# IRIS Source Code # contact@dfir-iris.org # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 3 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. version: "3.5" services: rabbitmq: image: rabbitmq:3-management-alpine container_name: iriswebapp_rabbitmq networks: - iris_backend db: build: context: docker/db container_name: iriswebapp_db image: iriswebapp_db:v2.3.3 restart: always # Used for debugging purposes, should be deleted for production ports: - "127.0.0.1:5432:5432" environment: - POSTGRES_USER - POSTGRES_PASSWORD - POSTGRES_ADMIN_USER - POSTGRES_ADMIN_PASSWORD - POSTGRES_DB networks: - iris_backend volumes: - db_data:/var/lib/postgresql/data app: build: context: . dockerfile: docker/webApp/Dockerfile image: iriswebapp_app:v2.3.3 container_name: iriswebapp_app command: ['nohup', './iris-entrypoint.sh', 'iriswebapp'] volumes: # RootCA necessary when dealing with an auth server without a trusted CA signed certificate - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro - ./certificates/:/home/iris/certificates/:ro - ./certificates/ldap/:/iriswebapp/certificates/ldap/:ro - iris-downloads:/home/iris/downloads - user_templates:/home/iris/user_templates - server_data:/home/iris/server_data restart: always depends_on: - "rabbitmq" - "db" # Used for debugging purposes, should be deleted for production ports: - "127.0.0.1:8000:8000" env_file: - .env environment: - POSTGRES_USER - POSTGRES_PASSWORD - POSTGRES_ADMIN_USER - POSTGRES_ADMIN_PASSWORD - POSTGRES_SERVER - POSTGRES_PORT - DOCKERIZED - IRIS_SECRET_KEY - IRIS_SECURITY_PASSWORD_SALT networks: - iris_backend - iris_frontend - shared-network worker: build: context: . dockerfile: docker/webApp/Dockerfile image: iriswebapp_app:v2.3.3 container_name: iriswebapp_worker command: ['./wait-for-iriswebapp.sh', 'app:8000', './iris-entrypoint.sh', 'iris-worker'] volumes: - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro - ./certificates/:/home/iris/certificates/:ro - ./certificates/ldap/:/iriswebapp/certificates/ldap/:ro - iris-downloads:/home/iris/downloads - user_templates:/home/iris/user_templates - server_data:/home/iris/server_data depends_on: - "rabbitmq" - "db" - "app" env_file: - .env environment: - POSTGRES_USER - POSTGRES_PASSWORD - POSTGRES_ADMIN_USER - POSTGRES_ADMIN_PASSWORD - POSTGRES_SERVER - POSTGRES_PORT - DOCKERIZED - IRIS_SECRET_KEY - IRIS_SECURITY_PASSWORD_SALT - IRIS_WORKER networks: - iris_backend - shared-network nginx: build: context: ./docker/nginx args: NGINX_CONF_GID: 1234 NGINX_CONF_FILE: nginx.conf image: iriswebapp_nginx:v2.3.3 container_name: iriswebapp_nginx environment: - IRIS_UPSTREAM_SERVER - IRIS_UPSTREAM_PORT - INTERFACE_HTTPS_PORT - SERVER_NAME - CERT_FILENAME - KEY_FILENAME - IRIS_AUTHENTICATION_TYPE networks: - iris_frontend - shared-network ports: - "${INTERFACE_HTTPS_PORT:-8443}:${INTERFACE_HTTPS_PORT:-8443}" volumes: - "./certificates/web_certificates/:/www/certs/:ro" restart: on-failure:5 depends_on: - "app" volumes: iris-downloads: user_templates: server_data: db_data: networks: iris_backend: name: iris_backend iris_frontend: name: iris_frontend shared-network: external: true