luneski/onelab-k8s-1.27
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3802418582cee9c37b08e6ad04d3705d3772913c
onelab-k8s-1.27/app/docker-compose.yml
timotheereausanofi 52847814e0 Add OneLab Helm chart, Argo CD Application, and GitOps values for k3s 
Made-with: Cursor
2026-03-20 10:15:15 +01:00

320 lines
10 KiB
YAML
Raw Blame History

version: "3.3"
services:
# If the database isn't accessed other than by services present in this file, remove port instruction.
# It exposes the database to the host system and if the server isn't secure, it exposes the database to attacks.
# That doesn't exclude the need to secure the servers on which the containers are run.
db:
image: hub.andrewalliance.com/releases/postgres:17.8
volumes:
- pgdata:/var/lib/postgresql/data
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD={{ onelab.services.db.password }}
- POSTGRES_DB=postgres
{% if onelab.services.db.port is defined %}
ports:
- "{{ onelab.services.db.port }}:5432"
{% endif %}
deploy:
replicas: {{ onelab.services.db.replicas|default('1') }}
placement:
constraints:
- node.role == manager
redis:
image: hub.andrewalliance.com/releases/redis:7.4.7-alpine
deploy:
replicas: {{ onelab.services.db.redis.replicas|default('1') }}
placement:
constraints:
- node.role == manager
rabbitmq:
image: hub.andrewalliance.com/releases/rabbitmq:3.13.7
hostname: "onelab"
volumes:
- rabbitmq_data:/var/lib/rabbitmq/mnesia
configs:
- source: enable_plugins
target: /etc/rabbitmq/enabled_plugins
- source: rabbit.conf
target: /etc/rabbitmq/rabbitmq.conf
- source: advanced.conf
target: /etc/rabbitmq/advanced.conf
- source: definitions.json
target: /opt/definitions.json
- source: rabbit.crt
target: /etc/rabbitmq/ssl/rabbit.crt
- source: rabbit.key
target: /etc/rabbitmq/ssl/rabbit.key
- source: rabbit.fullchain.pem
target: /etc/rabbitmq/ssl/rabbit.fullchain.pem
ports:
- "5671:5671"
deploy:
replicas: {{ onelab.services.rabbit.replicas|default('1') }}
placement:
constraints:
- node.role == manager
supervisor:
image: hub.andrewalliance.com/releases/onelab-supervisor-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
file-worker:
image: hub.andrewalliance.com/releases/onelab-file-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
- {{ onelab.shared.inputs.path|default('./data/shared/inputs') }}:/shared-inputs
- {{ onelab.shared.inputs.archived_path|default('./data/shared/archived') }}:/shared-archived
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: 1
placement:
constraints:
- node.role == manager
api:
image: hub.andrewalliance.com/releases/onelab-api:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.api.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
api-device:
image: hub.andrewalliance.com/releases/onelab-api-device:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.apidevice.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
api-rabbit:
image: hub.andrewalliance.com/releases/onelab-api-rabbit:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.apirabbit.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
devices-worker:
image: hub.andrewalliance.com/releases/onelab-devices-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.devices.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
experiments-worker:
image: hub.andrewalliance.com/releases/onelab-experiments-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.experiments.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
images-worker:
image: hub.andrewalliance.com/releases/onelab-images-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.images.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
{% if (onelab.ldap|default(false)) != false %}
ldap-worker:
image: hub.andrewalliance.com/releases/onelab-ldap-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
configs:
- source: configurations.yml
target: /conf/configurations.yml
{% if onelab.ldap.tls.ca is defined %}
- source: ldap-ca.crt
target: /ldap/ca.crt
{% endif %}
{% if onelab.ldap.tls.key is defined %}
- source: ldap-private.key
target: /ldap/private.key
{% endif %}
{% if onelab.ldap.tls.cert is defined %}
- source: ldap-cert.crt
target: /ldap/cert.crt
{% endif %}
deploy:
replicas: {{ onelab.services.ldap.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
{% endif %}
{% if (onelab.mailer.smtp|default(false)) != false or (onelab.mailer.ses|default(false)) != false %}
mailer-worker:
image: hub.andrewalliance.com/releases/onelab-mailer-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.mailer.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
{% endif %}
manual-worker:
image: hub.andrewalliance.com/releases/onelab-manual-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.manual.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
websocket-worker:
image: hub.andrewalliance.com/releases/onelab-websocket-worker:1.27.0
volumes:
- {{ onelab.logs.path|default('./logs') }}:/logs
configs:
- source: configurations.yml
target: /conf/configurations.yml
deploy:
replicas: {{ onelab.services.ws.replicas|default('1') }}
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
static:
image: hub.andrewalliance.com/releases/onelab-static:1.27.0
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
main:
image: hub.andrewalliance.com/releases/onelab-main:1.27.0
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
designer:
image: hub.andrewalliance.com/releases/onelab-designer:1.27.0
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
runner:
image: hub.andrewalliance.com/releases/onelab-runner:1.27.0
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
website:
image: hub.andrewalliance.com/releases/onelab-website:1.27.0
{% if (onelab.services.website.ssr|default(true)) != true %}
environment:
- RENDERING_MODE=no-ssr
{% endif %}
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
revproxy:
image: hub.andrewalliance.com/releases/nginx:1.29.5-alpine
ports:
- "8080:80"
volumes:
- {{ onelab.assets.path|default('./data') }}:/data
configs:
- source: nginx.conf
target: /etc/nginx/nginx.conf
- source: error-404.html
target: /data/error-404.html
deploy:
replicas: 1
placement:
constraints:
- node.role == {{ deploy_on|default('manager') }}
volumes:
pgdata:
driver: local
rabbitmq_data:
driver: local
configs:
configurations.yml:
file: ./configurations.yml
nginx.conf:
file: ./nginx/onelab.conf
error-404.html:
file: ./proxy/error-404.html
rabbit.crt:
file: ./rabbit/ssl/rabbit.crt
rabbit.key:
file: ./rabbit/ssl/rabbit.key
rabbit.fullchain.pem:
file: ./rabbit/ssl/rabbit.fullchain.pem
enable_plugins:
file: ./rabbit/enable_plugins
rabbit.conf:
file: ./rabbit/rabbit.conf
advanced.conf:
file: ./rabbit/advanced.conf
definitions.json:
file: ./rabbit/definitions.json
{% if onelab.ldap.tls.ca is defined %}
ldap-ca.crt:
file: {{ onelab.ldap.tls.ca }}
{% endif %}
{% if onelab.ldap.tls.key is defined %}
ldap-private.key:
file: {{ onelab.ldap.tls.key }}
{% endif %}
{% if onelab.ldap.tls.cert is defined %}
ldap-cert.crt:
file: {{ onelab.ldap.tls.cert }}
{% endif %}
Reference in New Issue View Git Blame Copy Permalink