48 lines
1.6 KiB
YAML
48 lines
1.6 KiB
YAML
version: "3.9"
|
|
|
|
services:
|
|
rpki-rtr:
|
|
build:
|
|
context: ../..
|
|
dockerfile: deploy/server/Dockerfile
|
|
image: rpki-rtr:latest
|
|
container_name: rpki-rtr-ssh
|
|
restart: no
|
|
ports:
|
|
- "323:323"
|
|
- "${RPKI_RTR_SSH_HOST_PORT:-2222}:${RPKI_RTR_SSH_CONTAINER_PORT:-22}"
|
|
environment:
|
|
RPKI_RTR_ENABLE_TLS: "false"
|
|
RPKI_RTR_ENABLE_SSH: "true"
|
|
RPKI_RTR_TCP_ADDR: "0.0.0.0:323"
|
|
RPKI_RTR_SSH_ADDR: "0.0.0.0:${RPKI_RTR_SSH_CONTAINER_PORT:-22}"
|
|
RPKI_RTR_SSH_HOST_KEY_PATH: "${RPKI_RTR_SSH_HOST_KEY_PATH:-/host-ssh/ssh_host_ed25519_key}"
|
|
RPKI_RTR_SSH_AUTHORIZED_KEYS_PATH: "${RPKI_RTR_SSH_AUTHORIZED_KEYS_PATH:-/app/certs/rtr-authorized_keys}"
|
|
RPKI_RTR_SSH_USERNAME: "${RPKI_RTR_SSH_USERNAME:-rpki-rtr}"
|
|
RPKI_RTR_SSH_SUBSYSTEM_NAME: "${RPKI_RTR_SSH_SUBSYSTEM_NAME:-rpki-rtr}"
|
|
# SSH auth mode: key | password | both
|
|
RPKI_RTR_SSH_AUTH_MODE: "${RPKI_RTR_SSH_AUTH_MODE:-key}"
|
|
# Optional: enable password authentication in addition to publickey
|
|
# RPKI_RTR_SSH_PASSWORD: "test-password"
|
|
RPKI_RTR_DB_PATH: "/app/rtr-db"
|
|
RPKI_RTR_CCR_DIR: "/app/data"
|
|
RPKI_RTR_SLURM_DIR: "/app/slurm"
|
|
RPKI_RTR_STRICT_CCR_VALIDATION: "false"
|
|
RPKI_RTR_SOURCE_REFRESH_INTERVAL_SECS: "300"
|
|
RPKI_RTR_MAX_CONCURRENT_HANDSHAKES: "128"
|
|
RUST_LOG: "info"
|
|
volumes:
|
|
- ../../data:/app/data:ro
|
|
- ../../rtr-db:/app/rtr-db
|
|
- ../../data:/app/slurm:ro
|
|
- ${RPKI_RTR_SSH_KEYS_VOLUME:-/etc/ssh:/host-ssh:ro}
|
|
- ../../certs:/app/certs:ro
|
|
- ../../logs/server:/app/logs
|
|
networks:
|
|
- rpki_net
|
|
|
|
networks:
|
|
rpki_net:
|
|
name: rpki_net
|
|
driver: bridge
|