-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.vps-gateway.yml
More file actions
38 lines (37 loc) · 2.09 KB
/
docker-compose.vps-gateway.yml
File metadata and controls
38 lines (37 loc) · 2.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
services:
vps-gateway:
image: ${VPS_GATEWAY_IMAGE:-ghcr.io/obiente/cloud-vps-gateway:latest}
container_name: vps-gateway
restart: unless-stopped
network_mode: host # Required for DHCP and network access
privileged: true # Required for dnsmasq and network management
environment:
# Gateway Server Configuration (forward connection pattern)
GATEWAY_GRPC_PORT: ${GATEWAY_GRPC_PORT:-1537} # gRPC server port (1537 = OCG - Obiente Cloud Gateway)
GATEWAY_API_SECRET: ${GATEWAY_API_SECRET:-} # Must match VPS_GATEWAY_API_SECRET in API service
GATEWAY_PUBLIC_IP: ${GATEWAY_PUBLIC_IP:-} # Public IP for DNAT configuration (optional)
# DHCP Configuration
GATEWAY_DHCP_POOL_START: ${GATEWAY_DHCP_POOL_START:-10.15.3.20}
GATEWAY_DHCP_POOL_END: ${GATEWAY_DHCP_POOL_END:-10.15.3.254}
GATEWAY_DHCP_SUBNET: ${GATEWAY_DHCP_SUBNET:-10.15.3.0}
GATEWAY_DHCP_SUBNET_MASK: ${GATEWAY_DHCP_SUBNET_MASK:-255.255.255.0}
GATEWAY_DHCP_GATEWAY: ${GATEWAY_DHCP_GATEWAY:-10.15.3.1}
GATEWAY_DHCP_DNS: ${GATEWAY_DHCP_DNS:-1.1.1.1,1.0.0.1}
GATEWAY_DHCP_INTERFACE: ${GATEWAY_DHCP_INTERFACE:-eth0} # Interface inside container (connected to OCvpsnet bridge on host). Default: eth0
GATEWAY_DHCP_LISTEN_IP: ${GATEWAY_DHCP_LISTEN_IP:-} # Optional: IP to listen on (for multi-node). Defaults to GATEWAY_DHCP_GATEWAY if not set
# Outbound IP Configuration (optional)
# If set, gateway will automatically configure iptables SNAT rules
# Allows isolation of VPS traffic from other infrastructure
# Each node's gateway can have a different outbound IP
GATEWAY_OUTBOUND_IP: ${GATEWAY_OUTBOUND_IP:-} # Optional: IP address for outbound SNAT
GATEWAY_OUTBOUND_INTERFACE: ${GATEWAY_OUTBOUND_INTERFACE:-} # Optional: outbound interface (auto-detected if not set)
# Logging
LOG_LEVEL: ${LOG_LEVEL:-info}
volumes:
- /var/lib/obiente/vps-gateway:/var/lib/obiente/vps-gateway
healthcheck:
test: ["CMD-SHELL", "pgrep -f vps-gateway || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s