# Copyright (c) Mainflux # SPDX-License-Identifier: Apache-2.0 version: "3.7" networks: mainflux-base-net: driver: bridge volumes: mainflux-users-db-volume: mainflux-things-db-volume: mainflux-things-redis-volume: mainflux-es-redis-volume: mainflux-mqtt-broker-volume: services: nginx: image: nginx:1.23.3-alpine container_name: mainflux-nginx restart: on-failure volumes: - ./nginx/nginx-${AUTH-key}.conf:/etc/nginx/nginx.conf.template - ./nginx/entrypoint.sh:/docker-entrypoint.d/entrypoint.sh - ./nginx/snippets:/etc/nginx/snippets - ./ssl/authorization.js:/etc/nginx/authorization.js - ./ssl/certs/mainflux-server.crt:/etc/ssl/certs/mainflux-server.crt - ./ssl/certs/ca.crt:/etc/ssl/certs/ca.crt - ./ssl/certs/mainflux-server.key:/etc/ssl/private/mainflux-server.key - ./ssl/dhparam.pem:/etc/ssl/certs/dhparam.pem ports: - ${MF_NGINX_HTTP_PORT}:${MF_NGINX_HTTP_PORT} - ${MF_NGINX_SSL_PORT}:${MF_NGINX_SSL_PORT} - ${MF_NGINX_MQTT_PORT}:${MF_NGINX_MQTT_PORT} - ${MF_NGINX_MQTTS_PORT}:${MF_NGINX_MQTTS_PORT} networks: - mainflux-base-net env_file: - .env depends_on: - things - users - mqtt-adapter - http-adapter - ws-adapter broker: extends: file: brokers/nats.yml service: broker container_name: mainflux-broker restart: on-failure networks: - mainflux-base-net ports: - 4222:4222 things-db: image: postgres:13.3-alpine container_name: mainflux-things-db restart: on-failure environment: POSTGRES_USER: ${MF_THINGS_DB_USER} POSTGRES_PASSWORD: ${MF_THINGS_DB_PASS} POSTGRES_DB: ${MF_THINGS_DB_NAME} networks: - mainflux-base-net volumes: - mainflux-things-db-volume:/var/lib/postgresql/data things-redis: image: redis:6.2.2-alpine container_name: mainflux-things-redis restart: on-failure networks: - mainflux-base-net volumes: - mainflux-things-redis-volume:/data things: image: mainflux/things:${MF_RELEASE_TAG} container_name: mainflux-things depends_on: - things-db - users restart: on-failure environment: MF_THINGS_LOG_LEVEL: ${MF_THINGS_LOG_LEVEL} MF_THINGS_STANDALONE_ID: ${MF_THINGS_STANDALONE_ID} MF_THINGS_STANDALONE_TOKEN: ${MF_THINGS_STANDALONE_TOKEN} MF_THINGS_CACHE_KEY_DURATION: ${MF_THINGS_CACHE_KEY_DURATION} MF_THINGS_HTTP_HOST: ${MF_THINGS_HTTP_HOST} MF_THINGS_HTTP_PORT: ${MF_THINGS_HTTP_PORT} MF_THINGS_AUTH_GRPC_HOST: ${MF_THINGS_AUTH_GRPC_HOST} MF_THINGS_AUTH_GRPC_PORT: ${MF_THINGS_AUTH_GRPC_PORT} ## Compose supports parameter expansion in environment, ## Eg: ${VAR:+replacement} or ${VAR+replacement} -> replacement if VAR is set and non-empty, otherwise empty ## Eg :${VAR:-default} or ${VAR-default} -> value of VAR if set and non-empty, otherwise default MF_THINGS_AUTH_GRPC_SERVER_CERT: ${MF_THINGS_AUTH_GRPC_SERVER_CERT:+/things-grpc-server.crt} MF_THINGS_AUTH_GRPC_SERVER_KEY: ${MF_THINGS_AUTH_GRPC_SERVER_KEY:+/things-grpc-server.key} MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+/things-grpc-server-ca.crt} MF_THINGS_AUTH_GRPC_CLIENT_CA_CERTS: ${MF_THINGS_AUTH_GRPC_CLIENT_CA_CERTS:+/things-grpc-client-ca.crt} MF_THINGS_ES_URL: ${MF_THINGS_ES_URL} MF_THINGS_ES_PASS: ${MF_THINGS_ES_PASS} MF_THINGS_ES_DB: ${MF_THINGS_ES_DB} MF_THINGS_CACHE_URL: ${MF_THINGS_CACHE_URL} MF_THINGS_CACHE_PASS: ${MF_THINGS_CACHE_PASS} MF_THINGS_CACHE_DB: ${MF_THINGS_CACHE_DB} MF_THINGS_DB_HOST: ${MF_THINGS_DB_HOST} MF_THINGS_DB_PORT: ${MF_THINGS_DB_PORT} MF_THINGS_DB_USER: ${MF_THINGS_DB_USER} MF_THINGS_DB_PASS: ${MF_THINGS_DB_PASS} MF_THINGS_DB_NAME: ${MF_THINGS_DB_NAME} MF_THINGS_DB_SSL_MODE: ${MF_THINGS_DB_SSL_MODE} MF_THINGS_DB_SSL_CERT: ${MF_THINGS_DB_SSL_CERT} MF_THINGS_DB_SSL_KEY: ${MF_THINGS_DB_SSL_KEY} MF_THINGS_DB_SSL_ROOT_CERT: ${MF_THINGS_DB_SSL_ROOT_CERT} MF_AUTH_GRPC_URL: ${MF_USERS_GRPC_URL} MF_AUTH_GRPC_TIMEOUT: ${MF_USERS_GRPC_TIMEOUT} MF_AUTH_GRPC_CLIENT_CERT: ${MF_USERS_GRPC_CLIENT_CERT:+/users-grpc-client.crt} MF_AUTH_GRPC_CLIENT_KEY: ${MF_USERS_GRPC_CLIENT_KEY:+/users-grpc-client.key} MF_AUTH_GRPC_SERVER_CA_CERTS: ${MF_USERS_GRPC_SERVER_CA_CERTS:+/users-grpc-server-ca.crt} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} ports: - ${MF_THINGS_HTTP_PORT}:${MF_THINGS_HTTP_PORT} - ${MF_THINGS_AUTH_GRPC_PORT}:${MF_THINGS_AUTH_GRPC_PORT} networks: - mainflux-base-net volumes: # Things gRPC server certificates - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CERT:-ssl/certs/dummy/server_cert} target: /things-grpc-server${MF_THINGS_AUTH_GRPC_SERVER_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_KEY:-ssl/certs/dummy/server_key} target: /things-grpc-server${MF_THINGS_AUTH_GRPC_SERVER_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs} target: /things-grpc-server-ca${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_CA_CERTS:-ssl/certs/dummy/client_ca_certs} target: /things-grpc-client-ca${MF_THINGS_AUTH_GRPC_CLIENT_CA_CERTS:+.crt} bind: create_host_path: true # Users gRPC client certificates - type: bind source: ${MF_USERS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} target: /users-grpc-client${MF_USERS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_USERS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} target: /users-grpc-client${MF_USERS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_USERS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} target: /users-grpc-server-ca${MF_USERS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true users-db: image: postgres:15.1-alpine container_name: mainflux-users-db restart: on-failure environment: POSTGRES_USER: ${MF_USERS_DB_USER} POSTGRES_PASSWORD: ${MF_USERS_DB_PASS} POSTGRES_DB: ${MF_USERS_DB_NAME} networks: - mainflux-base-net volumes: - mainflux-users-db-volume:/var/lib/postgresql/data users: image: mainflux/users:${MF_RELEASE_TAG} container_name: mainflux-users depends_on: - users-db restart: on-failure environment: MF_USERS_LOG_LEVEL: ${MF_USERS_LOG_LEVEL} MF_USERS_SECRET_KEY: ${MF_USERS_SECRET_KEY} MF_USERS_ADMIN_EMAIL: ${MF_USERS_ADMIN_EMAIL} MF_USERS_ADMIN_PASSWORD: ${MF_USERS_ADMIN_PASSWORD} MF_USERS_PASS_REGEX: ${MF_USERS_PASS_REGEX} MF_USERS_ACCESS_TOKEN_DURATION: ${MF_USERS_ACCESS_TOKEN_DURATION} MF_USERS_REFRESH_TOKEN_DURATION: ${MF_USERS_REFRESH_TOKEN_DURATION} MF_TOKEN_RESET_ENDPOINT: ${MF_TOKEN_RESET_ENDPOINT} MF_USERS_HTTP_HOST: ${MF_USERS_HTTP_HOST} MF_USERS_HTTP_PORT: ${MF_USERS_HTTP_PORT} MF_USERS_HTTP_SERVER_CERT: ${MF_USERS_HTTP_SERVER_CERT} MF_USERS_HTTP_SERVER_KEY: ${MF_USERS_HTTP_SERVER_KEY} MF_USERS_GRPC_HOST: ${MF_USERS_GRPC_HOST} MF_USERS_GRPC_PORT: ${MF_USERS_GRPC_PORT} MF_USERS_GRPC_SERVER_CERT: ${MF_USERS_GRPC_SERVER_CERT:+/users-grpc-server.crt} MF_USERS_GRPC_SERVER_KEY: ${MF_USERS_GRPC_SERVER_KEY:+/users-grpc-server.key} MF_USERS_GRPC_SERVER_CA_CERTS: ${MF_USERS_GRPC_SERVER_CA_CERTS:+/users-grpc-server-ca.crt} MF_USERS_GRPC_CLIENT_CA_CERTS: ${MF_USERS_GRPC_CLIENT_CA_CERTS:+/users-grpc-client-ca.crt} MF_USERS_DB_HOST: ${MF_USERS_DB_HOST} MF_USERS_DB_PORT: ${MF_USERS_DB_PORT} MF_USERS_DB_USER: ${MF_USERS_DB_USER} MF_USERS_DB_PASS: ${MF_USERS_DB_PASS} MF_USERS_DB_NAME: ${MF_USERS_DB_NAME} MF_USERS_DB_SSL_MODE: ${MF_USERS_DB_SSL_MODE} MF_USERS_DB_SSL_CERT: ${MF_USERS_DB_SSL_CERT} MF_USERS_DB_SSL_KEY: ${MF_USERS_DB_SSL_KEY} MF_USERS_DB_SSL_ROOT_CERT: ${MF_USERS_DB_SSL_ROOT_CERT} MF_EMAIL_HOST: ${MF_EMAIL_HOST} MF_EMAIL_PORT: ${MF_EMAIL_PORT} MF_EMAIL_USERNAME: ${MF_EMAIL_USERNAME} MF_EMAIL_PASSWORD: ${MF_EMAIL_PASSWORD} MF_EMAIL_FROM_ADDRESS: ${MF_EMAIL_FROM_ADDRESS} MF_EMAIL_FROM_NAME: ${MF_EMAIL_FROM_NAME} MF_EMAIL_TEMPLATE: ${MF_EMAIL_TEMPLATE} MF_USERS_ES_URL: ${MF_USERS_ES_URL} MF_USERS_ES_PASS: ${MF_USERS_ES_PASS} MF_USERS_ES_DB: ${MF_USERS_ES_DB} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} ports: - ${MF_USERS_HTTP_PORT}:${MF_USERS_HTTP_PORT} - ${MF_USERS_GRPC_PORT}:${MF_USERS_GRPC_PORT} networks: - mainflux-base-net volumes: - ./templates/${MF_USERS_RESET_PWD_TEMPLATE}:/email.tmpl # Users gRPC mTLS server certificates - type: bind source: ${MF_USERS_GRPC_SERVER_CERT:-ssl/certs/dummy/server_cert} target: /users-grpc-server${MF_USERS_GRPC_SERVER_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_USERS_GRPC_SERVER_KEY:-ssl/certs/dummy/server_key} target: /users-grpc-server${MF_USERS_GRPC_SERVER_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_USERS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs} target: /users-grpc-server-ca${MF_USERS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true - type: bind source: ${MF_USERS_GRPC_CLIENT_CA_CERTS:-ssl/certs/dummy/client_ca_certs} target: /users-grpc-client-ca${MF_USERS_GRPC_CLIENT_CA_CERTS:+.crt} bind: create_host_path: true jaeger: image: jaegertracing/all-in-one:1.38.0 container_name: mainflux-jaeger ports: - ${MF_JAEGER_PORT}:${MF_JAEGER_PORT}/udp - ${MF_JAEGER_FRONTEND}:${MF_JAEGER_FRONTEND} - ${MF_JAEGER_COLLECTOR}:${MF_JAEGER_COLLECTOR} - ${MF_JAEGER_CONFIGS}:${MF_JAEGER_CONFIGS} networks: - mainflux-base-net vernemq: image: mainflux/vernemq:${MF_RELEASE_TAG} container_name: mainflux-vernemq restart: on-failure environment: DOCKER_VERNEMQ_ALLOW_ANONYMOUS: ${MF_DOCKER_VERNEMQ_ALLOW_ANONYMOUS} DOCKER_VERNEMQ_LOG__CONSOLE__LEVEL: ${MF_DOCKER_VERNEMQ_LOG__CONSOLE__LEVEL} networks: - mainflux-base-net volumes: - mainflux-mqtt-broker-volume:/var/lib/vernemq mqtt-adapter: image: mainflux/mqtt:${MF_RELEASE_TAG} container_name: mainflux-mqtt depends_on: - vernemq - things - broker restart: on-failure environment: MF_MQTT_ADAPTER_LOG_LEVEL: ${MF_MQTT_ADAPTER_LOG_LEVEL} MF_MQTT_ADAPTER_MQTT_PORT: ${MF_MQTT_ADAPTER_MQTT_PORT} MF_MQTT_ADAPTER_MQTT_TARGET_HOST: ${MF_MQTT_ADAPTER_MQTT_TARGET_HOST} MF_MQTT_ADAPTER_MQTT_TARGET_PORT: ${MF_MQTT_ADAPTER_MQTT_TARGET_PORT} MF_MQTT_ADAPTER_FORWARDER_TIMEOUT: ${MF_MQTT_ADAPTER_FORWARDER_TIMEOUT} MF_MQTT_ADAPTER_MQTT_TARGET_HEALTH_CHECK: ${MF_MQTT_ADAPTER_MQTT_TARGET_HEALTH_CHECK} MF_MQTT_ADAPTER_WS_PORT: ${MF_MQTT_ADAPTER_WS_PORT} MF_MQTT_ADAPTER_INSTANCE_ID: ${MF_MQTT_ADAPTER_INSTANCE_ID} MF_MQTT_ADAPTER_WS_TARGET_HOST: ${MF_MQTT_ADAPTER_WS_TARGET_HOST} MF_MQTT_ADAPTER_WS_TARGET_PORT: ${MF_MQTT_ADAPTER_WS_TARGET_PORT} MF_MQTT_ADAPTER_WS_TARGET_PATH: ${MF_MQTT_ADAPTER_WS_TARGET_PATH} MF_MQTT_ADAPTER_INSTANCE: ${MF_MQTT_ADAPTER_INSTANCE} MF_MQTT_ADAPTER_ES_URL: ${MF_MQTT_ADAPTER_ES_URL} MF_MQTT_ADAPTER_ES_PASS: ${MF_MQTT_ADAPTER_ES_PASS} MF_MQTT_ADAPTER_ES_DB: ${MF_MQTT_ADAPTER_ES_DB} MF_THINGS_AUTH_GRPC_URL: ${MF_THINGS_AUTH_GRPC_URL} MF_THINGS_AUTH_GRPC_TIMEOUT: ${MF_THINGS_AUTH_GRPC_TIMEOUT} MF_THINGS_AUTH_GRPC_CLIENT_CERT: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+/client.crt} MF_THINGS_AUTH_GRPC_CLIENT_KEY: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+/client.key} MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+/server_ca.crt} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_BROKER_URL: ${MF_BROKER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} networks: - mainflux-base-net volumes: # Things gRPC mTLS client certificates - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} target: /server_ca${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true http-adapter: image: mainflux/http:${MF_RELEASE_TAG} container_name: mainflux-http depends_on: - things - broker restart: on-failure environment: MF_HTTP_ADAPTER_LOG_LEVEL: ${MF_HTTP_ADAPTER_LOG_LEVEL} MF_HTTP_ADAPTER_HOST: ${MF_HTTP_ADAPTER_HOST} MF_HTTP_ADAPTER_PORT: ${MF_HTTP_ADAPTER_PORT} MF_HTTP_ADAPTER_SERVER_CERT: ${MF_HTTP_ADAPTER_SERVER_CERT} MF_HTTP_ADAPTER_SERVER_KEY: ${MF_HTTP_ADAPTER_SERVER_KEY} MF_THINGS_AUTH_GRPC_URL: ${MF_THINGS_AUTH_GRPC_URL} MF_THINGS_AUTH_GRPC_TIMEOUT: ${MF_THINGS_AUTH_GRPC_TIMEOUT} MF_THINGS_AUTH_GRPC_CLIENT_CERT: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+/client.crt} MF_THINGS_AUTH_GRPC_CLIENT_KEY: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+/client.key} MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+/server_ca.crt} MF_BROKER_URL: ${MF_BROKER_URL} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} MF_HTTP_ADAPTER_INSTANCE_ID: ${MF_HTTP_ADAPTER_INSTANCE_ID} ports: - ${MF_HTTP_ADAPTER_PORT}:${MF_HTTP_ADAPTER_PORT} networks: - mainflux-base-net volumes: # Things gRPC mTLS client certificates - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} target: /server_ca${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true es-redis: image: redis:6.2.2-alpine container_name: mainflux-es-redis restart: on-failure networks: - mainflux-base-net volumes: - mainflux-es-redis-volume:/data coap-adapter: image: mainflux/coap:${MF_RELEASE_TAG} container_name: mainflux-coap depends_on: - things - broker restart: on-failure environment: MF_COAP_ADAPTER_LOG_LEVEL: ${MF_COAP_ADAPTER_LOG_LEVEL} MF_COAP_ADAPTER_HOST: ${MF_COAP_ADAPTER_HOST} MF_COAP_ADAPTER_PORT: ${MF_COAP_ADAPTER_PORT} MF_COAP_ADAPTER_SERVER_CERT: ${MF_COAP_ADAPTER_SERVER_CERT} MF_COAP_ADAPTER_SERVER_KEY: ${MF_COAP_ADAPTER_SERVER_KEY} MF_COAP_ADAPTER_HTTP_HOST: ${MF_COAP_ADAPTER_HTTP_HOST} MF_COAP_ADAPTER_HTTP_PORT: ${MF_COAP_ADAPTER_HTTP_PORT} MF_COAP_ADAPTER_HTTP_SERVER_CERT: ${MF_COAP_ADAPTER_HTTP_SERVER_CERT} MF_COAP_ADAPTER_HTTP_SERVER_KEY: ${MF_COAP_ADAPTER_HTTP_SERVER_KEY} MF_THINGS_AUTH_GRPC_URL: ${MF_THINGS_AUTH_GRPC_URL} MF_THINGS_AUTH_GRPC_TIMEOUT: ${MF_THINGS_AUTH_GRPC_TIMEOUT} MF_THINGS_AUTH_GRPC_CLIENT_CERT: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+/client.crt} MF_THINGS_AUTH_GRPC_CLIENT_KEY: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+/client.key} MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+/server_ca.crt} MF_BROKER_URL: ${MF_BROKER_URL} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} MF_COAP_ADAPTER_INSTANCE_ID: ${MF_COAP_ADAPTER_INSTANCE_ID} ports: - ${MF_COAP_ADAPTER_PORT}:${MF_COAP_ADAPTER_PORT}/udp - ${MF_COAP_ADAPTER_HTTP_PORT}:${MF_COAP_ADAPTER_HTTP_PORT}/tcp networks: - mainflux-base-net volumes: ## Things gRPC mTLS client certificates - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} target: /server_ca${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true ws-adapter: image: mainflux/ws:${MF_RELEASE_TAG} container_name: mainflux-ws depends_on: - things - broker restart: on-failure environment: MF_WS_ADAPTER_LOG_LEVEL: ${MF_WS_ADAPTER_LOG_LEVEL} MF_WS_ADAPTER_HTTP_HOST: ${MF_WS_ADAPTER_HTTP_HOST} MF_WS_ADAPTER_HTTP_PORT: ${MF_WS_ADAPTER_HTTP_PORT} MF_WS_ADAPTER_HTTP_SERVER_CERT: ${MF_WS_ADAPTER_HTTP_SERVER_CERT} MF_WS_ADAPTER_HTTP_SERVER_KEY: ${MF_WS_ADAPTER_HTTP_SERVER_KEY} MF_THINGS_AUTH_GRPC_URL: ${MF_THINGS_AUTH_GRPC_URL} MF_THINGS_AUTH_GRPC_TIMEOUT: ${MF_THINGS_AUTH_GRPC_TIMEOUT} MF_THINGS_AUTH_GRPC_CLIENT_CERT: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+/client.crt} MF_THINGS_AUTH_GRPC_CLIENT_KEY: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+/client.key} MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+/server_ca.crt} MF_BROKER_URL: ${MF_BROKER_URL} MF_JAEGER_URL: ${MF_JAEGER_URL} MF_SEND_TELEMETRY: ${MF_SEND_TELEMETRY} MF_WS_ADAPTER_INSTANCE_ID: ${MF_WS_ADAPTER_INSTANCE_ID} ports: - ${MF_WS_ADAPTER_HTTP_PORT}:${MF_WS_ADAPTER_HTTP_PORT} networks: - mainflux-base-net volumes: # Things gRPC mTLS client certificates - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} target: /client${MF_THINGS_AUTH_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind source: ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} target: /server_ca${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true