github-mirror/project-nomad
1
0
Fork 0
mirror of https://github.com/Crosstalk-Solutions/project-nomad.git synced 2026-03-28 03:29:25 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
023e3f30af
project-nomad/install/management_compose.yaml

119 lines
6.0 KiB
YAML
Raw Blame History

# Project N.O.M.A.D. management services Docker Compose configuration
#
# This compose file defines the admin server, database, and other supporting services required to run Project N.O.M.A.D.
# You can use this with `docker-compose up -d` to start all the necessary services with a single command after installation.
#
# Note: we recommend leaving all of the environment variables as-is except for any "replaceme" values,
# which must be updated for the admin server to start successfully. The default values are optimized for ease of installation and use,
# but you can customize them as needed (e.g. changing ports, database connection details, log level, etc.)
name: project-nomad
services:
admin:
image: ghcr.io/crosstalk-solutions/project-nomad:latest
pull_policy: always
container_name: nomad_admin
restart: unless-stopped
extra_hosts:
- "host.docker.internal:host-gateway" # Enables host.docker.internal on Linux
ports:
- "8080:8080"
volumes:
- /opt/project-nomad/storage:/app/storage # If you change the default storage path (/opt/project-nomad/storage), make sure to update the disk-collector config as well!
- /var/run/docker.sock:/var/run/docker.sock # Allows the admin service to communicate with the Host's Docker daemon
- nomad-update-shared:/app/update-shared # Shared volume for update communication
environment:
- NODE_ENV=production
- PORT=8080
- LOG_LEVEL=info
# APP_KEY needs to be at least 16 chars or will fail validation and container won't start!
- APP_KEY=replaceme
# # Leave HOST as is so the admin server listens all interfaces within the container - this doesn't affect how you access it from the host, it's just for internal container networking
- HOST=0.0.0.0
# URL should be set to the URL you will access the admin interface at (e.g. http://localhost:8080 or http://192.168.1.x:8080)
- URL=replaceme
- DB_HOST=mysql
# If you change the MySQL port, make sure to update this accordingly
- DB_PORT=3306
- DB_DATABASE=nomad
- DB_USER=nomad_user
# Needs to match the MYSQL_PASSWORD in the mysql service!
- DB_PASSWORD=replaceme
- DB_NAME=nomad
- DB_SSL=false
- REDIS_HOST=redis
# If you change the Redis port, make sure to update this accordingly
- REDIS_PORT=6379
depends_on:
mysql:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/api/health"]
interval: 30s
timeout: 10s
retries: 3
dozzle:
# Dozzle is an optional container that allows for easily viewing container logs. We recommend including it unless you have a specific reason not to. Note that if you don't install it, the "Service Logs & Metrics" link in Settings that launches Dozzle will not work.
image: amir20/dozzle:v10.0
container_name: nomad_dozzle
restart: unless-stopped
ports:
- "9999:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Allows Dozzle to read logs from the Host's Docker daemon
environment:
- DOZZLE_ENABLE_ACTIONS=false # Disabled — unauthenticated container stop/restart on LAN
- DOZZLE_ENABLE_SHELL=false # Disabled — shell access + Docker socket = privilege escalation
mysql:
image: mysql:8.0
container_name: nomad_mysql
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=replaceme
- MYSQL_DATABASE=nomad
- MYSQL_USER=nomad_user
# Needs to match DB_PASSWORD in the admin service!
- MYSQL_PASSWORD=replaceme
volumes:
- /opt/project-nomad/mysql:/var/lib/mysql # Persist MySQL data on the host. This path can be changed if needed, just make sure it's writable by the container. Host persistence is important for the database to ensure your data isn't lost when the container is removed or updated.
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
interval: 30s
timeout: 10s
retries: 3
redis:
image: redis:7-alpine
container_name: nomad_redis
restart: unless-stopped
volumes:
- /opt/project-nomad/redis:/data # Persist Redis data on the host. This path can be changed if needed, just make sure it's writable by the container. Host persistence is important for Redis to ensure your data isn't lost when the container is removed or updated.
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 30s
timeout: 10s
retries: 3
updater:
# Updater is a lightweight sidecar container that allows the admin container to be updated from within it's own UI
image: ghcr.io/crosstalk-solutions/project-nomad-sidecar-updater:latest
pull_policy: always
container_name: nomad_updater
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Allows communication with the Host's Docker daemon
- /opt/project-nomad:/opt/project-nomad # Writable access required so the updater can set the correct image tag in compose.yml. This needs to be the same location that the compose file is located at on the host for the updater to work correctly
- nomad-update-shared:/shared # Shared volume for communication with admin container
disk-collector:
# Disk Collector is a lightweight privileged container that collects disk usage information from the host system and shares it with the admin container so it can be displayed in the UI.
# It requires read-only access to the host filesystem and is designed to be as secure and limited in scope as possible while still providing the necessary functionality.
image: ghcr.io/crosstalk-solutions/project-nomad-disk-collector:latest
pull_policy: always
container_name: nomad_disk_collector
restart: unless-stopped
volumes:
- /:/host:ro,rslave # Read-only view of host FS with rslave propagation so /sys and /proc submounts are visible
- /opt/project-nomad/storage:/storage
volumes:
nomad-update-shared:
driver: local
Reference in New Issue View Git Blame Copy Permalink