zishuo/oneterm
1
0
Fork 0
mirror of https://github.com/veops/oneterm.git synced 2025-09-27 03:36:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
oneterm/deploy/docker-compose.domain.yaml
pycook 467dcb86d8 chore: release v25.9.1
2025-09-16 19:04:19 +08:00

220 lines
6.7 KiB
YAML
Raw Permalink Blame History

# OneTerm Domain Deployment Configuration
#
# Quick Setup:
# 1. Modify ONETERM_DOMAIN in oneterm-ui environment section (line ~123)
# 2. For HTTPS: Uncomment SSL volume mount and HTTPS port (line 141 or 142)
# 3. Configure DNS to point your domain to this server
# 4. Run: docker-compose -f docker-compose.domain.yaml up -d
#
# Access:
# - OneTermUI: http://your-domain.com
# - WebProxy: http://webproxy.your-domain.com
services:
oneterm-api:
image: registry.cn-hangzhou.aliyuncs.com/veops/oneterm-api:v25.9.1
container_name: oneterm-api
environment:
ONETERM_RDP_DRIVE_PATH: /rdp
volumes:
- ./volume/replay:/replay
- ./volume/rdp:/rdp
- ./config.yaml:/oneterm/config.yaml
depends_on:
oneterm-guacd:
condition: service_healthy
acl-api:
condition: service_healthy
healthcheck:
test: ["CMD", "nc", "-z", "localhost", "8888"]
interval: 10s
timeout: 5s
retries: 5
command:
- "./server"
- "config.yaml"
restart: always
networks:
new:
aliases:
- oneterm-api
tty: true
ports:
- "2222:2222"
oneterm-guacd:
image: registry.cn-hangzhou.aliyuncs.com/veops/oneterm-guacd:1.5.4
container_name: oneterm-guacd
user: root
restart: always
volumes:
- ./volume/replay:/replay
- ./volume/rdp:/rdp
healthcheck:
test: ["CMD", "nc", "-z", "localhost", "4822"]
interval: 10s
timeout: 5s
retries: 5
ports:
- "14822:4822"
networks:
new:
aliases:
- oneterm-guacd
mysql:
image: registry.cn-hangzhou.aliyuncs.com/veops/mysql:8.2.0
container_name: oneterm-mysql
environment:
TZ: Asia/Shanghai
MYSQL_ROOT_PASSWORD: '123456'
MYSQL_DATABASE: 'oneterm'
volumes:
- ./volume/mysql:/var/lib/mysql
- ./mysqld.cnf:/etc/mysql/conf.d/mysqld.cnf
- ./acl.sql:/docker-entrypoint-initdb.d/2-acl.sql
- ./create-users.sql:/docker-entrypoint-initdb.d/1-create-users.sql
ports:
- "13306:3306"
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-P", "3306", "-u", "root", "-p123456"]
interval: 10s
timeout: 5s
retries: 5
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
restart: always
networks:
new:
aliases:
- mysql
redis:
image: registry.cn-hangzhou.aliyuncs.com/veops/redis:7.2.3
container_name: oneterm-redis
restart: always
environment:
TZ: Asia/Shanghai
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 5s
retries: 5
ports:
- "16379:6379"
networks:
new:
aliases:
- redis
oneterm-ui:
image: registry.cn-hangzhou.aliyuncs.com/veops/oneterm-ui:v25.9.1
container_name: oneterm-ui
depends_on:
oneterm-api:
condition: service_healthy
environment:
TZ: Asia/Shanghai
# Backend service hosts (modify if using external services)
ONETERM_API_HOST: oneterm-api:8888 # Change if using external OneTermAPI
ACL_API_HOST: acl-api:5000 # Change if using external ACL API
# Domain configuration - REQUIRED: MODIFY THIS TO YOUR DOMAIN
ONETERM_DOMAIN: oneterm.example.com # Your OneTermUI domain
# WebProxy will be: webproxy.oneterm.example.com
# HTTP/HTTPS ports (modify if needed)
NGINX_PORT: 80 # HTTP port (modify if different)
NGINX_HTTPS_PORT: 443 # HTTPS port (modify if different)
# SSL certificate paths (for HTTPS deployment only)
# Modify these paths if your certificates are in different locations
ONETERM_SSL_CERT_PATH: /etc/nginx/ssl/oneterm.crt # OneTermUI SSL cert
ONETERM_SSL_KEY_PATH: /etc/nginx/ssl/oneterm.key # OneTermUI SSL key
WEBPROXY_SSL_CERT_PATH: /etc/nginx/ssl/webproxy.crt # WebProxy SSL cert
WEBPROXY_SSL_KEY_PATH: /etc/nginx/ssl/webproxy.key # WebProxy SSL key
volumes:
# Use the domain-aware nginx configuration
- ./nginx.webproxy.conf.example:/etc/nginx/conf.d/nginx.webproxy.conf.example
# For HTTPS: Uncomment and modify SSL certificates directory path
# - ./ssl:/etc/nginx/ssl:ro # Mount your SSL cert directory
# - /path/to/your/certs:/etc/nginx/ssl:ro # Or use custom path
restart: always
command:
- /bin/sh
- -c
- |
# Generate nginx configuration with environment variable substitution
envsubst '$$ONETERM_API_HOST $$ACL_API_HOST $$ONETERM_DOMAIN $$NGINX_PORT $$NGINX_HTTPS_PORT $$ONETERM_SSL_CERT_PATH $$ONETERM_SSL_KEY_PATH $$WEBPROXY_SSL_CERT_PATH $$WEBPROXY_SSL_KEY_PATH' < /etc/nginx/conf.d/nginx.webproxy.conf.example > /etc/nginx/conf.d/oneterm.conf
# Start nginx
nginx -g 'daemon off;' &
# Wait a moment and reload to pick up any configuration changes
sleep 2
nginx -s reload
# Keep container running
wait
networks:
- new
ports:
# HTTP port (modify if you need different external port)
- "80:80" # External:Internal
# - "8080:80" # Example: External port 8080
# HTTPS port (uncomment if using HTTPS, modify if needed)
# - "443:443" # External:Internal
# - "8443:443" # Example: External port 8443
acl-api:
image: registry.cn-hangzhou.aliyuncs.com/acl-api:2.2
container_name: oneterm-acl-api
depends_on:
mysql:
condition: service_healthy
redis:
condition: service_healthy
environment:
TZ: Asia/Shanghai
WAIT_HOSTS: mysql:3306, redis:6379
SYSTEM_DEFAULT_LANGUAGE: # en-US, zh-CN
volumes:
- ./.env:/data/apps/acl/.env
restart: always
command:
- /bin/sh
- -c
- |
if [ ! -f /var/run/.initialized ]; then
flask db-setup
flask common-check-new-columns
flask init-acl
flask init-department
touch /var/run/.initialized
fi
nohup bash -c 'flask db-setup && flask common-check-new-columns' >/dev/null 2>&1 &
gunicorn --workers=3 autoapp:app -b 0.0.0.0:5000 -D --access-logfile logs/access.log --error-logfile logs/error.log
celery -A celery_worker.celery worker -E -Q acl_async --logfile=one_acl_async.log --autoscale=2,1
healthcheck:
test: ["CMD", "nc", "-z", "127.0.0.1", "5000"]
interval: 5s
timeout: 5s
retries: 5
networks:
new:
aliases:
- acl-api
networks:
new:
driver: bridge
name: oneterm_network
ipam:
config:
- subnet: 172.30.0.0/24
Reference in New Issue View Git Blame Copy Permalink