cloud404/docker-compose.yaml at main · iam43x/cloud404 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
version: '3.9'
services:


  strongswan:
    image: iam43x/strongswan-ubuntu:latest
    container_name: strongswan-gateway
    env_file: [ config/.env ]
    sysctls:
    - net.ipv4.ip_forward=1
    - net.ipv4.conf.all.accept_redirects=0
    - net.ipv4.conf.all.send_redirects=0
    cap_add:
    - NET_ADMIN
    ports:
    - 500:500/udp
    - 4500:4500/udp
    volumes:
    - './config/strongswan/swanctl.template.conf:/etc/swanctl/swanctl.template.conf:ro'
    - './config/strongswan/strongswan.template.conf:/etc/strongswan.template.conf:ro'
    # render before start container...
    - './config/strongswan/swanctl.conf:/etc/swanctl/swanctl.conf'
    - './config/strongswan/strongswan.conf:/etc/strongswan.conf'
    # let`s encrypt`
    - './certs/tls.crt:/etc/swanctl/x509/tls.crt:ro'
    - './certs/tls.key:/etc/swanctl/private/tls.key:ro'
    restart: always
    networks: [ blackhole ]
    depends_on: [ radius ]


  radius:
    image: freeradius/freeradius-server:3.2.3
    container_name: freeradius-server
    env_file: [ config/.env ]
    command: radiusd -X
    volumes:
    - './config/freeradius/clients.conf:/etc/raddb/clients.conf:ro'
    - './config/freeradius/sql:/etc/freeradius/mods-enabled/sql:ro'
    - './config/freeradius/sql:/etc/freeradius/mods-available/sql:ro'
    - './config/freeradius/default:/etc/freeradius/sites-available/default:ro'
    restart: always
    networks: [ blackhole ]
    depends_on: [ mysql ]


  mysql:
    image: mysql:8.0.36-debian
    container_name: mysql-radius-db
    # ports: [ 3306:3306 ]
    volumes:
    - './data/mysql:/var/lib/mysql'
    - './config/mysql/1_schema.sql:/docker-entrypoint-initdb.d/1_schema.sql:ro'
    - './config/mysql/2_grant.sql:/docker-entrypoint-initdb.d/2_grant.sql:ro'
    - './config/mysql/3_data.sql:/docker-entrypoint-initdb.d/3_data.sql:ro'
    env_file: [ config/.env ]
    restart: always
    networks: [ blackhole ]


  control-center:
    image: nginx:1.24.0-alpine
    ports:
    # - 80:80
    - 443:443
    volumes:
    - ./control-center/src:/app:ro
    # let`s encrypt certificates
    - ./certs:/certs:ro
    - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
    env_file: [ config/.env ]
    restart: always
    networks: [ blackhole ]
    depends_on: [ freeradius-admin ]


  freeradius-admin:
    image: iam43x/freeradius-admin:latest
    container_name: freeradius-admin
    # ports: [ 8081:8080 ]
    env_file: [ config/.env ]
    restart: always
    networks: [ blackhole ]
    depends_on: [ mysql ]


networks:
  blackhole:
    enable_ipv6: false
    ipam:
      config:
      - subnet: 10.0.0.0/16