9338cff0ef
# What this PR does Disable accessControlOnCall for Grafana 11.3 in docker compose Similar to https://github.com/grafana/oncall/pull/5245 ## Checklist - [ ] Unit, integration, and e2e (if applicable) tests updated - [x] Documentation added (or `pr:no public docs` PR label added if not required) - [x] Added the relevant release notes label (see labels prefixed w/ `release:`). These labels dictate how your PR will show up in the autogenerated release notes.
121 lines
3 KiB
YAML
121 lines
3 KiB
YAML
x-environment: &oncall-environment
|
|
DATABASE_TYPE: sqlite3
|
|
BROKER_TYPE: redis
|
|
BASE_URL: $DOMAIN
|
|
SECRET_KEY: $SECRET_KEY
|
|
FEATURE_PROMETHEUS_EXPORTER_ENABLED: ${FEATURE_PROMETHEUS_EXPORTER_ENABLED:-false}
|
|
PROMETHEUS_EXPORTER_SECRET: ${PROMETHEUS_EXPORTER_SECRET:-}
|
|
REDIS_URI: redis://redis:6379/0
|
|
DJANGO_SETTINGS_MODULE: settings.hobby
|
|
CELERY_WORKER_QUEUE: "default,critical,long,slack,telegram,webhook,retry,celery,grafana"
|
|
CELERY_WORKER_CONCURRENCY: "1"
|
|
CELERY_WORKER_MAX_TASKS_PER_CHILD: "100"
|
|
CELERY_WORKER_SHUTDOWN_INTERVAL: "65m"
|
|
CELERY_WORKER_BEAT_ENABLED: "True"
|
|
GRAFANA_API_URL: http://grafana:3000
|
|
|
|
services:
|
|
engine:
|
|
image: grafana/oncall
|
|
restart: always
|
|
ports:
|
|
- "8080:8080"
|
|
command: sh -c "uwsgi --ini uwsgi.ini"
|
|
environment: *oncall-environment
|
|
volumes:
|
|
- oncall_data:/var/lib/oncall
|
|
depends_on:
|
|
oncall_db_migration:
|
|
condition: service_completed_successfully
|
|
redis:
|
|
condition: service_healthy
|
|
|
|
celery:
|
|
image: grafana/oncall
|
|
restart: always
|
|
command: sh -c "./celery_with_exporter.sh"
|
|
environment: *oncall-environment
|
|
volumes:
|
|
- oncall_data:/var/lib/oncall
|
|
depends_on:
|
|
oncall_db_migration:
|
|
condition: service_completed_successfully
|
|
redis:
|
|
condition: service_healthy
|
|
|
|
oncall_db_migration:
|
|
image: grafana/oncall
|
|
command: python manage.py migrate --noinput
|
|
environment: *oncall-environment
|
|
volumes:
|
|
- oncall_data:/var/lib/oncall
|
|
depends_on:
|
|
redis:
|
|
condition: service_healthy
|
|
|
|
redis:
|
|
image: redis:7.0.5
|
|
restart: always
|
|
expose:
|
|
- 6379
|
|
volumes:
|
|
- redis_data:/data
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 500m
|
|
cpus: "0.5"
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
timeout: 5s
|
|
interval: 5s
|
|
retries: 10
|
|
|
|
prometheus:
|
|
image: prom/prometheus
|
|
hostname: prometheus
|
|
restart: always
|
|
ports:
|
|
- "9090:9090"
|
|
volumes:
|
|
- ./prometheus.yml:/etc/prometheus/prometheus.yml
|
|
- prometheus_data:/prometheus
|
|
profiles:
|
|
- with_prometheus
|
|
|
|
grafana:
|
|
image: "grafana/${GRAFANA_IMAGE:-grafana:latest}"
|
|
restart: always
|
|
ports:
|
|
- "3000:3000"
|
|
environment:
|
|
GF_FEATURE_TOGGLES_ENABLE: externalServiceAccounts
|
|
GF_SECURITY_ADMIN_USER: ${GRAFANA_USER:-admin}
|
|
GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-admin}
|
|
GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app
|
|
GF_INSTALL_PLUGINS: grafana-oncall-app
|
|
GF_AUTH_MANAGED_SERVICE_ACCOUNTS_ENABLED: true
|
|
volumes:
|
|
- grafana_data:/var/lib/grafana
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 500m
|
|
cpus: "0.5"
|
|
profiles:
|
|
- with_grafana
|
|
configs:
|
|
- source: grafana.ini
|
|
target: /etc/grafana/grafana.ini
|
|
|
|
volumes:
|
|
grafana_data:
|
|
prometheus_data:
|
|
oncall_data:
|
|
redis_data:
|
|
|
|
configs:
|
|
grafana.ini:
|
|
content: |
|
|
[feature_toggles]
|
|
accessControlOnCall = false
|