-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy pathdocker-compose.yml
123 lines (119 loc) · 3.56 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
services:
aps:
image: r4ulcl/wifichallengelab-aps:latest
#build: ./APs/ # uncomment to build the Docker file
restart: on-failure # Automatically restart on failure
container_name: WiFiChallengeLab-APs
#env_file: ./APs/.env
volumes:
- ./certs:/root/certs/:ro
- ./certs:/root/mgt/certs/:ro
- ./certs:/var/www/html/.internalCA/
- /lib/modules:/lib/modules
- ./logsAP:/root/logs/
healthcheck:
test:
- CMD-SHELL
- ip netns exec ns-ap /bin/bash -c '
curl -f -s http://localhost/login.php >/dev/null || exit 1;
curl -s http://localhost:8080 >/dev/null || exit 2;
if [ $(ps aux | grep host_aps_apd | grep -v grep | grep -c host_aps_apd) -ne 15 ]; then exit 3; fi'
interval: 5s
timeout: 5s
retries: 3
start_period: 30s
network_mode: host #NETNS
privileged: true #NETNS
clients:
image: r4ulcl/wifichallengelab-clients:latest
#build: ./Clients/ # uncomment to build the Docker file
restart: on-failure # Automatically restart on failure
container_name: WiFiChallengeLab-Clients
#env_file: ./Clients/.env
volumes:
- ./certs:/root/certs/:ro
- /lib/modules:/lib/modules
- ./logsClient:/root/logs/
depends_on:
- aps
network_mode: host #NETNS
privileged: true #NETNS
healthcheck:
test:
- CMD-SHELL
- ip netns exec ns-client /bin/bash -c '
curl -s http://localhost >/dev/null || exit 1;
if [ $(ps aux | grep wpa_wifichallenge_supplicant | grep -vE "grep|sudo|timeout" | grep -c wpa_wifichallenge_supplicant) -lt 17 ]; then exit 2; fi'
interval: 5s
timeout: 5s
retries: 3
start_period: 45s
nzyme:
image: r4ulcl/wifichallengelab-nzyme:latest
#build: ./nzyme/
restart: on-failure # Automatically restart on failure
#env_file: ./nzyme/.env
env_file: .env
container_name: WiFiChallengeLab-nzyme
security_opt:
- no-new-privileges:true
volumes:
- ./nzyme/nzyme.conf:/etc/nzyme/nzyme.conf.tmp #copy in entrypoint
- ./logsNzyme:/var/log/nzyme/
#ports:
# - "22900:22900"
depends_on:
- aps
- db
environment:
- TZ=Europe/Berlin
- DATABASE_URL=$DATABASE_URL
- ADMIN_PASSWORD_HASH=$ADMIN_PASSWORD_HASH
- EXTERNAL_URL=$EXTERNAL_URL
network_mode: host #USB Antena
healthcheck:
test: ["CMD-SHELL", "curl -f -s http://localhost:22900 >/dev/null || exit 1"]
interval: 5s
timeout: 5s
retries: 3
start_period: 30s
cap_add: # full access to wifi interface
- NET_ADMIN
- NET_RAW
deploy:
resources:
limits:
cpus: "0.50"
memory: 512M
reservations:
memory: 128M
db:
image: postgres:14
restart: unless-stopped
#env_file: ./nzyme/.env
env_file: .env
container_name: WiFiChallengeLab-nzyme-db
security_opt:
- no-new-privileges:true
depends_on:
- aps
environment:
- TZ=Europe/Berlin
- POSTGRES_DB=$POSTGRES_DB
- POSTGRES_USER=$POSTGRES_USER
- POSTGRES_PASSWORD=$POSTGRES_PASS
volumes:
- ./nzyme/data:/var/lib/postgresql/data
ports:
- 127.0.0.1:5432:5432 # Since we use host net on nzyme, listen only locally
healthcheck:
test: ["CMD", "pg_isready", "-U", "$POSTGRES_USER"]
interval: 10s
start_period: 30s
deploy:
resources:
limits:
cpus: "0.50"
memory: 512M
reservations:
memory: 128M