blender-cloud/docker/docker-compose.yml

version:                     '3.4'
services:
  mongo:
    image:                   mongo:3.4.2
    container_name:          mongo
    restart:                 always
    volumes:
      - /data/storage/db:/data/db
      - /data/storage/db-bak:/data/db-bak # for backing up stuff etc.
    ports:
      - "127.0.0.1:27017:27017"
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  # Databases in use:
  # 0: Flask Cache
  # 1: Celery (backend)
  # 2: Celery (broker)
  redis:
    image:                   redis:3.2.8
    container_name:          redis
    restart:                 always
    ports:
      - "127.0.0.1:6379:6379"
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  elastic:
    image:                   armadillica/elasticsearch:6.1.1
    container_name:          elastic
    restart:                 always
    volumes:
      #  NOTE:               this path must be writable by UID=1000 GID=1000.
      - /data/storage/elastic:/usr/share/elasticsearch/data
    ports:
      - "127.0.0.1:9200:9200"
    environment:
      ES_JAVA_OPTS:          "-Xms256m -Xmx256m"
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  elasticproxy:
    image:                   armadillica/elasticproxy:1.2
    container_name:          elasticproxy
    restart:                 always
    command:                 /elasticproxy -elastic http://elastic:9200/
    depends_on:
      - elastic
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  kibana:
    image:                   armadillica/kibana:6.1.1
    container_name:          kibana
    restart:                 always
    environment:
      SERVER_NAME:           "stats.cloud.blender.org"
      ELASTICSEARCH_URL:     http://elasticproxy:9200
      CONSOLE_ENABLED:       'false'
      VIRTUAL_HOST:          http://stats.cloud.blender.org/*,https://stats.cloud.blender.org/*,http://stats.cloud.local/*,https://stats.cloud.local/*
      VIRTUAL_HOST_WEIGHT:   20
      FORCE_SSL:             "true"

      # See https://github.com/elastic/kibana/issues/5170#issuecomment-163042525
      NODE_OPTIONS:          "--max-old-space-size=200"
    depends_on:
      - elasticproxy
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  blender_cloud:
    image:                   armadillica/blender_cloud:latest
    container_name:          blender_cloud
    restart:                 always
    environment:
      VIRTUAL_HOST:          http://cloud.blender.org/*,https://cloud.blender.org/*,http://cloud.local/*,https://cloud.local/*
      VIRTUAL_HOST_WEIGHT:   10
      FORCE_SSL:             "true"
      GZIP_COMPRESSION_TYPE: "text/html text/plain text/css application/javascript"
      PILLAR_CONFIG:         /data/config/config_secrets.py
    volumes:
      # format:              HOST:CONTAINER
      - /data/config:/data/config:ro
      - /data/storage/pillar:/data/storage/pillar
      - /data/log:/var/log
    depends_on:
      - mongo
      - redis

  celery_worker:
    image:                   armadillica/blender_cloud:latest
    entrypoint:              /celery-worker.sh
    container_name:          celery_worker
    restart:                 always
    environment:
      PILLAR_CONFIG:         /data/config/config_secrets.py
    volumes:
      # format:              HOST:CONTAINER
      - /data/config:/data/config:ro
      - /data/storage/pillar:/data/storage/pillar
      - /data/log:/var/log
    depends_on:
      - mongo
      - redis
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  celery_beat:
    image:                   armadillica/blender_cloud:latest
    entrypoint:              /celery-beat.sh
    container_name:          celery_beat
    restart:                 always
    environment:
      PILLAR_CONFIG:         /data/config/config_secrets.py
    volumes:
      # format:              HOST:CONTAINER
      - /data/config:/data/config:ro
      - /data/storage/pillar:/data/storage/pillar
      - /data/log:/var/log
    depends_on:
      - mongo
      - redis
      - celery_worker
    logging:
      driver:                "json-file"
      options:
        max-size:            "200k"
        max-file:            "20"

  letsencrypt:
    image:                   armadillica/picohttp:1.0
    container_name:          letsencrypt
    restart:                 always
    environment:
      WEBROOT:               /data/letsencrypt
      LISTEN:                '[::]:80'
      VIRTUAL_HOST:          http://cloud.blender.org/.well-known/*, http://stats.cloud.blender.org/.well-known/*
      VIRTUAL_HOST_WEIGHT:   30
    volumes:
      - /data/letsencrypt:/data/letsencrypt

  haproxy:
    image:                   dockercloud/haproxy:1.5.3
    container_name:          haproxy
    restart:                 always
    ports:
      - "443:443"
      - "80:80"
    environment:
      - ADDITIONAL_SERVICES=docker:blender_cloud,docker:letsencrypt,docker:kibana
      - CERT_FOLDER=/certs/
      - TIMEOUT=connect 5s, client 5m, server 10m
      - SSL_BIND_CIPHERS=ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
      - SSL_BIND_OPTIONS=no-sslv3
      - EXTRA_GLOBAL_SETTINGS=tune.ssl.default-dh-param 2048
    depends_on:
      - blender_cloud
      - letsencrypt
      - kibana
    volumes:
      - '/data/certs:/certs'
      - /var/run/docker.sock:/var/run/docker.sock