8Q3wTpAG

1## Working config, additional persistency needed, please bear this in mind.
2## For PuppetDB you might want to include some additional folders as persistent storage like logs or data.
3
4---
5services:
6  puppet:
7    image: ghcr.io/voxpupuli/puppetserver:8.7.0-latest
8    hostname: puppet.home.lan
9    environment:
10      PUPPETSERVER_HOSTNAME: puppet.home.lan
11      PUPPETSERVER_PORT: 8140
12      PUPPETDB_HOSTNAME: puppetdb.home.lan
13      PUPPETDB_SSL_PORT: 8081
14      PUPPETDB_SERVER_URLS: "https://puppetdb.home.lan:8081"
15      USE_PUPPETDB: true
16      PUPPET_STORECONFIGS_BACKEND: puppetdb
17      PUPPET_STORECONFIGS: true
18      PUPPET_REPORTS: "puppetdb,store"
19      CA_ALLOW_SUBJECT_ALT_NAMES: true
20      AUTOSIGN: true
21    volumes:
22      - ./puppetserver-ssl:/etc/puppetlabs/puppet/ssl
23      - ./puppetserver-ca:/etc/puppetlabs/puppetserver/ca
24      - ./puppetserver:/opt/puppetlabs/server/data/puppetserver
25      - ./puppetserver-code:/etc/puppetlabs/code
26    ports:
27      - 8140:8140
28    restart: always
29
30  puppetdb:
31    image: ghcr.io/voxpupuli/puppetdb:8.8.1-latest
32    hostname: puppetdb.home.lan
33    environment:
34      USE_PUPPETSERVER: true
35      PUPPETSERVER_HOSTNAME: puppet.home.lan
36      PUPPETSERVER_PORT: 8140
37      PUPPETDB_SSL_PORT: 8081
38      PUPPETDB_POSTGRES_HOSTNAME: postgres.home.lan
39      PUPPETDB_POSTGRES_PORT: 5432
40      PUPPETDB_PASSWORD: puppetdb
41      PUPPETDB_USER: puppetdb
42      CERTNAME: puppetdb.home.lan
43      PUPPETDB_CERTIFICATE_ALLOWLIST: "puppet,puppet.home.lan,puppetdb,puppetdb.home.lan,puppetboard,puppetboard.home.lan"
44    volumes:
45      - ./puppetdb-ssl:/opt/puppetlabs/server/data/puppetdb/certs
46    ports:
47      - 8081:8081
48    depends_on:
49      postgres:
50        condition: service_healthy
51        restart: true
52      puppet:
53        condition: service_healthy
54        restart: true
55    restart: always
56
57  postgres:
58    image: docker.io/postgres:17-alpine
59    hostname: postgres.home.lan
60    environment:
61      POSTGRES_DB: puppetdb
62      POSTGRES_USER: puppetdb
63      POSTGRES_PASSWORD: puppetdb
64    healthcheck:
65      test: ["CMD-SHELL", "sh -c 'pg_isready -U puppetdb -d puppetdb'"]
66      interval: 10s
67      timeout: 3s
68      retries: 3
69    volumes:
70      - ./enable_pg_trgm.sql:/docker-entrypoint-initdb.d/enable_pg_trgm.sql
71      - ./postgres-data:/var/lib/postgresql/data
72    restart: always
73
74  puppetboard:
75    image: ghcr.io/voxpupuli/puppetboard
76    hostname: puppetboard.home.lan
77    ### entrypoint: ["/bin/sh", "-c", "sleep infinity"]
78    environment:
79      PUPPETDB_HOST: puppetdb.home.lan
80      PUPPETDB_PORT: 8081
81      PUPPETBOARD_PORT: 8080
82      ENABLE_CATALOG: true
83      PUPPETDB_SSL_VERIFY: /etc/puppetlabs/puppet/ssl/ca.pem
84      PUPPETDB_KEY: /etc/puppetlabs/puppet/ssl/puppetdb-key.pem
85      PUPPETDB_CERT: /etc/puppetlabs/puppet/ssl/puppetdb-cert.pem
86      SECRET_KEY: "495ed6e5e799015811d1d00bd424b464df1b9809dade7964b6e4dcf124d9e170"
87      DEFAULT_ENVIRONMENT: "*"
88    volumes:
89      - ./puppetboard-ssl:/etc/puppetlabs/puppet/ssl
90    ports:
91      - 8282:8080
92    restart: none
93
94networks:
95  default:
96    name: crafty-minimal