-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdocker-compose.yaml
123 lines (119 loc) · 3.87 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
services:
# SSV node
ssv-node:
image: docker.io/ssvlabs/ssv-node:latest
pull_policy: always
env_file:
- path: ./ssv.env
required: true
environment:
- CONFIG_PATH=./config/config.example.yaml
- CONSENSUS_TYPE=validation
ports:
- 13001:13001/tcp # p2p port
- 12001:12001/udp # p2p port
- 127.0.0.1:15000:15000 # metrics port
- 127.0.0.1:16000:16000 # ssv api port
networks: [local-docker]
volumes:
- ./ssv-node-data:/data
restart: unless-stopped
depends_on:
ssv-key-generation:
condition: service_completed_successfully
command: make start-node
# SSV node key generation
# only generates a keypair if it doesnt exists and then it persists it on disk
ssv-key-generation:
image: docker.io/ssvlabs/ssv-node:latest
env_file:
- path: ./ssv.env
required: true
command: /bin/bash -c '
set -e;
if [ -z "$${PRIVATE_KEY_FILE}" ] || [ -z "$${PASSWORD_FILE}" ]; then
echo ERROR - PRIVATE_KEY_FILE or PASSWORD_FILE is not set;
exit 1;
fi;
echo $${PRIVATE_KEY_FILE};
if [ -s $${PRIVATE_KEY_FILE} ]; then
echo "private key already exists, skipping generation.";
else
if [ ! -s $${PASSWORD_FILE} ]; then
echo "Password file doesnt exists, generating random password file";
echo $$(openssl rand -base64 32) > $${PASSWORD_FILE};
fi;
/go/bin/ssvnode generate-operator-keys --password-file=$${PASSWORD_FILE};
cp ./encrypted_private_key.json $${PRIVATE_KEY_FILE};
echo "Generated a new private key";
echo "Backup the password file $${PASSWORD_FILE} and the private key file $${PRIVATE_KEY_FILE} to separate device!!!";
fi'
volumes:
- ./ssv-node-data:/data
# _ _ _
# _ __ ___ ___ _ __ (_) |_ ___ _ __(_)_ __ __ _
# | '_ ` _ \ / _ \| '_ \| | __/ _ \| '__| | '_ \ / _` |
# | | | | | | (_) | | | | | || (_) | | | | | | | (_| |
# |_| |_| |_|\___/|_| |_|_|\__\___/|_| |_|_| |_|\__, |
# |___/
prometheus:
image: docker.io/prom/prometheus:latest
user: ":"
networks: [local-docker]
command:
- '--config.file=/etc/prometheus/prometheus.yml'
ports:
- "127.0.0.1:9090:9090" # Expose Prometheus on 127.0.0.1:9090
volumes:
- type: bind
source: ./prometheus-data
target: /prometheus
bind:
create_host_path: true
- ./prometheus/prometheus-config.yml:/etc/prometheus/prometheus.yml
- ./prometheus/alert-rules.yml:/etc/prometheus/alert-rules.yml
restart: unless-stopped
depends_on:
- ssv-node
grafana:
image: docker.io/grafana/grafana:latest
user: ":"
networks:
- local-docker
ports:
- "127.0.0.1:3000:3000" # Expose Grafana on 127.0.0.1:3000
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=admin
- GF_AUTH_ANONYMOUS_ENABLED=true # Optional: enable anonymous access
volumes:
- type: bind
source: ./grafana-data
target: /var/lib/grafana
bind:
create_host_path: true
- ./grafana:/etc/grafana/provisioning # Load custom dashboards and data sources
- ./ssv-grafana-dashboard:/var/lib/grafana/dashboards
depends_on:
- prometheus
restart: always
alertmanager:
image: prom/alertmanager:latest
user: ":"
networks:
- local-docker
command:
- '--config.file=/etc/alertmanager/alertmanager.yml'
ports:
- "127.0.0.1:9093:9093"
volumes:
- type: bind
source: ./alertmanager/alertmanager.yml
target: /etc/alertmanager/alertmanager.yml
- ./alertmanager/telegram_bot_token.txt:/etc/alertmanager/telegram_bot_token.txt
restart: unless-stopped
depends_on:
- prometheus
networks:
local-docker:
driver: bridge