# Docker Deployment `docker-compose.yml` file: ``` # Copyright 2023 Darkseal - GuinsooLab # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. version: "3.9" volumes: ingestion-volume-dag-airflow: ingestion-volume-dags: ingestion-volume-tmp: services: mysql: image: guinsoolab/darkseal-mysql:0.11.4.1 container_name: darkseal_mysql restart: always depends_on: - elasticsearch environment: MYSQL_ROOT_PASSWORD: password expose: - 3306 ports: - 3306:3306 networks: local_app_net: ipv4_address: 172.16.239.10 elasticsearch: image: guinsoolab/darkseal-elasticsearch:0.11.4.1 container_name: darkseal_elasticsearch environment: - discovery.type=single-node - ES_JAVA_OPTS=-Xms1024m -Xmx1024m networks: local_app_net: ipv4_address: 172.16.239.11 expose: - 9200 - 9300 ports: - 9200:9200 - 9300:9300 darkseal-server: image: guinsoolab/darkseal-server:0.11.4.1 container_name: darkseal_server environment: ELASTICSEARCH_HOST: elasticsearch # Darkseal Server Authentication Configuration AUTHORIZER_CLASS_NAME: ${AUTHORIZER_CLASS_NAME:-org.openmetadata.catalog.security.NoopAuthorizer} AUTHORIZER_REQUEST_FILTER: ${AUTHORIZER_REQUEST_FILTER:-org.openmetadata.catalog.security.NoopFilter} AUTHORIZER_ADMIN_PRINCIPALS: ${AUTHORIZER_ADMIN_PRINCIPALS:-[admin]} AUTHORIZER_INGESTION_PRINCIPALS: ${AUTHORIZER_INGESTION_PRINCIPALS:-[ingestion-bot]} AUTHORIZER_PRINCIPAL_DOMAIN: ${AUTHORIZER_PRINCIPAL_DOMAIN:-""} AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN: ${AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN:-false} AUTHORIZER_ENABLE_SECURE_SOCKET: ${AUTHORIZER_ENABLE_SECURE_SOCKET:-false} AUTHENTICATION_PROVIDER: ${AUTHENTICATION_PROVIDER:-no-auth} CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""} AUTHENTICATION_PUBLIC_KEYS: ${AUTHENTICATION_PUBLIC_KEYS:-[https://www.googleapis.com/oauth2/v3/certs]} AUTHENTICATION_AUTHORITY: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com} AUTHENTICATION_CLIENT_ID: ${AUTHENTICATION_CLIENT_ID:-""} AUTHENTICATION_CALLBACK_URL: ${AUTHENTICATION_CALLBACK_URL:-""} AUTHENTICATION_JWT_PRINCIPAL_CLAIMS: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS:-[email,preferred_username,sub]} # Darkseal Server Airflow Configuration AIRFLOW_HOST: ${AIRFLOW_HOST:-http://ingestion:8080} SERVER_HOST_API_URL: ${SERVER_HOST_API_URL:-http://localhost:8585/api} # Darkseal Airflow Azure SSO Configuration AIRFLOW_AUTH_PROVIDER: ${AIRFLOW_AUTH_PROVIDER:-no-auth} OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET: ${OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET:-""} OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL: ${OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL:-""} OM_AUTH_AIRFLOW_AZURE_SCOPES: ${OM_AUTH_AIRFLOW_AZURE_SCOPES:-[]} OM_AUTH_AIRFLOW_AZURE_CLIENT_ID: ${OM_AUTH_AIRFLOW_AZURE_CLIENT_ID:-""} # Darkseal Airflow Google SSO Configuration OM_AUTH_AIRFLOW_GOOGLE_SECRET_KEY_PATH: ${OM_AUTH_AIRFLOW_GOOGLE_SECRET_KEY_PATH:- ""} OM_AUTH_AIRFLOW_GOOGLE_AUDIENCE: ${OM_AUTH_AIRFLOW_GOOGLE_AUDIENCE:-"https://www.googleapis.com/oauth2/v4/token"} # Darkseal Airflow Okta SSO Configuration OM_AUTH_AIRFLOW_OKTA_CLIENT_ID: ${OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""} OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL: ${OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""} OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY: ${OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""} OM_AUTH_AIRFLOW_OKTA_SA_EMAIL: ${OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""} OM_AUTH_AIRFLOW_OKTA_SCOPES: ${OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]} # Darkseal Airflow Auth0 SSO Configuration OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID: ${OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID:-""} OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET: ${OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET:-""} OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL: ${OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL:-""} # Darkseal Airflow Custom OIDC SSO Configuration OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID: ${OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID:-""} OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY: ${OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY:-""} OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL: ${OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL:-""} expose: - 8585 - 8586 - 9200 - 9300 - 3306 ports: - 8585:8585 - 8586:8586 depends_on: - elasticsearch - mysql - ingestion networks: local_app_net: ipv4_address: 172.16.239.13 extra_hosts: - "localhost:172.16.239.10" - "elasticsearch:172.16.239.11" ingestion: image: guinsoolab/darkseal-ingestion:0.11.4.1 container_name: darkseal_ingestion depends_on: - mysql - elasticsearch expose: - 8080 ports: - 8080:8080 networks: - local_app_net extra_hosts: - "localhost:172.16.239.10" - "localhost:172.16.239.11" - "localhost:172.16.239.13" volumes: - /var/run/docker.sock:/var/run/docker.sock - ingestion-volume-dag-airflow:/airflow/dag_generated_configs - ingestion-volume-dags:/airflow/dags - ingestion-volume-tmp:/tmp networks: local_app_net: name: ometa_network ipam: driver: default config: - subnet: "172.16.239.0/24" ``` Just run as follow: ```bash # wget https://raw.githubusercontent.com/GuinsooLab/darkseal/master/docker-compose.yml docker compose up -d ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ciusji.gitbook.io/darkseal/deployment/docker-deployment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.