-
Notifications
You must be signed in to change notification settings - Fork 6
/
docker-compose.yml
87 lines (80 loc) · 1.9 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2022-2023 Dell Inc, or its subsidiaries.
---
version: '3.7'
services:
vpn-server:
image: strongx509/strongswan:5.9.13
cap_add:
- NET_ADMIN
- SYS_ADMIN
- SYS_MODULE
stdin_open: true
tty: true
volumes:
- ./conf/server:/etc/swanctl
- ./conf/strongswan-server.conf:/etc/strongswan.conf
- /var/run
networks:
internet:
ipv4_address: 192.168.200.210
intranet:
ipv4_address: 10.1.0.2
command: './charon'
vpn-client:
image: strongx509/strongswan:5.9.13
depends_on:
- vpn-server
cap_add:
- NET_ADMIN
- SYS_ADMIN
- SYS_MODULE
stdin_open: true
tty: true
volumes:
- ./conf/client:/etc/swanctl
- ./conf/strongswan-client.conf:/etc/strongswan.conf
- /var/run
networks:
internet:
ipv4_address: 192.168.200.200
command: './charon'
opi-security-server:
build:
context: .
depends_on:
- vpn-client
- redis
volumes_from:
- vpn-client:rw
networks:
- internet
- intranet
command: /opi-vici-bridge -port=50151
healthcheck:
test: grpcurl -plaintext localhost:50151 list || exit 1
redis:
image: redis:7.2.3-alpine3.18
networks:
- internet
- intranet
healthcheck:
test: ["CMD", "redis-cli", "--raw", "incr", "ping"]
opi-test:
image: ghcr.io/opiproject/godpu:main@sha256:cd07c82267b346625ce7f0fe133ec09443a5c08084f2b0de3130a9b538aa7808
network_mode: service:vpn-server
depends_on:
opi-security-server:
condition: service_healthy
command: ipsec test --addr=opi-security-server:50151 --pingaddr=10.3.0.1
networks:
internet:
ipam:
driver: default
config:
- subnet: 192.168.200.0/24
intranet:
ipam:
driver: default
config:
- subnet: 10.1.0.0/16