netmaker/compose/docker-compose.reference.yml

services:
  rqlite:
    container_name: rqlite
    image: rqlite/rqlite
    network_mode: host
    restart: always
    volumes:
      - sqldata:/rqlite/file/data
  netmaker: # The Primary Server for running Netmaker
    privileged: true # Necessary to run sudo/root level commands on host system. Take out if not running with CLIENT_MODE=on
    container_name: netmaker
    depends_on:
      - rqlite
    image: gravitl/netmaker:v0.8.5
    volumes: # Volume mounts necessary for CLIENT_MODE to control wireguard networking on host (except dnsconfig, which is where dns config files are stored for use by CoreDNS)
      - dnsconfig:/root/config/dnsconfig # Netmaker writes Corefile to this location, which gets mounted by CoreDNS for DNS configuration.
      - /usr/bin/wg:/usr/bin/wg
    cap_add: # Necessary for CLIENT_MODE. Should be removed if turned off. 
      - NET_ADMIN
    restart: always
    network_mode: host # Necessary for CLIENT_MODE. Should be removed if turned off, but then need to add port mappings
    environment:
      SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host.
      SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
      SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
      API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
      GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes.
      CLIENT_MODE: "on" # on if netmaker should run its own client, off if not.
      MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
      CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
      REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
      AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off.
      DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
      DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
      GRPC_SSL: "off" # Tells clients to use SSL to connect to GRPC. Switch to on to turn on.
      COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST
      SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT
      SERVER_GRPC_CONN_STRING: "" # Changes the grpc connection string. IP:PORT format. By default is empty and uses SERVER_HOST:GRPC_PORT
  netmaker-ui: # The Netmaker UI Component
    container_name: netmaker-ui
    depends_on:
      - netmaker
    image: gravitl/netmaker-ui:v0.7
    links:
      - "netmaker:api"
    ports:
      - "8082:80"
    environment:
      BACKEND_URL: "http://HOST_IP:8081" # URL where UI will send API requests. Change based on SERVER_HOST, SERVER_HTTP_HOST, and API_PORT
  coredns: # The DNS Server. Remove this section if DNS_MODE="off"
    depends_on:
      - netmaker 
    image: coredns/coredns
    command: -conf /root/dnsconfig/Corefile # Config location for Corefile. This is the path of file which is also mounted to Netmaker for modification.
    container_name: coredns
    restart: always
    ports:
      - "53:53/udp" # Likely needs to run at port 53 for adequate nameserver usage.
    volumes:
      - dnsconfig:/root/dnsconfig
volumes:
  sqldata: {}
  dnsconfig: {}