-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
163 lines (157 loc) · 5.21 KB
/
docker-compose.yml
File metadata and controls
163 lines (157 loc) · 5.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
services:
postgres:
image: postgres:18-alpine
container_name: moneat-postgres
environment:
# ⚠️ DEVELOPMENT ONLY — change all passwords before deploying to production
POSTGRES_DB: moneat
POSTGRES_USER: moneat
POSTGRES_PASSWORD: ${DATABASE_PASSWORD:-moneat_dev_password}
PGDATA: /var/lib/postgresql/data/pgdata
ports:
- "${POSTGRES_PORT:-5499}:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
- ./backend/src/main/resources/db/init.sql:/docker-entrypoint-initdb.d/init.sql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U moneat"]
interval: 10s
timeout: 5s
retries: 5
clickhouse:
image: clickhouse/clickhouse-server:26.2-alpine
container_name: moneat-clickhouse
environment:
CLICKHOUSE_DB: moneat
CLICKHOUSE_USER: moneat
CLICKHOUSE_PASSWORD: ${CLICKHOUSE_PASSWORD:-moneat_dev_password}
CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT: 1
ports:
- "${CLICKHOUSE_HTTP_PORT:-8123}:8123" # HTTP interface
- "${CLICKHOUSE_NATIVE_PORT:-9000}:9000" # Native interface
volumes:
- clickhouse_data:/var/lib/clickhouse
- ./backend/src/main/resources/db/clickhouse_init.sql:/docker-entrypoint-initdb.d/clickhouse_init.sql
- ./clickhouse-config/logging.xml:/etc/clickhouse-server/config.d/logging.xml
ulimits:
nofile:
soft: 262144
hard: 262144
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "localhost:8123/ping"]
interval: 10s
timeout: 5s
retries: 5
redis:
image: redis:8-alpine
container_name: moneat-redis
ports:
- "${REDIS_PORT:-6379}:6379"
environment:
REDIS_PASSWORD: ${REDIS_PASSWORD:-moneat_dev_password}
volumes:
- redis_data:/data
command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD:-moneat_dev_password}
healthcheck:
test: ["CMD-SHELL", "redis-cli -a $$REDIS_PASSWORD --no-auth-warning ping"]
interval: 10s
timeout: 5s
retries: 5
backend:
image: ghcr.io/moneat-io/moneat-backend:latest
container_name: moneat-backend
restart: unless-stopped
ports:
- "${BACKEND_PORT:-8080}:8080"
environment:
DATABASE_URL: jdbc:postgresql://postgres:5432/moneat
DATABASE_USER: moneat
DATABASE_PASSWORD: ${DATABASE_PASSWORD:-moneat_dev_password}
CLICKHOUSE_URL: http://clickhouse:8123
CLICKHOUSE_USER: moneat
CLICKHOUSE_PASSWORD: ${CLICKHOUSE_PASSWORD:-moneat_dev_password}
REDIS_URL: redis://:${REDIS_PASSWORD:-moneat_dev_password}@redis:6379
JWT_SECRET: ${JWT_SECRET:-dev-jwt-secret-change-in-production}
DATA_SOURCE_ENCRYPTION_KEY: ${DATA_SOURCE_ENCRYPTION_KEY:-}
FRONTEND_URL: ${FRONTEND_URL:-http://localhost:3000}
BACKEND_URL: ${BACKEND_URL:-http://localhost:8080}
STRIPE_ENABLED: "false"
SELF_HOSTED: "true"
# Set MONEAT_LICENSE_KEY to enable enterprise features (SSO, On-Call)
MONEAT_LICENSE_KEY: ${MONEAT_LICENSE_KEY:-}
volumes:
- backend_storage:/app/storage
depends_on:
postgres:
condition: service_healthy
clickhouse:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "-q", "-O", "/dev/null", "http://localhost:8080/health"]
interval: 10s
timeout: 5s
retries: 10
start_period: 30s
frontend:
image: ghcr.io/moneat-io/moneat-dashboard:latest
container_name: moneat-frontend
restart: unless-stopped
ports:
- "${FRONTEND_PORT:-3000}:80"
environment:
VITE_BACKEND_URL: ${BACKEND_URL:-http://localhost:8080}
depends_on:
backend:
condition: service_healthy
# Datadog Agent integration (optional):
# docker compose --profile datadog up -d
# Set DD_API_KEY in .env or .env.enterprise to configure.
datadog-agent:
profiles: [datadog]
image: datadog/agent:${DATADOG_AGENT_TAG:-7}
container_name: moneat-datadog-agent
restart: unless-stopped
environment:
# Core
DD_API_KEY: ${DD_API_KEY:-}
DD_DD_URL: ${DD_DD_URL:-https://api.moneat.io/dd}
DD_ENV: ${DD_ENV:-production}
DD_HOSTNAME: ${DD_HOSTNAME:-moneat-host}
# APM
DD_APM_ENABLED: "true"
DD_APM_NON_LOCAL_TRAFFIC: "true"
# Continuous Profiling
DD_PROFILING_ENABLED: "true"
# Live Processes
DD_PROCESS_AGENT_ENABLED: "true"
# Log Collection
DD_LOGS_ENABLED: "true"
DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL: "true"
# Dynamic Instrumentation (Probes / Debugger)
DD_DYNAMIC_INSTRUMENTATION_ENABLED: "true"
# Network Performance Monitoring
DD_SYSTEM_PROBE_ENABLED: "true"
DD_SYSTEM_PROBE_NETWORK_ENABLED: "true"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /proc/:/host/proc/:ro
- /sys/fs/cgroup/:/host/sys/fs/cgroup:ro
- /sys/kernel/debug:/sys/kernel/debug:ro
ports:
- "8126:8126" # APM traces
- "8125:8125" # DogStatsD metrics
cap_add:
- SYS_ADMIN
- SYS_RESOURCE
- SYS_PTRACE
- NET_ADMIN
- NET_BROADCAST
security_opt:
- apparmor:unconfined
volumes:
postgres_data:
clickhouse_data:
redis_data:
backend_storage: