StackStorm
StackStorm (aka IFTTT for Ops) is event-driven automation for auto-remediation, security responses, troubleshooting, deployments, and more. Includes rules engine, workflow, 160 integration packs with 6000+ actions and ChatOps.
Directory Structure
- .env
- docker-compose.yml
docker-compose.yml
version: '3'
services:
st2web:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2web:${ST2_VERSION:-latest}
restart: on-failure
environment:
ST2_AUTH_URL: ${ST2_AUTH_URL:-http://st2auth:9100/}
ST2_API_URL: ${ST2_API_URL:-http://st2api:9101/}
ST2_STREAM_URL: ${ST2_STREAM_URL:-http://st2stream:9102/}
ST2WEB_HTTPS: ${ST2WEB_HTTPS:-0}
depends_on:
- st2auth
- st2api
- st2stream
healthcheck:
test: ["CMD", "/st2web-healthcheck.sh"]
interval: 30s
timeout: 1s
retries: 1
volumes:
- ./scripts/st2web-healthcheck.sh:/st2web-healthcheck.sh
# If you want to use a custom st2web config, edit ./files/config.js accordingly and
# uncomment the line below
#- ./files/config.js:/opt/stackstorm/static/webui/config.js:ro
ports:
- "${ST2_EXPOSE_HTTP:-127.0.0.1:80}:80"
# - "${ST2_EXPOSE_HTTPS:-127.0.0.1:443}:443"
# more work would be needed with certificate generate to make https work.
networks:
- private
- public
st2makesecrets:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2actionrunner:${ST2_VERSION:-latest}
restart: on-failure
networks:
- private
volumes:
- ./scripts/makesecrets.sh:/makesecrets.sh
- stackstorm-keys:/etc/st2/keys:rw
command: /makesecrets.sh
st2api:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2api:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- mongo
- rabbitmq
- redis
- st2makesecrets
networks:
- private
environment:
ST2_AUTH_URL: ${ST2_AUTH_URL:-http://st2auth:9100/}
ST2_API_URL: ${ST2_API_URL:-http://st2api:9101/}
ST2_STREAM_URL: ${ST2_STREAM_URL:-http://st2stream:9102/}
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
- stackstorm-keys:/etc/st2/keys:ro
- stackstorm-packs-configs:/opt/stackstorm/configs:rw
- stackstorm-packs:/opt/stackstorm/packs:rw
- ./files/rbac:/opt/stackstorm/rbac:rw
- ${ST2_PACKS_DEV:-./packs.dev}:/opt/stackstorm/packs.dev:rw
st2stream:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2stream:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
st2scheduler:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2scheduler:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- redis
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
st2workflowengine:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2workflowengine:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- redis
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
- stackstorm-keys:/etc/st2/keys:ro
st2auth:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2auth:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
- ./files/htpasswd:/etc/st2/htpasswd:ro
st2actionrunner:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2actionrunner:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- redis
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
- stackstorm-packs-configs:/opt/stackstorm/configs:rw
- stackstorm-packs:/opt/stackstorm/packs:rw
- ${ST2_PACKS_DEV:-./packs.dev}:/opt/stackstorm/packs.dev:rw
- stackstorm-virtualenvs:/opt/stackstorm/virtualenvs:rw
- stackstorm-ssh:/home/stanley/.ssh
# Action runner needs access to keys since action definitions (Jinja
# templates) can reference secrets
- stackstorm-keys:/etc/st2/keys:ro
st2garbagecollector:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2garbagecollector:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
st2notifier:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2notifier:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- redis
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
st2rulesengine:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2rulesengine:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
st2sensorcontainer:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2sensorcontainer:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
- stackstorm-virtualenvs:/opt/stackstorm/virtualenvs:ro
- stackstorm-packs:/opt/stackstorm/packs:ro
- stackstorm-packs-configs:/opt/stackstorm/configs:ro
- ${ST2_PACKS_DEV:-./packs.dev}:/opt/stackstorm/packs.dev:ro
st2timersengine:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2timersengine:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2api
networks:
- private
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
st2client:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2actionrunner:${ST2_VERSION:-latest}
restart: on-failure
depends_on:
- st2auth
- st2api
- st2stream
command: /st2client-startup.sh
networks:
- private
environment:
ST2CLIENT: 1
ST2_AUTH_URL: ${ST2_AUTH_URL:-http://st2auth:9100/}
ST2_API_URL: ${ST2_API_URL:-http://st2api:9101/}
ST2_STREAM_URL: ${ST2_STREAM_URL:-http://st2stream:9102/}
TZ: ${TZ:-UTC}
volumes:
- ./files/st2.docker.conf:/etc/st2/st2.docker.conf:ro
- ./files/st2.user.conf:/etc/st2/st2.user.conf:ro
# Technically, client container doesn't need or should have access to the
# keys in prod setup, but here we make it available to end user for
# testing and transparency reasons since this setup is primarily mean to
# be used for testing and development.
- stackstorm-keys:/etc/st2/keys:ro
- stackstorm-packs-configs:/opt/stackstorm/configs:rw
- stackstorm-packs:/opt/stackstorm/packs:rw
- ./files/rbac:/opt/stackstorm/rbac:rw
- ${ST2_PACKS_DEV:-./packs.dev}:/opt/stackstorm/packs.dev:rw
- ./files/st2-cli.conf:/root/.st2/config
- ./scripts/st2client-startup.sh:/st2client-startup.sh
st2chatops:
image: ${ST2_IMAGE_REPO:-stackstorm/}st2chatops:${ST2_VERSION:-latest}
restart: on-failure:5
depends_on:
- st2api
- st2auth
- st2stream
command: /st2chatops-startup.sh
networks:
- private
environment:
ST2_AUTH_URL: ${ST2_AUTH_URL:-http://st2auth:9100/}
ST2_API_URL: ${ST2_API_URL:-http://st2api:9101/}
ST2_STREAM_URL: ${ST2_STREAM_URL:-http://st2stream:9102/}
ST2_API_KEY: ${ST2_API_KEY:-change-to-your-st2-api-key}
TZ: ${TZ:-UTC}
# enable chatops by setting this variable to any non-zero value
# and enable/set your hubot adapter specific variables below
ST2_CHATOPS_ENABLE: ${ST2_CHATOPS_ENABLE:-0}
# Custom hubot adapter ENV variables to pass through which will override st2chatops.env defaults.
# See https://github.com/StackStorm/st2chatops/blob/master/st2chatops.env
# for the full list of supported adapters and example ENV variables.
HUBOT_ADAPTER: ${HUBOT_ADAPTER:-slack}
HUBOT_LOG_LEVEL: ${HUBOT_LOG_LEVEL:-debug}
HUBOT_SLACK_TOKEN: ${HUBOT_SLACK_TOKEN:-}
volumes:
- ./scripts/st2chatops-startup.sh:/st2chatops-startup.sh
# external services
mongo:
image: mongo:4.4
restart: on-failure
networks:
- private
volumes:
- stackstorm-mongodb:/data/db
rabbitmq:
image: rabbitmq:3.12
restart: on-failure
networks:
- private
volumes:
- stackstorm-rabbitmq:/var/lib/rabbitmq
redis:
image: redis:7.2
restart: on-failure
networks:
- private
volumes:
- stackstorm-redis:/data
volumes:
stackstorm-mongodb:
stackstorm-rabbitmq:
stackstorm-redis:
stackstorm-packs:
stackstorm-packs-configs:
stackstorm-keys:
stackstorm-virtualenvs:
stackstorm-ssh:
networks:
public:
driver: bridge
private:
driver: bridgeResources
Website: https://stackstorm.com/
GitHub: https://github.com/StackStorm/st2
Docker Hub: https://hub.docker.com/u/stackstorm
Configuration: https://github.com/stackstorm/st2-docker