services: postgres: container_name: cs-repro-postgres image: postgres:16-alpine restart: unless-stopped ports: - "5432:5432" security_opt: - no-new-privileges:true pids_limit: 100 read_only: false tmpfs: - /tmp - /var/run/postgresql volumes: - ./volumes/db/primary/data:/var/lib/postgresql/data - ./files/postgres/primary/init.sh:/docker-entrypoint-initdb.d/init.sh - ./files/postgres/primary/primary_config.conf:/files/postgres/primary/primary_config.conf healthcheck: test: pg_isready -U mmuser -d mattermost interval: 10s timeout: 3s retries: 3 environment: - POSTGRES_USER=mmuser - POSTGRES_PASSWORD=mmuser_password - POSTGRES_DB=mattermost - LISTEN_ADDRESS="*" openldap: platform: linux/amd64 container_name: cs-repro-openldap hostname: openldap restart: unless-stopped image: rroemhild/test-openldap:latest volumes: - ./ldap:/mattermost/config:rw ports: - "10389:10389" - "10636:10636" prometheus: container_name: cs-repro-prometheus image: prom/prometheus:latest restart: unless-stopped ports: - 9090:9090 volumes: - ./files/prometheus.yml:/etc/prometheus/prometheus.yml:ro - ./volumes/prometheus:/prometheus grafana: container_name: cs-repro-grafana image: grafana/grafana:10.0.4 ports: - 3000:3000 restart: unless-stopped environment: - GF_SECURITY_ADMIN_USER=admin - GF_SECURITY_ADMIN_PASSWORD=admin - GF_USERS_ALLOW_SIGN_UP=false volumes: - ./files/grafana/dashboards:/var/lib/grafana/dashboards - ./files/grafana/provisioning:/etc/grafana/provisioning - ./volumes/grafana:/var/lib/grafana mattermost: platform: linux/amd64 container_name: cs-repro-mattermost depends_on: postgres: condition: service_healthy mitmproxy: condition: service_started image: mattermost/mattermost-enterprise-edition:release-9.7 restart: unless-stopped security_opt: - no-new-privileges:true pids_limit: 200 read_only: false ports: - "8065:8065" - "8067:8067" tmpfs: - /tmp volumes: - ./volumes/mattermost/config:/mattermost/config:rw - ./volumes/mattermost/data:/mattermost/data:rw - ./volumes/mattermost/logs:/mattermost/logs:rw - ./volumes/mattermost/plugins:/mattermost/plugins:rw - ./volumes/mattermost/client/plugins:/mattermost/client/plugins:rw - ./volumes/mattermost/bleve-indexes:/mattermost/bleve-indexes:rw - ./license.mattermost:/mattermost/config/license.mattermost-enterprise:ro - ./files/mattermost/samlCert.crt:/mattermost/config/saml-cert.crt - ./files/mattermost/advancedLogging.json:/mattermost/config/advancedLogging.json:ro - ./files/mattermost/defaultConfig.json:/mattermost/config/defaultConfig.json:ro - ./files/mattermost/replicaConfig.json:/mattermost/config/replicaConfig.json:ro - ./files/mattermost/rtcdConfig.json:/mattermost/config/rtcdConfig.json:ro ## Files are required for the mitmproxy on the box - ./files/mitmproxy/mitmproxy-ca.pem:/etc/ssl/certs/mitmproxy-ca.pem - ./files/mitmproxy/mitmproxy-dhparam.pem:/etc/ssl/certs/mitmproxy-dhparam.pem environment: - HTTP_PROXY=http://cs-repro-mitmproxy:8080 - HTTPS_PROXY=http://cs-repro-mitmproxy:8080 - MM_SqlSettings_DriverName=postgres - MM_SqlSettings_DataSource=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes - MM_SAMLSETTINGS_IDPCERTIFICATEFILE=/mattermost/config/saml-cert.crt - MM_ServiceSettings_EnableLocalMode=true - MM_ServiceSettings_LocalModeSocketLocation=/var/tmp/mattermost_local.socket - MM_ServiceSettings_LicenseFileLocation=/mattermost/config/license.mattermost-enterprise ## mysql Settings # - MM_SqlSettings_DriverName=mysql # - MM_SqlSettings_DataSource=mmuser:mmuser_password@tcp(mysql:3306)/mattermost?charset=utf8mb4,utf8&writeTimeout=30s ## Disable this to migrate your config to the database # - MM_CONFIG=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes keycloak: container_name: cs-repro-keycloak restart: unless-stopped platform: linux/amd64 image: quay.io/keycloak/keycloak:18.0.0 volumes: - ./volumes/keycloak:/opt/keycloak/data:rw environment: - PROXY_ADDRESS_FORWARDING="true" - KEYCLOAK_ADMIN=admin - KEYCLOAK_ADMIN_PASSWORD=admin ports: - 8080:8080 command: - start-dev elasticsearch: image: elasticsearch:7.17.10 container_name: cs-repro-elasticsearch restart: unless-stopped environment: - xpack.security.enabled=false - discovery.type=single-node - logger.level=DEBUG ulimits: memlock: soft: -1 hard: -1 cap_add: - IPC_LOCK volumes: - ./volumes/elastic/data:/usr/share/elasticsearch/data - ./volumes/elastic/plugins:/usr/share/elasticsearch/plugins command: > /bin/sh -c "./bin/elasticsearch-plugin list | grep -q analysis-icu || yes | ./bin/elasticsearch-plugin install --silent analysis-icu; /usr/local/bin/docker-entrypoint.sh eswrapper" ports: - 9200:9200 - 9300:9300 postgres-replica-1: container_name: cs-repro-postgres-replica-1 environment: - POSTGRES_USER=mmuser - POSTGRES_PASSWORD=mmuser_password - LISTEN_ADDRESS="*" - REPLICA_NAME=replica_1 image: postgres:16-alpine restart: unless-stopped ports: - "5433:5432" security_opt: - no-new-privileges:true pids_limit: 100 read_only: false tmpfs: - /tmp - /var/run/postgresql volumes: - ./files/postgres/replica/init.sh:/docker-entrypoint-initdb.d/init.sh - ./volumes/db/replica_1/data:/var/lib/postgresql/data - ./files/postgres/replica:/files/postgres/replica depends_on: - postgres postgres-replica-2: container_name: cs-repro-postgres-replica-2 environment: - POSTGRES_USER=mmuser - POSTGRES_PASSWORD=mmuser_password - LISTEN_ADDRESS="*" - REPLICA_NAME=replica_2 image: postgres:16-alpine restart: unless-stopped ports: - "5434:5432" security_opt: - no-new-privileges:true pids_limit: 100 read_only: false tmpfs: - /tmp - /var/run/postgresql volumes: - ./files/postgres/replica/init.sh:/docker-entrypoint-initdb.d/init.sh - ./files/postgres/replica:/files/postgres/replica - ./volumes/db/replica_2/data:/var/lib/postgresql/data depends_on: - postgres mattermost-2: platform: linux/amd64 container_name: cs-repro-mattermost-2 depends_on: postgres: condition: service_healthy mitmproxy: condition: service_started image: mattermost/mattermost-enterprise-edition:release-9.7 restart: unless-stopped security_opt: - no-new-privileges:true pids_limit: 200 read_only: false ports: - "8066:8065" - "8068:8067" tmpfs: - /tmp volumes: - ./volumes/mattermost/config:/mattermost/config:rw - ./volumes/mattermost/data:/mattermost/data:rw - ./volumes/mattermost_2/logs:/mattermost/logs:rw - ./volumes/mattermost_2/plugins:/mattermost/plugins:rw - ./volumes/mattermost_2/client/plugins:/mattermost/client/plugins:rw - ./volumes/mattermost_2/bleve-indexes:/mattermost/bleve-indexes:rw - ./license.mattermost:/mattermost/config/license.mattermost-enterprise:ro - ./files/mattermost/samlCert.crt:/mattermost/config/saml-cert.crt - ./files/mattermost/advancedLogging.json:/mattermost/config/advancedLogging.json:ro - ./files/mattermost/defaultConfig.json:/mattermost/config/defaultConfig.json:ro - ./files/mattermost/replicaConfig.json:/mattermost/config/replicaConfig.json:ro ## Files are required for the mitmproxy on the box - ./files/mitmproxy/mitmproxy-ca.pem:/etc/ssl/certs/mitmproxy-ca.pem - ./files/mitmproxy/mitmproxy-dhparam.pem:/etc/ssl/certs/mitmproxy-dhparam.pem environment: - HTTP_PROXY=http://cs-repro-mitmproxy:8080 - HTTPS_PROXY=http://cs-repro-mitmproxy:8080 - MM_SqlSettings_DriverName=postgres - MM_SqlSettings_DataSource=postgres://mmuser:mmuser_password@cs-repro-postgres:5432/mattermost?sslmode=disable&connect_timeout=10&binary_parameters=yes - MM_SAMLSETTINGS_IDPCERTIFICATEFILE=/mattermost/config/saml-cert.crt - MM_ServiceSettings_EnableLocalMode=true - MM_ServiceSettings_LocalModeSocketLocation=/var/tmp/mattermost_local.socket - MM_ServiceSettings_LicenseFileLocation=/mattermost/config/license.mattermost-enterprise mattermost-rtcd: container_name: cs-repro-mattermost-rtcd platform: linux/amd64 image: mattermost/rtcd:latest restart: unless-stopped volumes: - ./volumes/rtcd/logs:/logs:rw environment: - RTCD_LOGGER_ENABLEFILE=true - RTCD_LOGGER_FILELOCATION=/logs - RTCD_LOGGER_FILELEVEL=DEBUG - RTCD_API_SECURITY_ALLOWSELFREGISTRATION=true - RTCD_LOGGER_CONSOLELEVEL=DEBUG ports: - "8443:8443/udp" - "8443:8443/tcp" - "8045:8045" mitmproxy: container_name: cs-repro-mitmproxy image: mitmproxy/mitmproxy command: mitmweb --web-host 0.0.0.0 --set confdir=/certs volumes: - ./files/mitmproxy:/certs ports: - "8180:8080" - "8181:8081" restart: unless-stopped # mysql: # container_name: cs-repro-mysql # image: mysql:8 # restart: always # environment: # MYSQL_DATABASE: "mattermost" # # So you don't have to use root, but you can if you like # MYSQL_USER: "mmuser" # # You can use whatever password you like # MYSQL_PASSWORD: "mmuser_password" # # Password for root access # MYSQL_ROOT_PASSWORD: "mmuser_password" # healthcheck: # test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] # timeout: 20supdat # retries: 10 # ports: # # : # - "3306:3306" # expose: # # Opens port 3306 on the container # - "3306" # # Where our data will be persisted # volumes: # - ./volumes/db/mysql:/var/lib/mysql