services: redis: image: "redis:${REDIS_TAG}" restart: unless-stopped command: - "--loglevel notice" # Change this to 'debug', 'verbose', 'notice', 'warning' environment: TZ: "${TZ}" volumes: - "redis_conf:/usr/local/etc/redis" logging: driver: "json-file" options: max-size: "200k" max-file: "10" postgres: image: "postgres:${POSTGRES_TAG}" restart: unless-stopped environment: POSTGRES_DB: "taranis-ng" POSTGRES_USER: "taranis-ng" POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password TZ: "${TZ}" PGTZ: "${TZ}" command: ["postgres", "-c", "shared_buffers=${DB_SHARED_BUFFERS}", "-c", "max_connections=${DB_MAX_CONNECTIONS}"] volumes: - "postgres_data:/var/lib/postgresql/data" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - postgres_password core: depends_on: - "redis" - "postgres" restart: unless-stopped image: "skcert/taranis-ng-core:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.core args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" environment: REDIS_URL: "redis://redis" DB_URL: "postgres" DB_DATABASE: "taranis-ng" DB_USER: "taranis-ng" DB_POOL_SIZE: 100 DB_POOL_RECYCLE: 300 DB_POOL_TIMEOUT: 30 TARANIS_NG_AUTHENTICATOR: "${TARANIS_NG_AUTHENTICATOR}" LDAP_SERVER: "${LDAP_SERVER}" LDAP_BASE_DN: "${LDAP_BASE_DN}" LDAP_CA_CERT_PATH: SQLALCHEMY_WARN_20: "1" PYTHONWARNINGS: "default" OPENID_LOGOUT_URL: "" GUNICORN_WORKERS: "AUTO" CVE_UPDATE_FILE: "${CVE_UPDATE_FILE}" CPE_UPDATE_FILE: "${CPE_UPDATE_FILE}" CWE_UPDATE_FILE: "${CWE_UPDATE_FILE}" TZ: "${TZ}" TARANIS_LOG_LEVEL: "${TARANIS_LOG_LEVEL}" MODULES_LOG_LEVEL: "${MODULES_LOG_LEVEL}" DEBUG_SQL: "false" labels: traefik.enable: "true" traefik.http.services.taranis-api.loadbalancer.server.port: "80" traefik.http.routers.taranis-api-443.entrypoints: "websecure" traefik.http.routers.taranis-api-443.rule: "Host(`${TARANIS_NG_HOSTNAME}`) && PathPrefix(`/api/`)" traefik.http.routers.taranis-api-443.tls: "true" traefik.http.routers.taranis-api-443.tls.domains[0].main: "${TARANIS_NG_HOSTNAME}" traefik.http.routers.taranis-api-443.service: "taranis-api" traefik.http.routers.taranis-sse-443.entrypoints: "websecure" traefik.http.routers.taranis-sse-443.rule: "Host(`${TARANIS_NG_HOSTNAME}`) && PathPrefix(`/sse`)" traefik.http.routers.taranis-sse-443.tls: "true" traefik.http.routers.taranis-sse-443.tls.domains[0].main: "${TARANIS_NG_HOSTNAME}" traefik.http.routers.taranis-sse-443.service: "taranis-api" volumes: - "core_data:/data" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - postgres_password - jwt_secret_key - api_key bots: depends_on: core: condition: service_healthy restart: unless-stopped image: "skcert/taranis-ng-bots:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.bots args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" environment: TARANIS_NG_CORE_URL: "http://core" TARANIS_NG_CORE_SSE: "http://core/sse" TZ: "${TZ}" TARANIS_LOG_LEVEL: "${TARANIS_LOG_LEVEL}" MODULES_LOG_LEVEL: "${MODULES_LOG_LEVEL}" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - api_key collectors: depends_on: core: condition: service_healthy restart: unless-stopped image: "skcert/taranis-ng-collectors:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.collectors args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" environment: TARANIS_NG_CORE_URL: "http://core" TZ: "${TZ}" TARANIS_LOG_LEVEL: "${TARANIS_LOG_LEVEL}" MODULES_LOG_LEVEL: "${MODULES_LOG_LEVEL}" volumes: - "collector_storage:/app/storage" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - api_key presenters: depends_on: core: condition: service_healthy restart: unless-stopped image: "skcert/taranis-ng-presenters:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.presenters args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" environment: TARANIS_NG_CORE_URL: "http://core" TZ: "${TZ}" TARANIS_LOG_LEVEL: "${TARANIS_LOG_LEVEL}" MODULES_LOG_LEVEL: "${MODULES_LOG_LEVEL}" JINJA_TEMPLATES_ROOT: "${JINJA_TEMPLATES_ROOT}" ports: - "127.0.0.1:${PRESENTER_PORT}:80" volumes: - "presenters_templates:/app/templates/user_templates" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - api_key publishers: depends_on: core: condition: service_healthy restart: unless-stopped image: "skcert/taranis-ng-publishers:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.publishers args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" environment: TARANIS_NG_CORE_URL: "http://core" TZ: "${TZ}" TARANIS_LOG_LEVEL: "${TARANIS_LOG_LEVEL}" MODULES_LOG_LEVEL: "${MODULES_LOG_LEVEL}" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: - api_key gui: depends_on: - "core" restart: unless-stopped image: "skcert/taranis-ng-gui:${TARANIS_NG_TAG}" build: context: .. dockerfile: ./docker/Dockerfile.gui args: HTTP_PROXY: "${HTTP_PROXY}" HTTPS_PROXY: "${HTTPS_PROXY}" http_proxy: "${HTTP_PROXY}" https_proxy: "${HTTPS_PROXY}" # ports: # - "8080:80" environment: NGINX_WORKERS: "4" NGINX_CONNECTIONS: "16" VUE_APP_TARANIS_NG_URL: "${TARANIS_NG_HTTPS_URI}" VUE_APP_TARANIS_NG_CORE_API: "${TARANIS_NG_HTTPS_URI}/api/v1" VUE_APP_TARANIS_NG_CORE_SSE: "${TARANIS_NG_HTTPS_URI}/sse" VUE_APP_TARANIS_NG_LOCALE: "${VUE_APP_TARANIS_NG_LOCALE}" TZ: "${TZ}" NGINX_LOG_LEVEL: "warn" # Change this to 'debug', 'info', 'notice', 'warn', 'error', 'crit', 'alert', 'emerg' NGINX_ACCESS_LOG: "on" # Change this to 'off' or 'on' labels: traefik.enable: "true" traefik.http.services.taranis-gui.loadbalancer.server.port: "80" traefik.http.middlewares.redirect-to-443.redirectscheme.scheme: "https" traefik.http.middlewares.redirect-to-443.redirectscheme.port: "${TARANIS_NG_HTTPS_PORT}" traefik.http.middlewares.redirect-to-443.redirectscheme.permanent: "true" traefik.http.routers.taranis-gui-80.entrypoints: "web" traefik.http.routers.taranis-gui-80.rule: "PathPrefix(`/`)" traefik.http.routers.taranis-gui-80.middlewares: "redirect-to-443" traefik.http.routers.taranis-gui-443.entrypoints: "websecure" traefik.http.routers.taranis-gui-443.rule: "Host(`${TARANIS_NG_HOSTNAME}`) && PathPrefix(`/`)" traefik.http.routers.taranis-gui-443.tls: "true" traefik.http.routers.taranis-gui-443.tls.domains[0].main: "${TARANIS_NG_HOSTNAME}" traefik.http.routers.taranis-gui-443.service: "taranis-gui" logging: driver: "json-file" options: max-size: "200k" max-file: "10" traefik: depends_on: - "gui" - "core" restart: unless-stopped image: "traefik:3.6.9" environment: TZ: "${TZ}" ports: - "${TARANIS_NG_HTTP_PORT}:80" - "${TARANIS_NG_HTTPS_PORT}:443" - "${TRAEFIK_MANAGEMENT_PORT}:9090" - "${TARANIS_NG_HTTPS_PORT}:443/udp" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./traefik:/etc/traefik:ro" - "./tls:/opt/certs" logging: driver: "json-file" options: max-size: "200k" max-file: "10" secrets: postgres_password: file: ./secrets/postgres_password.txt jwt_secret_key: file: ./secrets/jwt_secret_key.txt api_key: file: ./secrets/api_key.txt volumes: redis_conf: postgres_data: core_data: presenters_templates: collector_storage: