docker/compose/docker-compose.yml

---
version: '3.7'
services:
  elasticsearch:
    image: mozdef/mozdef_elasticsearch
    build:
      context: ../../
      dockerfile: docker/compose/elasticsearch/Dockerfile
      cache_from:
        - mozdef/mozdef_elasticsearch
        - mozdef_elasticsearch:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:9200"]
      interval: 30s
      timeout: 3s
      retries: 10
    command: bin/elasticsearch
    restart: always
    volumes:
      - elasticsearch:/var/lib/elasticsearch
    # ports:
    #   - 9200:9200
    networks:
      - default
  rabbitmq:
    image: mozdef/mozdef_rabbitmq
    build:
      context: ../../
      dockerfile: docker/compose/rabbitmq/Dockerfile
      cache_from:
        - mozdef/mozdef_rabbitmq
        - mozdef_rabbitmq:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:15672"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: rabbitmq-server
    volumes:
      - rabbitmq:/var/lib/rabbitmq
    # ports:
    #   - 5672:5672
    #   - 15672:15672 # Admin interface
    networks:
      - default
  mongodb:
    image: mozdef/mozdef_mongodb
    build:
      context: ../../
      dockerfile: docker/compose/mongodb/Dockerfile
      cache_from:
        - mozdef/mozdef_mongodb
        - mozdef_mongodb:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:3002"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: /usr/bin/mongod --smallfiles --config /etc/mongod.conf
    volumes:
      - mongodb:/var/lib/mongo
    # ports:
    #   - 3002:3002
    networks:
      - default
  kibana:
    image: mozdef/mozdef_kibana
    build:
      context: ../../
      dockerfile: docker/compose/kibana/Dockerfile
      cache_from:
        - mozdef/mozdef_kibana
        - mozdef_kibana:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:5601"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bin/kibana --elasticsearch=http://elasticsearch:9200
    depends_on:
      - elasticsearch
    networks:
      - default
  nginx:
    image: mozdef/mozdef_nginx
    build:
      context: ../../
      dockerfile: docker/compose/nginx/Dockerfile
      cache_from:
        - mozdef/mozdef_nginx
        - mozdef_nginx:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: /usr/sbin/nginx
    depends_on:
      - kibana
      - meteor
    ports:
      - "0.0.0.0:80:80"
      - "0.0.0.0:8080:8080"
      - "0.0.0.0:9090:9090"
      - "0.0.0.0:8081:8081"
    networks:
      - default

  # MozDef Specific Containers
  base:
    image: mozdef/mozdef_base
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_base/Dockerfile
      cache_from:
        - mozdef/mozdef_base
        - mozdef_base:latest
  bootstrap:
    image: mozdef/mozdef_bootstrap
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_bootstrap/Dockerfile
      cache_from:
        - mozdef/mozdef_bootstrap
        - mozdef_bootstrap:latest
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && python initial_setup.py http://elasticsearch:9200 http://kibana:5601'
    depends_on:
      - base
      - elasticsearch
    environment:
      - ES_URL=http://localhost:9200
    networks:
      - default
  alertactions:
    image: mozdef/mozdef_alertactions
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_alertactions/Dockerfile
      cache_from:
        - mozdef/mozdef_alertactions
        - mozdef_alertactions:latest
    healthcheck:
      test: "[[ $$(pgrep python | wc -l) -ge 1 ]]"
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && python alert_actions_worker.py -c alert_actions_worker.conf'
    depends_on:
      - base
      - elasticsearch
      - rabbitmq
      - alerts
      - bootstrap
    networks:
      - default
  alerts:
    image: mozdef/mozdef_alerts
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_alerts/Dockerfile
      cache_from:
        - mozdef/mozdef_alerts
        - mozdef_alerts:latest
    healthcheck:
      test: "celery inspect ping -A lib.tasks"
      interval: 30s
      timeout: 6s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && celery -A lib.tasks worker --loglevel=info --beat'
    depends_on:
      - base
      - elasticsearch
      - rabbitmq
      - bootstrap
    networks:
      - default
  # bot:
  #   image: mozdef/mozdef_bot
  #   build:
  #     context: ../../
  #     dockerfile: docker/compose/mozdef_bot/Dockerfile
  #     cache_from:
  #       - mozdef/mozdef_bot
  #       - mozdef_bot:latest
  #     args:
  #       # This is either 'irc', or 'slack'
  #       BOT_TYPE: slack
  #   restart: always
  #   command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/rabbitmq/5672";do sleep 1;done && python mozdefbot.py -c mozdefbot.conf'
  #   depends_on:
  #     - base
  #     - rabbitmq
  #     - alerts
  #     - bootstrap
  #   networks:
  #     - default
  #   volumes:
  #     - geolite_db:/opt/mozdef/envs/mozdef/data/
  cron:
    image: mozdef/mozdef_cron
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_cron/Dockerfile
      cache_from:
        - mozdef/mozdef_cron
        - mozdef_cron:latest
    healthcheck:
      test: "[[ $$(pgrep crond | wc -l) -eq 1 ]]"
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && crond -n'
    volumes:
      - geolite_db:/opt/mozdef/envs/mozdef/data/
    depends_on:
      - base
      - rabbitmq
      - elasticsearch
      - mongodb
      - bootstrap
    networks:
      - default
  loginput:
    image: mozdef/mozdef_loginput
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_loginput/Dockerfile
      cache_from:
        - mozdef/mozdef_loginput
        - mozdef_loginput:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:8080/status"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && python index.py -c index.conf'
    depends_on:
      - base
      - elasticsearch
      - rabbitmq
      - bootstrap
    networks:
      - default
  mq_worker:
    image: mozdef/mozdef_mq_worker
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_mq_worker/Dockerfile
      cache_from:
        - mozdef/mozdef_mq_worker
        - mozdef_mq_worker:latest
    healthcheck:
      test: "[[ $$(pgrep python | wc -l) -ge 1 ]]"
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && python esworker_eventtask.py -c esworker_eventtask.conf'
    depends_on:
      - base
      - rabbitmq
      - elasticsearch
      - loginput
      - bootstrap
    networks:
      - default
    volumes:
      - geolite_db:/opt/mozdef/envs/mozdef/data/
  meteor:
    image: mozdef/mozdef_meteor
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_meteor/Dockerfile
      cache_from:
        - mozdef/mozdef_meteor
        - mozdef_meteor:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:3000"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'node bundle/main.js'
    depends_on:
      - mongodb
      - rest
    networks:
      - default
  rest:
    image: mozdef/mozdef_rest
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_rest/Dockerfile
      cache_from:
        - mozdef/mozdef_rest
        - mozdef_rest:latest
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1:8081/status"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/elasticsearch/9200";do sleep 1;done && python index.py -c index.conf'
    depends_on:
      - base
      - elasticsearch
      - mongodb
      - bootstrap
    networks:
      - default
  syslog:
    image: mozdef/mozdef_syslog
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_syslog/Dockerfile
      cache_from:
        - mozdef/mozdef_syslog
        - mozdef_syslog:latest
    healthcheck:
      test: ["CMD-SHELL", "echo > /dev/tcp/localhost/514"]
      interval: 30s
      timeout: 3s
      retries: 10
    restart: always
    command: bash -c 'while ! timeout 1 bash -c "echo > /dev/tcp/rabbitmq/5672";do sleep 1;done && sleep 30 && /usr/sbin/syslog-ng --no-caps -F'
    depends_on:
      - loginput
    ports:
      - 514:514/udp
      - 514:514
    networks:
      - default
  tester:
    image: mozdef/mozdef_tester
    build:
      context: ../../
      dockerfile: docker/compose/tester/Dockerfile
      cache_from:
        - mozdef/mozdef_tester
        - mozdef_tester:latest
    networks:
      - default
  cognito_proxy:
    image: mozdef/mozdef_cognito_proxy
    build:
      context: ../../
      dockerfile: docker/compose/mozdef_cognito_proxy/Dockerfile
    healthcheck:
      test: ["CMD", "curl", "-f", "127.0.0.1"]
      interval: 30s
      timeout: 3s
      retries: 10
    command: bash -c 'exit 0'
    networks:
      - default
volumes:
  elasticsearch:
  rabbitmq:
  mongodb:
  geolite_db:

networks:
  default: