compose/compose.yml

# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
#
# Copyright (c) 2022 Axway Software SA and its affiliates. All rights reserved.
#
# Axway Transfer CFT Docker-compose example
#
# Building with:
# docker compose up -d

services:
  cft:
    # build: ../docker
    image: docker.repository.axway.com/transfercft-docker-prod/3.10/cft:3.10.2206
    hostname: docker0

    environment:
      ## Set parameter to yes if you accept the applicable General Terms and Conditions,
      ## located at https://www.axway.com/en/legal/contract-documents
      ACCEPT_GENERAL_CONDITIONS:   "NO"
      CFT_FQDN:                    cft
      CFT_INSTANCE_ID:             docker0_cft
      CFT_INSTANCE_GROUP:          dev.docker
      CFT_CATALOG_SIZE:            1000
      CFT_COM_SIZE:                1000
      CFT_KEY:                     "cat /run/secrets/cft.key"
      CFT_CFTDIRRUNTIME:           "/opt/axway/data/runtime"
      CFT_PESIT_PORT:              1761
      CFT_PESITSSL_PORT:           1762
      CFT_SFTP_PORT:               1763
      CFT_COMS_PORT:               1765
      CFT_COPILOT_PORT:            1766
      CFT_COPILOT_CG_PORT:         1767
      # Uncomment the next line to customize the external port used by Central Governance to connect to Transfer CFT UI server.
      #CFT_COPILOT_CG_PORT_EXPOSED: 1767
      CFT_RESTAPI_PORT:            1768
      CFT_CG_ENABLE:               "NO"
      CFT_CG_HOST:                 fm
      CFT_CG_PORT:                 8081
      CFT_CG_POLICY:               ""
      CFT_CG_PERIODICITY:          ""
      CFT_CG_AGENT_NAME:           ""
      # Uncomment the next line to customize the CG CA certificate.
      #USER_CG_CA_CERT:             "/run/secrets/cg_ca_cert.pem"
      # Uncomment the next line to customize the CG shared secret.
      #CFT_CG_SHARED_SECRET:        "cat /run/secrets/shared_secret"
      CFT_SENTINEL_ENABLE:          "NO"
      CFT_SENTINEL_HOST:            sentinel
      CFT_SENTINEL_PORT:            1305
      CFT_SENTINEL_SSL:             "NO"
      CFT_SENTINEL_LOG_FILTER:      EF
      CFT_SENTINEL_TRANSFER_FILTER: ALL
      # Uncomment the next line to customize the Sentinel CA certificate.
      #USER_SENTINEL_CA_CERT:       "/run/secrets/sentinel_ca_cert.pem"
      CFT_MULTINODE_ENABLE:        "NO"
      CFT_MULTINODE_NUMBER:        1
      CFT_JVM:                     1024
      # Uncomment from the next four lines, the ones needed for your Copilot server certificate format.
      # See also secrets sections.
      #USER_COPILOT_CERT:           "/run/secrets/copilot.p12"
      #USER_COPILOT_CERT_PASSWORD:  "cat /run/secrets/copilot_p12.pwd"
      #USER_COPILOT_KEY:            "/run/secrets/copilot.key.p8"
      #USER_COPILOT_KEY_PASSWORD:   "cat /run/secrets/copilot.key.pwd"
      # Uncomment the next two lines to create a XFBADM user. See also secrets sections.
      #USER_XFBADM_LOGIN:           "admin"
      #USER_XFBADM_PASSWORD:        "cat /run/secrets/xfbadm.pwd"
      # Interval in seconds between two checks of Passport access management updates.
      #CFT_AM_PASSPORT_PERSISTENCY_CHECK_INTERVAL: 60
      # Script executed at container initialization
      #USER_SCRIPT_INIT:            "/opt/app/custom/init.sh"
      # Script executed at each container start-up
      #USER_SCRIPT_START:           "/opt/app/custom/startup.sh"

    ports:
    # PESIT + PESITSSL:
    - "1761-1762:1761-1762"
    # SFTP:
    - "1763:1763"
    # CFT UI:
    - "1766:1766"
    # CG communication port: Only expose if CG not in the same network:
    - "1767:1767"
    # REST API:
    - "1768:1768"

    secrets:
    - cft.key
    # Uncomment this for specifying the Flow Manager/Central Governance CA certificate.
    #- cg_ca_cert.pem
    # Uncomment this for specifying the Flow Manager/Central Governance shared secret.
    #- shared_secret
    # Uncomment this for customizing the Sentinel CA certificate.
    #- sentinel_ca_cert.pem
    # Uncomment from the next four lines, the ones needed for your Copilot server certificate format.
    #- copilot.p12
    #- copilot_p12.pwd
    #- copilot.key.p8
    #- copilot.key.pwd
    # Uncomment this for customizing the default XFBADM user.
    #- xfbadm.pwd

    volumes:
    # Docker local volume where the runtime is stored
    - cft_data:/opt/axway/data
    # Localhost mapped volume where customization files are located.
    # Uncomment this for enabling customization.
    #- ./custom:/opt/app/custom:ro

secrets:
  cft.key:
    file: ./conf/license-key
  # File containig the CA certificate of Flow Manager or Central Governance.
  # Uncomment the next two lines to specify the CA certificate.
  #cg_ca_cert.pem:
  #    file: ./conf/cg_ca_cert.pem
  # File containig the shared secret to register to Flow Manager or Central Governance.
  # Uncomment the next two lines to specify the shared secret.
  #shared_secret:
  #    file: ./conf/shared_secret
  # File containig the CA certificate of Sentinel.
  # Uncomment the next two lines to specify the CA certificate.
  #sentinel_ca_cert.pem:
  #    file: ./conf/sentinel_ca_cert.pem
  # Files containig the Copilot server certificate and password.
  # Uncomment from the next eight lines, the ones needed for your Copilot server certificate format.
  #copilot.p12:
  #    file: ./conf/copilot.p12
  #copilot_p12.pwd:
  #    file: ./conf/copilot_p12.pwd
  #copilot.key.p8:
  #    file: ./conf/copilot.key.p8
  #copilot.key.pwd:
  #    file: ./conf/copilot.key.pwd
  # File containing the XFBADM user's password.
  # Uncomment the next two lines to customize the default XFBADM user.
  #xfbadm.pwd:
  #    file: ./conf/xfbadm.pwd

volumes:
  cft_data:
    driver: local