version: '3.8' services: tor: container_name: tor image: lncm/tor:0.4.6.8@sha256:c262923ffd0bd224a4a4123cf1c88eea11e2314566b7b7e8a1f77969deeb0208 user: toruser restart: on-failure volumes: - ${PWD}/tor/torrc-core:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ ports: - 127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT networks: default: ipv4_address: $TOR_PROXY_IP app-tor: container_name: app-tor image: lncm/tor:0.4.6.8@sha256:c262923ffd0bd224a4a4123cf1c88eea11e2314566b7b7e8a1f77969deeb0208 user: toruser restart: on-failure volumes: - ${PWD}/tor/torrc-apps:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ networks: default: ipv4_address: $APPS_TOR_IP app-2-tor: container_name: app-2-tor image: lncm/tor:0.4.6.8@sha256:c262923ffd0bd224a4a4123cf1c88eea11e2314566b7b7e8a1f77969deeb0208 user: toruser restart: on-failure volumes: - ${PWD}/tor/torrc-apps-2:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ networks: default: ipv4_address: $APPS_2_TOR_IP app-3-tor: container_name: app-3-tor image: lncm/tor:0.4.6.8@sha256:c262923ffd0bd224a4a4123cf1c88eea11e2314566b7b7e8a1f77969deeb0208 user: toruser restart: on-failure volumes: - ${PWD}/tor/torrc-apps-3:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ networks: default: ipv4_address: $APPS_3_TOR_IP nginx: container_name: nginx image: nginx:1.21.3@sha256:644a70516a26004c97d0d85c7fe1d0c3a67ea8ab7ddf4aff193d9f301670cf36 depends_on: - dashboard - manager volumes: - ${PWD}/nginx:/etc/nginx restart: on-failure stop_grace_period: 30s ports: - ${NGINX_PORT}:80 - 433:433 - 443:443 networks: default: ipv4_address: $NGINX_IP bitcoin: container_name: bitcoin image: nolim1t/bitcoinknots:v22.0.knots20211108@sha256:a475da2b2ecda55fcc65ea23e1a36c58b2c10549f1c3d3bb3c31c7dda1127354 depends_on: - tor - manager - nginx init: true volumes: - ${PWD}/bitcoin:/data/.bitcoin restart: on-failure stop_grace_period: 1m ports: - $BITCOIN_P2P_PORT:$BITCOIN_P2P_PORT networks: default: ipv4_address: $BITCOIN_IP lnd: container_name: lnd image: lightninglabs/lnd:v0.14.1-beta@sha256:810f290f4da51adaf57d53bc1f1e65b52b03c543f322da0b98fb8c47be94a27a user: 1000:1000 depends_on: - tor - manager - bitcoin volumes: - ${PWD}/lnd:/data/.lnd - ${PWD}/walletpassword:/walletpassword environment: HOME: /data restart: on-failure stop_grace_period: 5m30s ports: - 9735:9735 - $LND_REST_PORT:$LND_REST_PORT - $LND_GRPC_PORT:$LND_GRPC_PORT networks: default: ipv4_address: $LND_IP dashboard: container_name: dashboard image: ghcr.io/runcitadel/dashboard:main@sha256:92c4a5c79cb87d4a8710cbecce0c84330d443348ec867898fe070c053d7e3785 restart: on-failure stop_grace_period: 1m30s networks: default: ipv4_address: $DASHBOARD_IP manager: container_name: manager image: ghcr.io/runcitadel/manager:main@sha256:03175b59b8465b0e570e5082028281eb8d77edf27309bf604d7a0a9e2825aee1 depends_on: - tor - redis restart: on-failure init: true stop_grace_period: 5m30s volumes: - ${PWD}:${PWD} - ${PWD}/info.json:/info.json - ${PWD}/db:/db - ${PWD}/events/signals:/signals - ${PWD}/apps:/apps - ${PWD}/lnd:/lnd:ro - ${PWD}/statuses:/statuses - ${PWD}/tor/data:/var/lib/tor/ - /var/run/docker.sock:/var/run/docker.sock - ${DOCKER_BINARY:-/usr/bin/docker}:/usr/bin/docker - jwt-public-key:/jwt-public-key - jwt-private-key:/jwt-private-key environment: PORT: '3006' USER_PASSWORD_FILE: /db/user.json JWT_PUBLIC_KEY_FILE: /jwt-public-key/jwt.pem JWT_PRIVATE_KEY_FILE: /jwt-private-key/jwt.key JWT_EXPIRATION: '3600' DOCKER_COMPOSE_DIRECTORY: $PWD DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://citadel.local"} DEVICE_HOSTNAME: ${DEVICE_HOSTNAME:-""} MIDDLEWARE_API_URL: http://$MIDDLEWARE_IP SEED_FILE: /db/citadel-seed/seed DASHBOARD_HIDDEN_SERVICE_FILE: /var/lib/tor/web/hostname BITCOIN_P2P_HIDDEN_SERVICE_FILE: /var/lib/tor/bitcoin-p2p/hostname BITCOIN_P2P_PORT: $BITCOIN_P2P_PORT BITCOIN_RPC_HIDDEN_SERVICE_FILE: /var/lib/tor/bitcoin-rpc/hostname BITCOIN_RPC_PORT: $BITCOIN_RPC_PORT BITCOIN_RPC_USER: $BITCOIN_RPC_USER BITCOIN_RPC_PASSWORD: $BITCOIN_RPC_PASS LND_REST_HIDDEN_SERVICE_FILE: /var/lib/tor/lnd-rest/hostname LND_GRPC_HIDDEN_SERVICE_FILE: /var/lib/tor/lnd-grpc/hostname LND_CERT_FILE: /lnd/tls.cert LND_ADMIN_MACAROON_FILE: /lnd/data/chain/bitcoin/${BITCOIN_NETWORK}/admin.macaroon SHUTDOWN_SIGNAL_FILE: /signals/shutdown REBOOT_SIGNAL_FILE: /signals/reboot GITHUB_REPO: runcitadel/core GITHUB_BRANCH: ${UPDATE_CHANNEL:-"main"} VERSION_FILE: /info.json UPDATE_STATUS_FILE: /statuses/update-status.json UPDATE_SIGNAL_FILE: /signals/update UPDATE_LOCK_FILE: /statuses/update-in-progress BACKUP_STATUS_FILE: /statuses/backup-status.json DEBUG_STATUS_FILE: /statuses/debug-status.json TOR_PROXY_IP: ${TOR_PROXY_IP} TOR_PROXY_PORT: ${TOR_PROXY_PORT} TOR_HIDDEN_SERVICE_DIR: /var/lib/tor IS_CITADEL_OS: ${IS_CITADEL_OS:-"true"} REDIS_PASSWORD: freedom REDIS_IP: $REDIS_IP REDIS_PORT: 6379 UNSAFE_REMOVE_CORS_CHECK: true networks: default: ipv4_address: $MANAGER_IP middleware: container_name: middleware image: ghcr.io/runcitadel/middleware:main@sha256:488daefc3eb26e53272107ae6a3045c16fa1138a9d277d92a67f18821df00a7e depends_on: - manager - bitcoin - lnd - redis command: - ./wait-for-node-manager.sh - $MANAGER_IP - npm - start restart: on-failure volumes: - ${PWD}/lnd:/lnd - jwt-public-key:/jwt-public-key environment: PORT: '3005' BITCOIN_HOST: $BITCOIN_IP RPC_PORT: $BITCOIN_RPC_PORT RPC_USER: $BITCOIN_RPC_USER RPC_PASSWORD: $BITCOIN_RPC_PASS LND_NETWORK: $BITCOIN_NETWORK LND_HOST: ${LND_IP} JWT_PUBLIC_KEY_FILE: /jwt-public-key/jwt.pem DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://citadel.local"} UNSAFE_REMOVE_CORS_CHECK: true networks: default: ipv4_address: $MIDDLEWARE_IP neutrino-switcher: container_name: neutrino-switcher image: lncm/neutrino-switcher:1.0.5@sha256:3ddf58c5599ba22db8414f2694bfeeba086455d4a19b4955b26c3ae5e967d42a depends_on: - bitcoin - lnd restart: on-failure volumes: - ${PWD}/lnd:/lnd - ${PWD}/statuses:/statuses - /var/run/docker.sock:/var/run/docker.sock environment: JSONRPCURL: http://${BITCOIN_IP}:${BITCOIN_RPC_PORT} RPCUSER: $BITCOIN_RPC_USER RPCPASS: $BITCOIN_RPC_PASS LND_CONTAINER_NAME: lnd SLEEPTIME: 3600 networks: default: ipv4_address: $NEUTRINO_SWITCHER_IP electrs: container_name: electrs image: ghcr.io/runcitadel/electrs:v0.9.4@sha256:e216736fa26ef8c8b9e9a0a1fb7bc759546f1a0b74ef5ef3022470495e68f3a1 working_dir: /data volumes: - ${PWD}/bitcoin:/bitcoin:ro - ${PWD}/electrs:/data restart: on-failure stop_grace_period: 5m ports: - $ELECTRUM_PORT:$ELECTRUM_PORT networks: default: ipv4_address: $ELECTRUM_IP redis: container_name: redis image: redis:6.2@sha256:a89cb097693dd354de598d279c304a1c73ee550fbfff6d9ee515568e0c749cfe working_dir: /data volumes: - ${PWD}/redis:/data command: redis-server --requirepass freedom restart: on-failure stop_grace_period: 1m init: true networks: default: ipv4_address: $REDIS_IP networks: default: name: citadel_main_network ipam: driver: default config: - subnet: $NETWORK_IP/24 volumes: jwt-public-key: null jwt-private-key: null