git.stella-ops.org/deploy/compose/docker-compose.telemetry.yaml

version: "3.9"

services:
  otel-collector:
    image: otel/opentelemetry-collector:0.105.0
    container_name: stellaops-otel-collector
    command:
      - "--config=/etc/otel-collector/config.yaml"
    environment:
      STELLAOPS_OTEL_TLS_CERT: /etc/otel-collector/tls/collector.crt
      STELLAOPS_OTEL_TLS_KEY: /etc/otel-collector/tls/collector.key
      STELLAOPS_OTEL_TLS_CA: /etc/otel-collector/tls/ca.crt
      STELLAOPS_OTEL_PROMETHEUS_ENDPOINT: 0.0.0.0:9464
      STELLAOPS_OTEL_REQUIRE_CLIENT_CERT: "true"
      STELLAOPS_TENANT_ID: dev
      STELLAOPS_TEMPO_ENDPOINT: https://stellaops-tempo:3200
      STELLAOPS_TEMPO_TLS_CERT_FILE: /etc/otel-collector/tls/client.crt
      STELLAOPS_TEMPO_TLS_KEY_FILE: /etc/otel-collector/tls/client.key
      STELLAOPS_TEMPO_TLS_CA_FILE: /etc/otel-collector/tls/ca.crt
      STELLAOPS_LOKI_ENDPOINT: https://stellaops-loki:3100/loki/api/v1/push
      STELLAOPS_LOKI_TLS_CERT_FILE: /etc/otel-collector/tls/client.crt
      STELLAOPS_LOKI_TLS_KEY_FILE: /etc/otel-collector/tls/client.key
      STELLAOPS_LOKI_TLS_CA_FILE: /etc/otel-collector/tls/ca.crt
    volumes:
      - ../telemetry/otel-collector-config.yaml:/etc/otel-collector/config.yaml:ro
      - ../telemetry/certs:/etc/otel-collector/tls:ro
    ports:
      - "4317:4317"    # OTLP gRPC (mTLS)
      - "4318:4318"    # OTLP HTTP (mTLS)
      - "9464:9464"    # Prometheus exporter (mTLS)
      - "13133:13133"  # Health check
      - "1777:1777"    # pprof
    healthcheck:
      test: ["CMD", "curl", "-fsk", "--cert", "/etc/otel-collector/tls/client.crt", "--key", "/etc/otel-collector/tls/client.key", "--cacert", "/etc/otel-collector/tls/ca.crt", "https://localhost:13133/healthz"]
      interval: 30s
      start_period: 15s
      timeout: 5s
      retries: 3

networks:
  default:
    name: stellaops-telemetry