# ============================================================================= # STELLA OPS - THIRD-PARTY INTEGRATION SERVICES # ============================================================================= # Real 3rd-party services for local integration testing. # These are NOT mocks — they are fully functional instances. # # Prerequisites: # The main stellaops network must exist (started via docker-compose.stella-ops.yml). # # Usage: # # Start all integration services # docker compose -f devops/compose/docker-compose.integrations.yml up -d # # # Start specific services only # docker compose -f devops/compose/docker-compose.integrations.yml up -d gitea jenkins vault # # # Start integration services + mock fixtures together # docker compose \ # -f devops/compose/docker-compose.integrations.yml \ # -f devops/compose/docker-compose.integration-fixtures.yml \ # up -d # # Hosts file entries (add to C:\Windows\System32\drivers\etc\hosts): # 127.1.2.1 gitea.stella-ops.local # 127.1.2.2 jenkins.stella-ops.local # 127.1.2.3 nexus.stella-ops.local # 127.1.2.4 vault.stella-ops.local # 127.1.2.5 registry.stella-ops.local # 127.1.2.6 minio.stella-ops.local # 127.1.2.7 gitlab.stella-ops.local # # Default credentials (all services): # See the environment variables below or docs/integrations/LOCAL_SERVICES.md # ============================================================================= networks: stellaops: external: true name: stellaops volumes: gitea-data: name: stellaops-gitea-data gitea-db: name: stellaops-gitea-db jenkins-data: name: stellaops-jenkins-data nexus-data: name: stellaops-nexus-data vault-data: name: stellaops-vault-data registry-data: name: stellaops-registry-data minio-data: name: stellaops-minio-data gitlab-config: name: stellaops-gitlab-config gitlab-data: name: stellaops-gitlab-data gitlab-logs: name: stellaops-gitlab-logs services: # =========================================================================== # GITEA — Lightweight Git SCM + CI (Gitea Actions) # =========================================================================== # Integration type: SCM (Gitea provider) # URL: http://gitea.stella-ops.local:3000 # Admin: stellaops / Stella2026! # API: http://gitea.stella-ops.local:3000/api/v1 # =========================================================================== gitea: image: gitea/gitea:1.22-rootless container_name: stellaops-gitea restart: unless-stopped ports: - "127.1.2.1:3000:3000" - "127.1.2.1:2222:2222" environment: - GITEA__database__DB_TYPE=sqlite3 - GITEA__server__ROOT_URL=http://gitea.stella-ops.local:3000 - GITEA__server__DOMAIN=gitea.stella-ops.local - GITEA__server__HTTP_PORT=3000 - GITEA__server__SSH_PORT=2222 - GITEA__server__SSH_DOMAIN=gitea.stella-ops.local - GITEA__service__DISABLE_REGISTRATION=false - GITEA__service__REQUIRE_SIGNIN_VIEW=false - GITEA__actions__ENABLED=true - GITEA__api__ENABLE_SWAGGER=true - GITEA__security__INSTALL_LOCK=true - GITEA__security__SECRET_KEY=stellaops-dev-secret-key-2026 - GITEA__security__INTERNAL_TOKEN=stellaops-internal-token-2026-dev volumes: - gitea-data:/var/lib/gitea - gitea-db:/var/lib/gitea/db networks: stellaops: aliases: - gitea.stella-ops.local healthcheck: test: ["CMD-SHELL", "wget -qO- http://localhost:3000/api/v1/version || exit 1"] interval: 30s timeout: 10s retries: 5 start_period: 30s labels: com.stellaops.integration: "scm" com.stellaops.provider: "gitea" com.stellaops.profile: "integrations" # =========================================================================== # JENKINS — CI/CD Pipeline Server # =========================================================================== # Integration type: CI/CD (Jenkins provider) # URL: http://jenkins.stella-ops.local:8080 # Admin: admin / Stella2026! # API: http://jenkins.stella-ops.local:8080/api/json # =========================================================================== jenkins: image: jenkins/jenkins:lts-jdk21 container_name: stellaops-jenkins restart: unless-stopped ports: - "127.1.2.2:8080:8080" - "127.1.2.2:50000:50000" environment: - JENKINS_OPTS=--prefix=/ - JAVA_OPTS=-Djenkins.install.runSetupWizard=false -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true volumes: - jenkins-data:/var/jenkins_home networks: stellaops: aliases: - jenkins.stella-ops.local healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:8080/api/json || exit 1"] interval: 30s timeout: 10s retries: 5 start_period: 120s labels: com.stellaops.integration: "ci-cd" com.stellaops.provider: "jenkins" com.stellaops.profile: "integrations" # =========================================================================== # NEXUS — Repository Manager (Docker Registry + npm/Maven/NuGet/PyPI) # =========================================================================== # Integration type: Registry (Nexus provider) # URL: http://nexus.stella-ops.local:8081 # Admin: admin / (initial password in /nexus-data/admin.password) # Docker registry: nexus.stella-ops.local:8082 (hosted) # Docker proxy: nexus.stella-ops.local:8083 (Docker Hub proxy) # =========================================================================== nexus: image: sonatype/nexus3:3.75.0 container_name: stellaops-nexus restart: unless-stopped ports: - "127.1.2.3:8081:8081" # Nexus UI + API - "127.1.2.3:8082:8082" # Docker hosted registry - "127.1.2.3:8083:8083" # Docker proxy registry environment: - INSTALL4J_ADD_VM_PARAMS=-Xms512m -Xmx1g -XX:MaxDirectMemorySize=512m volumes: - nexus-data:/nexus-data networks: stellaops: aliases: - nexus.stella-ops.local healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:8081/service/rest/v1/status || exit 1"] interval: 30s timeout: 10s retries: 10 start_period: 120s labels: com.stellaops.integration: "registry" com.stellaops.provider: "nexus" com.stellaops.profile: "integrations" # =========================================================================== # HASHICORP VAULT — Secrets Management # =========================================================================== # Integration type: Secrets (Vault provider) # URL: http://vault.stella-ops.local:8200 # Root token: stellaops-dev-root-token-2026 # API: http://vault.stella-ops.local:8200/v1/sys/health # =========================================================================== vault: image: hashicorp/vault:1.18 container_name: stellaops-vault restart: unless-stopped ports: - "127.1.2.4:8200:8200" environment: - VAULT_DEV_ROOT_TOKEN_ID=stellaops-dev-root-token-2026 - VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200 - VAULT_ADDR=http://127.0.0.1:8200 - VAULT_API_ADDR=http://vault.stella-ops.local:8200 cap_add: - IPC_LOCK volumes: - vault-data:/vault/data networks: stellaops: aliases: - vault.stella-ops.local healthcheck: test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:8200/v1/sys/health || exit 1"] interval: 15s timeout: 5s retries: 5 start_period: 10s labels: com.stellaops.integration: "secrets" com.stellaops.provider: "vault" com.stellaops.profile: "integrations" # =========================================================================== # DOCKER REGISTRY — OCI Distribution Registry v2 # =========================================================================== # Integration type: Registry (Docker Hub / generic OCI) # URL: http://registry.stella-ops.local:5000 # API: http://registry.stella-ops.local:5000/v2/ # No auth (dev mode) — push/pull freely # =========================================================================== docker-registry: image: registry:2.8 container_name: stellaops-docker-registry restart: unless-stopped ports: - "127.1.2.5:5000:5000" environment: - REGISTRY_STORAGE_DELETE_ENABLED=true - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin=['*'] - REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods=['HEAD','GET','OPTIONS','DELETE'] volumes: - registry-data:/var/lib/registry networks: stellaops: aliases: - oci-registry.stella-ops.local - docker-registry.stella-ops.local healthcheck: test: ["CMD-SHELL", "wget -qO- http://127.0.0.1:5000/v2/ || exit 1"] interval: 15s timeout: 5s retries: 5 start_period: 5s labels: com.stellaops.integration: "registry" com.stellaops.provider: "docker-registry" com.stellaops.profile: "integrations" # =========================================================================== # MINIO — S3-compatible Object Storage # =========================================================================== # Integration type: Storage / Evidence / Airgap bundles # Console: http://minio.stella-ops.local:9001 # API: http://minio.stella-ops.local:9000 # Access key: stellaops # Secret key: Stella2026! # =========================================================================== minio: image: minio/minio:RELEASE.2025-02-28T09-55-16Z container_name: stellaops-minio restart: unless-stopped ports: - "127.1.2.6:9000:9000" # S3 API - "127.1.2.6:9001:9001" # Console UI environment: - MINIO_ROOT_USER=stellaops - MINIO_ROOT_PASSWORD=Stella2026! - MINIO_BROWSER_REDIRECT_URL=http://minio.stella-ops.local:9001 command: server /data --console-address ":9001" volumes: - minio-data:/data networks: stellaops: aliases: - minio.stella-ops.local healthcheck: test: ["CMD-SHELL", "mc ready local || exit 1"] interval: 15s timeout: 5s retries: 5 start_period: 10s labels: com.stellaops.integration: "storage" com.stellaops.provider: "s3" com.stellaops.profile: "integrations" # =========================================================================== # GITLAB CE — Full Git SCM + CI/CD + Container Registry (optional, heavy) # =========================================================================== # Integration type: SCM (GitLab provider) + CI/CD (GitLab CI) + Registry # URL: http://gitlab.stella-ops.local:8929 # Admin: root / Stella2026! # Container Registry: gitlab.stella-ops.local:5050 # Requires: ~4 GB RAM, ~2 min startup # # Profile: heavy — only start when explicitly requested: # docker compose -f docker-compose.integrations.yml up -d gitlab # =========================================================================== gitlab: image: gitlab/gitlab-ce:17.8.1-ce.0 container_name: stellaops-gitlab restart: unless-stopped ports: - "127.1.2.7:8929:8929" # HTTP - "127.1.2.7:2224:22" # SSH - "127.1.2.7:5050:5050" # Container Registry environment: GITLAB_OMNIBUS_CONFIG: | external_url 'http://gitlab.stella-ops.local:8929' gitlab_rails['initial_root_password'] = 'Stella2026!' gitlab_rails['gitlab_shell_ssh_port'] = 2224 registry_external_url 'http://gitlab.stella-ops.local:5050' registry['enable'] = true prometheus_monitoring['enable'] = false sidekiq['max_concurrency'] = 5 puma['workers'] = 2 puma['min_threads'] = 1 puma['max_threads'] = 2 postgresql['shared_buffers'] = '128MB' gitlab_rails['env'] = { 'MALLOC_CONF' => 'dirty_decay_ms:1000,muzzy_decay_ms:1000' } volumes: - gitlab-config:/etc/gitlab - gitlab-logs:/var/log/gitlab - gitlab-data:/var/opt/gitlab networks: stellaops: aliases: - gitlab.stella-ops.local healthcheck: test: ["CMD-SHELL", "curl -sf http://localhost:8929/-/readiness || exit 1"] interval: 60s timeout: 30s retries: 10 start_period: 300s labels: com.stellaops.integration: "scm,ci-cd,registry" com.stellaops.provider: "gitlab" com.stellaops.profile: "integrations-heavy" profiles: - heavy