First real service role. NetBird v0.72.4 self-hosted control plane: single netbirdio/netbird-server:0.72.4 (management + signal + relay + STUN + embedded Dex) plus netbirdio/dashboard:v2.39.0, both on the shared boma Docker network so the M4a Caddy fronts them. Renders docker-compose.yml + config.yaml (secrets from vault.netbird.*, no_log) + dashboard.env. STUN 3478/udp host-exposed; everything else via the proxy. netbird_coordinator__manage gates the compose-up for Molecule. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
33 lines
984 B
Django/Jinja
33 lines
984 B
Django/Jinja
# {{ ansible_managed }}
|
|
services:
|
|
dashboard:
|
|
image: "{{ netbird_coordinator__dashboard_image }}"
|
|
container_name: netbird-dashboard
|
|
restart: unless-stopped
|
|
env_file: [./dashboard.env]
|
|
networks: [boma]
|
|
# Cap json logs — Docker's default driver never rotates. Interim until ADR-018
|
|
# (Alloy log shipping) lands; consider back-porting this to reverse_proxy too.
|
|
logging:
|
|
driver: json-file
|
|
options: {max-size: "500m", max-file: "2"}
|
|
netbird-server:
|
|
image: "{{ netbird_coordinator__server_image }}"
|
|
container_name: netbird-server
|
|
restart: unless-stopped
|
|
command: ["--config", "/etc/netbird/config.yaml"]
|
|
ports:
|
|
- "3478:3478/udp"
|
|
volumes:
|
|
- netbird_data:/var/lib/netbird
|
|
- ./config.yaml:/etc/netbird/config.yaml:ro
|
|
networks: [boma]
|
|
logging:
|
|
driver: json-file
|
|
options: {max-size: "500m", max-file: "2"}
|
|
volumes:
|
|
netbird_data:
|
|
networks:
|
|
boma:
|
|
external: true
|
|
name: boma
|