACECAT__DB_ENCRYPTION_KEY: ${TRACECAT__DB_ENCRYPTION_KEY}
TRACECAT__DB_URI: ${TRACECAT__DB_URI}
TRACECAT__SERVICE_KEY: ${TRACECAT__SERVICE_KEY}
TRACECAT__SIGNING_SECRET: ${TRACECAT__SIGNING_SECRET}
TRACECAT__API_URL: ${TRACECAT__API_URL}
TRACECAT__RUNNER_URL: ${TRACECAT__RUNNER_URL}
TRACECAT__PUBLIC_RUNNER_URL: ${TRACECAT__PUBLIC_RUNNER_URL}
restart: unless-stopped
depends_on:
- api
networks:
- internal-network
frontend:
build:
context: ./frontend
args:
NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL}
NEXT_PUBLIC_APP_URL: ${NEXT_PUBLIC_APP_URL}
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY: ${NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY}
container_name: frontend
env_file: .env
ports:
- "3000:3000"
volumes:
- ./frontend/src:/app/src
- ./frontend/.next:/app/.next
- ./frontend/node_modules:/app/node_modules
environment:
NODE_ENV: ${NODE_ENV}
NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL}
NEXT_PUBLIC_APP_ENV: ${NEXT_PUBLIC_APP_ENV}
NEXT_PUBLIC_APP_URL: ${NEXT_PUBLIC_APP_URL}
# Auth
NEXT_PUBLIC_DISABLE_AUTH: ${TRACECAT__DISABLE_AUTH} # Prefix with NEXT_PUBLIC_ to expose to client
CLERK_SECRET_KEY: ${CLERK_SECRET_KEY}
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY: ${NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY}
NEXT_PUBLIC_CLERK_SIGN_IN_URL: ${NEXT_PUBLIC_CLERK_SIGN_IN_URL}
NEXT_PUBLIC_CLERK_SIGN_UP_URL: ${NEXT_PUBLIC_CLERK_SIGN_UP_URL}
restart: unless-stopped
depends_on:
- api
- runner
networks:
- internal-network
rabbitmq:
image: rabbitmq:3.13-management
container_name: rabbitmq
ports:
- "5672:5672" # RabbitMQ server
- "15672:15672" # Management UI
environment:
RABBITMQ_USER: ${RABBITMQ_USER}
RABBITMQ_PASS: ${RABBITMQ_PASS}
volumes:
- mq-storage:/var/lib/rabbitmq
restart: unless-stopped
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "ping", "-q"]
interval: 10s
timeout: 5s
retries: 5
networks:
- internal-network
postgres_db:
image: postgres:16.2-bullseye
container_name: postgres_db
ports:
- "5432:5432"
volumes:
- db-storage:/var/lib/postgresql/data
restart: always
shm_size: 128mb
environment:
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
networks:
- internal-network
networks:
internal-network:
volumes:
app-storage:
db-storage:
mq-storage: