root/Remote-Control-Center
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Remote-Control-Center/guacamole_test_11_26/docker-compose.yml
root 60792735ad add api
2025-11-25 10:11:32 +03:00

170 lines
4.7 KiB
YAML
Executable File
Raw Permalink Blame History

version: '3.3'
services:
# Redis for session storage and rate limiting
redis:
image: redis:7-alpine
container_name: guacamole_redis
command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD}
volumes:
- redis_data_t:/data
networks:
- backend_net
restart: unless-stopped
healthcheck:
test: ["CMD", "redis-cli", "--raw", "incr", "ping"]
interval: 30s
timeout: 10s
retries: 3
# PostgreSQL database for Guacamole
postgres:
image: postgres:13
container_name: guacamole_postgres
environment:
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- postgres_data_t:/var/lib/postgresql/data
- ./001-create-schema.sql:/docker-entrypoint-initdb.d/001-create-schema.sql
- ./002-create-admin-user.sql:/docker-entrypoint-initdb.d/002-create-admin-user.sql
- ./003-create-api-schema.sql:/docker-entrypoint-initdb.d/003-create-api-schema.sql
networks:
- db_net
restart: unless-stopped
# Guacamole Daemon (guacd)
guacd:
image: guacamole/guacd:latest
container_name: guacamole_daemon
networks:
- frontend_net
- backend_net
restart: unless-stopped
# Guacamole Web Application
guacamole:
image: guacamole/guacamole:latest
container_name: guacamole_web
depends_on:
- postgres
- guacd
environment:
GUACD_HOSTNAME: guacd
GUACD_PORT: 4822
POSTGRESQL_HOSTNAME: postgres
POSTGRESQL_DATABASE: ${POSTGRES_DB}
POSTGRESQL_USERNAME: ${POSTGRES_USER}
POSTGRESQL_PASSWORD: ${POSTGRES_PASSWORD}
# WebSocket and session settings for nginx
WEBSOCKET_TUNNEL_READ_TIMEOUT: 7200000
WEBSOCKET_TUNNEL_WRITE_TIMEOUT: 7200000
API_SESSION_TIMEOUT: 7200
# Security settings
EXTENSION_PRIORITY: postgresql
# Ports removed - access through nginx only
networks:
- frontend_net
- backend_net
- db_net
restart: unless-stopped
# Custom API Service
remote_access_api:
build:
context: ./api
dockerfile: Dockerfile
container_name: remote_access_api
depends_on:
- guacamole
- redis
environment:
# Guacamole URLs
GUACAMOLE_URL: ${GUACAMOLE_URL:-http://guacamole:8080}
GUACAMOLE_PUBLIC_URL: ${GUACAMOLE_PUBLIC_URL:-http://localhost:8080}
# Redis Configuration
REDIS_HOST: redis
REDIS_PORT: 6379
REDIS_PASSWORD: ${REDIS_PASSWORD}
REDIS_DB: 0
# PostgreSQL Configuration
POSTGRES_HOST: ${POSTGRES_HOST:-postgres}
POSTGRES_PORT: ${POSTGRES_PORT:-5432}
POSTGRES_DB: ${POSTGRES_DB:-mc_db}
POSTGRES_USER: ${POSTGRES_USER:-mc_db_user}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
# System Admin Account
SYSTEM_ADMIN_USERNAME: ${SYSTEM_ADMIN_USERNAME}
SYSTEM_ADMIN_PASSWORD: ${SYSTEM_ADMIN_PASSWORD}
# JWT Configuration
JWT_SECRET_KEY: ${JWT_SECRET_KEY}
JWT_ALGORITHM: ${JWT_ALGORITHM:-HS256}
JWT_ACCESS_TOKEN_EXPIRE_MINUTES: ${JWT_ACCESS_TOKEN_EXPIRE_MINUTES:-60}
JWT_REFRESH_TOKEN_EXPIRE_DAYS: ${JWT_REFRESH_TOKEN_EXPIRE_DAYS:-7}
# Security Settings
REQUIRE_AUTHENTICATION: ${REQUIRE_AUTHENTICATION:-true}
DEFAULT_USER_ROLE: ${DEFAULT_USER_ROLE:-USER}
# Password Encryption
PASSWORD_ENCRYPTION_KEY: ${PASSWORD_ENCRYPTION_KEY:-}
# API Settings
LOG_LEVEL: ${LOG_LEVEL:-INFO}
LOG_FORMAT: ${LOG_FORMAT:-json}
RATE_LIMIT_ENABLED: ${RATE_LIMIT_ENABLED:-true}
RATE_LIMIT_REQUESTS: ${RATE_LIMIT_REQUESTS:-10}
RATE_LIMIT_WINDOW: ${RATE_LIMIT_WINDOW:-60}
ALLOWED_ORIGINS: ${ALLOWED_ORIGINS}
ENABLE_DOCS: ${ENABLE_DOCS:-true}
ED25519_SIGNING_KEY_PATH: /app/secrets/ed25519_signing_key.pem
volumes:
- signing_keys_t:/app/secrets
networks:
- backend_net
- db_net
restart: unless-stopped
nginx:
image: nginx:alpine
container_name: remote_access_nginx
depends_on:
- remote_access_api
- guacamole
ports:
- "8443:8443" # Только порт для внешнего nginx
volumes:
- ./nginx/mc.exbytestudios.com.conf:/etc/nginx/conf.d/default.conf
- ./nginx/logs:/var/log/nginx
networks:
- frontend_net
- backend_net
restart: unless-stopped
healthcheck:
test: ["CMD", "nginx", "-t"]
interval: 30s
timeout: 10s
retries: 3
volumes:
postgres_data_t:
redis_data_t:
signing_keys_t:
networks:
frontend_net:
driver: bridge
backend_net:
driver: bridge
db_net:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink