version: '2'
services:
  # MongoDB: https://hub.docker.com/_/mongo/
  mongodb:
    image: mongo:3
    volumes:
      - mongo_data:/data/db
  # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.x/docker.html
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.4
    mem_limit: 4g
    restart: always
    volumes:
      - es_data:/usr/share/elasticsearch/data
    environment:
      - http.host=0.0.0.0
      - transport.host=0.0.0.0
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
      - ES_HEAP_SIZE=2g
    ulimits:
      memlock:
        soft: -1
        hard: -1
    ports:
      - 9200:9200
  # Graylog: https://hub.docker.com/r/graylog/graylog/
  graylog:
    image: graylog/graylog:3.1
    volumes:
      - graylog_journal:/usr/share/graylog/data/journal
      - ./service-names-port-numbers.csv:/etc/graylog/server/service-names-port-numbers.csv
      - ./GeoLite2-City.mmdb:/etc/graylog/server/GeoLite2-City.mmdb
    environment:
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepperzzz
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
      - GRAYLOG_HTTP_EXTERNAL_URI=http://localhost:9000/
      - GRAYLOG_TIMEZONE=Europe/Berlin
    links:
      - mongodb:mongo
      - elasticsearch
    depends_on:
      - mongodb
      - elasticsearch
    ports:
      # Netflow
      - 2055:2055/udp
      # Syslog Feed
      - 5442:5442/udp
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
  # Kibana : https://www.elastic.co/guide/en/kibana/6.8/index.html
  kibana:
    image: docker.elastic.co/kibana/kibana-oss:6.8.4
    #    volumes:
    #  - ./kibana.yml:/usr/share/kibana/config/kibana.yml
    environment:
      - ELASTICSEARCH_URL=http://elasticsearch:9200
    depends_on:
      - elasticsearch
    ports:
      - 5601:5601
  cerebro:
    image: lmenezes/cerebro
    ports:
      - 9001:9000
    links:
      - elasticsearch
    depends_on:
      - elasticsearch

  influxdb:
    image: "influxdb:latest"
    environment:
      - INFLUXDB_DB="ndpi"
    ports:
      - "8086:8086"
    volumes:
      - influxdb:/var/lib/influxdb
  grafana:
    image: grafana/grafana:latest
    ports:
      - "3000:3000"
    volumes:
      - grafana:/var/lib/grafana
      - ./provisioning/:/etc/grafana/provisioning
    links:
      - elasticsearch
      - influxdb
    depends_on:
      - elasticsearch
      - influxdb

# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
  mongo_data:
    driver: local
  es_data:
    driver: local
  graylog_journal:
    driver: local
  grafana:
    driver: local
  influxdb:
    driver: local