forked from balena-labs-projects/balena-dash
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
128 lines (127 loc) · 3.83 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
version: '2'
volumes:
settings:
browser-settings:
audio-data: # Required for PA over UNIX socket
zerotier-data:
tailscale-data:
www-data:
services:
balenalabs-audio:
# image: balenaplayground/balenalabs-audio:intel-nuc
# image: balenaplayground/balenalabs-audio:raspberrypi3-64
build:
context: ./balenalabs-audio
dockerfile: Dockerfile.template
privileged: true
labels:
io.balena.features.dbus: '1'
io.balena.features.firmware: '1'
io.balena.features.kernel-modules: '1'
## io.balena.features.procfs: '1'
## io.balena.features.sysfs: '1'
volumes:
- 'audio-data:/run/pulse'
cap_add:
- SYS_ADMIN
- NET_ADMIN
ports:
- 4317:4317
environment:
# AUDIO_OUTPUT: 'RPI_HEADPHONES'
DBUS_SYSTEM_BUS_ADDRESS: 'unix:path=/host/run/dbus/system_bus_socket'
balenalabs-browser:
build: ./balenalabs-browser
privileged: true
network_mode: host
restart: always
labels:
io.balena.features.dbus: '1'
io.balena.features.firmware: '1'
io.balena.features.kernel-modules: '1'
ports:
- 5012:5012
- 35173:35173
volumes:
- 'browser-settings:/data'
environment:
# LAUNCH_URL: 'http://localhost'
LAUNCH_URL: 'https://akirodic.com/p/jellyfish/'
LOCAL_HTTP_DELAY: '10'
API_PORT: '5012'
SHOW_CURSOR: '0'
REMOTE_DEBUG_PORT: '35173'
WINDOW_SIZE: '1920,1080'
ENABLE_GPU: '1'
KIOSK: '1'
PERSISTENT: '1'
DBUS_SYSTEM_BUS_ADDRESS: 'unix:path=/host/run/dbus/system_bus_socket'
depends_on:
- lighttpd
scheduler:
restart: always
build: ./scheduler
privileged: true
tailscale:
# # privileged may be optional, but requires manual step in that case
# # https://github.com/tailscale/tailscale/issues/504
privileged: true
restart: on-failure
build:
context: ./balena-tailscale
dockerfile: Dockerfile
cap_add:
- SYS_MODULE
- NET_ADMIN
- NET_RAW
network_mode: host
volumes:
- tailscale-data:/var/lib/tailscale
labels:
- io.balena.features.kernel-modules=1
- io.balena.features.dbus=1
- io.balena.features.firmware=1
tmpfs:
- /tmp
- /var/run/
environment:
TAILSCALE_AUTHKEY: 'tskey-auth-kDm37D1CNTRL-23tm6sKnHFEkh1hFBBfcEEZmByiy3gysY'
TS_AUTH_KEY: 'tskey-auth-kDm37D1CNTRL-23tm6sKnHFEkh1hFBBfcEEZmByiy3gysY'
TS_ACCEPT_DNS: true
# TS_EXTRA_ARGS: '-advertise-tags tag:docker'
DBUS_SYSTEM_BUS_ADDRESS: 'unix:path=/host/run/dbus/system_bus_socket'
lighttpd:
build:
context: ./lighttpd
dockerfile: Dockerfile.template
restart: always
privileged: true
ports:
- 80:80
- 443:443
volumes:
- 'www-data:/var/www'
# depends_on:
# - tailscale
zerotier:
# This volume is needed to make ZT configuration survive a reboot and new container version
volumes:
- 'zerotier-data:/var/lib/zerotier-one'
build:
context: ./balena-zerotier
# privileged is needed for ZeroTier to avoid "cannot bind to local control interface port" error
privileged: true
network_mode: host
# SYS_ADMIN is needed because NET_ADMIN does not include the ioctl() required to put /dev/net/tun in tap mode.
# Source : https://zerotier.atlassian.net/wiki/spaces/SD/pages/7536656/Running+ZeroTier+in+a+Docker+Container
# NET_ADMIN is also needed to avoid "zerotier-one: fatal error: cannot bind to local control interface port" error
cap_add:
- SYS_ADMIN
- NET_ADMIN
# Enable dbus communications for nmcli commands
# Source : https://github.com/balena-io/wifi-connect
labels:
io.balena.features.dbus: '1'
io.balena.features.kernel-modules: '1'
environment:
DBUS_SYSTEM_BUS_ADDRESS: 'unix:path=/host/run/dbus/system_bus_socket'