-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathdocker-compose.yml
163 lines (153 loc) · 3.74 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
---
services:
manager:
build:
context: manager
additional_contexts:
common: common
platform: linux/amd64
container_name: manager
restart: unless-stopped
env_file:
- .env
depends_on:
manager_mq:
condition: service_healthy
manager_db:
condition: service_healthy
manager_mongodb:
condition: service_healthy
manager_graphdb:
condition: service_healthy
volumes:
- graphml_share:/graph_data
# For testing
- ./pcaps:/usr/src/app/pcaps
# For PCAPs
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
manager_db:
image: postgres:13.8-bullseye
platform: linux/amd64
container_name: manager_db
restart: unless-stopped
env_file:
- .env
volumes:
- pg_data:/var/lib/postgresql/data
network_mode: "host"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 10s
timeout: 10s
retries: 5
manager_mq:
build: manager_mq
platform: linux/amd64
container_name: manager_mq
restart: unless-stopped
env_file:
- .env
volumes:
- ./manager_mq/enabled_plugins:/etc/rabbitmq/enabled_plugins
network_mode: "host"
healthcheck:
test: ["CMD-SHELL", "rabbitmq-diagnostics -q ping"]
interval: 10s
timeout: 10s
retries: 5
manager_mongodb:
build: manager_mongodb
platform: linux/amd64
container_name: manager_mongodb
restart: unless-stopped
env_file:
- .env
volumes:
- mongo_data:/data/db
network_mode: "host"
healthcheck:
test: ["CMD-SHELL", "mongosh --quiet --eval 'db.runCommand({ping: 1})'"]
interval: 20s
timeout: 10s
retries: 5
manager_graphdb:
build: manager_graphdb
platform: linux/amd64
container_name: manager_graphdb
restart: unless-stopped
env_file:
- .env
environment:
# https://neo4j.com/docs/operations-manual/current/docker/ref-settings/
NEO4J_dbms_security_procedures_unrestricted: "apoc.*,gds.*"
NEO4J_dbms.usage_report.enabled: false
apoc.export.file.enabled: true
apoc.import.file.enabled: true
apoc.import.file.use_neo4j_config: false
volumes:
- neo_data:/var/lib/neo4j/data
- graphml_share:/graph_data
network_mode: "host"
healthcheck:
test: ["CMD-SHELL", "wget http://localhost:7474/"]
interval: 10s
timeout: 10s
retries: 10
ids:
build: ./ids
platform: linux/amd64
container_name: ids
command: sh /usr/local/bin/docker_entrypoint.sh
env_file:
- .env
cap_add:
- NET_ADMIN
- NET_RAW
network_mode: "host"
opensearch:
build:
context: opensearch
additional_contexts:
common: common
platform: linux/amd64
container_name: opensearch
# Required so that ES generates an acceptable SAN in its HTTPS Cert
hostname: "opensearch"
env_file:
- .env
environment:
node.name: "opensearch"
cluster.name: "aica"
discovery.type: "single-node"
OPENSEARCH_JAVA_OPTS: "-Xms512m -Xmx512m"
DISABLE_INSTALL_DEMO_CONFIG: true
network_mode: "host"
volumes:
- opensearch_data:/usr/share/opensearch/data
opensearch_dashboards:
build:
context: opensearch_dashboards
additional_contexts:
common: common
platform: linux/amd64
hostname: "opensearch_dashboards"
depends_on:
- opensearch
restart: unless-stopped
env_file:
- .env
volumes:
- opensearch_dashboards_data:/usr/share/opensearch-dashboards/data
network_mode: "host"
networks:
frontend:
volumes:
mongo_data:
pg_data:
opensearch_data:
opensearch_dashboards_data:
neo_data:
graphml_share: