--- version: "2" services: # To test with MariaDB, set FLEET_MYSQL_IMAGE to mariadb:10.6 or the like (note MariaDB is not # officially supported). # To run in macOS M1, set FLEET_MYSQL_IMAGE=arm64v8/mysql:oracle FLEET_MYSQL_PLATFORM=linux/arm64/v8 mysql: image: ${FLEET_MYSQL_IMAGE:-mysql:5.7} platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64} volumes: - mysql-persistent-volume:/tmp command: [ "mysqld", "--datadir=/tmp/mysqldata", # These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it. "--enforce-gtid-consistency=ON", "--log-bin=bin.log", "--server-id=master-01", # Required for storage of Apple MDM installers. "--max_allowed_packet=536870912" ] environment: &mysql-default-environment MYSQL_ROOT_PASSWORD: toor MYSQL_DATABASE: fleet MYSQL_USER: fleet MYSQL_PASSWORD: insecure ports: - "3306:3306" mysql_test: image: ${FLEET_MYSQL_IMAGE:-mysql:5.7} platform: ${FLEET_MYSQL_PLATFORM:-linux/x86_64} # innodb-file-per-table=OFF gives ~20% speedup for test runs. command: [ "mysqld", "--datadir=/tmpfs", "--slow_query_log=1", "--log_output=TABLE", "--log-queries-not-using-indexes", "--innodb-file-per-table=OFF", "--table-definition-cache=8192", # These 3 keys run MySQL with GTID consistency enforced to avoid issues with production deployments that use it. "--enforce-gtid-consistency=ON", "--log-bin=bin.log", "--server-id=master-01", # Required for storage of Apple MDM installers. "--max_allowed_packet=536870912" ] environment: *mysql-default-environment ports: - "3307:3306" tmpfs: - /var/lib/mysql:rw,noexec,nosuid - /tmpfs # Unauthenticated SMTP server. mailhog: image: mailhog/mailhog:latest ports: - "8025:8025" - "1025:1025" # SMTP server with Basic Authentication. mailpit: image: axllent/mailpit:latest ports: - "8026:8025" - "1026:1025" volumes: - ./tools/mailpit/auth.txt:/auth.txt command: [ "--smtp-auth-file=/auth.txt", "--smtp-auth-allow-insecure=true" ] # SMTP server with TLS smtp4dev_test: image: rnwood/smtp4dev:v3 ports: - "8028:80" - "1027:25" volumes: - ./tools/smtp4dev:/certs environment: - ServerOptions__TlsMode=ImplicitTls - ServerOptions__TlsCertificate=/certs/fleet.crt - ServerOptions__TlsCertificatePrivateKey=/certs/fleet.key redis: image: redis:5 ports: - "6379:6379" saml_idp: image: fleetdm/docker-idp:latest volumes: - ./tools/saml/users.php:/var/www/simplesamlphp/config/authsources.php - ./tools/saml/config.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php ports: - "9080:8080" - "9443:8443" # CAdvisor container allows monitoring other containers. Useful for # development. cadvisor: image: google/cadvisor:latest ports: - "5678:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - /sys:/sys:ro - /var/lib/docker/:/var/lib/docker:ro prometheus: image: prom/prometheus:latest ports: - "9090:9090" volumes: - ./tools/app/prometheus.yml:/etc/prometheus/prometheus.yml # localstack to simulate AWS integrations like firehose & kinesis # use http://localhost:4566 as the `--endpoint-url` argument in awscli localstack: image: localstack/localstack ports: - "4566:4566" - "4571:4571" environment: - SERVICES=firehose,kinesis # s3 compatible object storage (file carving backend) minio: image: quay.io/minio/minio command: server /data --console-address ":9001" ports: - "9000:9000" - "9001:9001" environment: MINIO_ROOT_USER: minio MINIO_ROOT_PASSWORD: minio123! volumes: - data-minio:/data toxiproxy: image: shopify/toxiproxy ports: - "22220:22220" - "8474:8474" volumes: mysql-persistent-volume: data-minio: