docker-compose.yml•4.85 kB
version: '3.8'
services:
# MikroTik MCP Server
mcp-mikrotik:
build:
context: .
dockerfile: Dockerfile
container_name: mcp-mikrotik-server
restart: unless-stopped
environment:
# MikroTik connection settings
MIKROTIK_HOST: ${MIKROTIK_HOST:-192.168.1.1}
MIKROTIK_USERNAME: ${MIKROTIK_USERNAME:-admin}
MIKROTIK_PASSWORD: ${MIKROTIK_PASSWORD:-}
MIKROTIK_PORT: ${MIKROTIK_PORT:-22}
# Python settings
PYTHONUNBUFFERED: 1
PYTHONDONTWRITEBYTECODE: 1
# Logging
LOG_LEVEL: ${LOG_LEVEL:-INFO}
# Override default command with environment variables
command: >
sh -c "mcp-server-mikrotik
--host $${MIKROTIK_HOST}
--username $${MIKROTIK_USERNAME}
--password $${MIKROTIK_PASSWORD}
--port $${MIKROTIK_PORT}"
ports:
- "${MCP_PORT:-8000}:8000"
volumes:
# Configuration files
- ./mcp-config.json:/app/mcp-config.json:ro
- ./logs:/app/logs
# SSH keys (if using key-based authentication)
- ./ssh_keys:/app/.ssh:ro
networks:
- mikrotik-network
healthcheck:
test: ["CMD", "python", "-c", "import mcp_mikrotik; print('Healthy')"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
depends_on:
- routeros
labels:
- "traefik.enable=true"
- "traefik.http.routers.mcp-mikrotik.rule=Host(`mcp-mikrotik.local`)"
- "traefik.http.services.mcp-mikrotik.loadbalancer.server.port=8000"
# RouterOS Container for Development/Testing
routeros:
image: evilfreelancer/docker-routeros:latest
container_name: mikrotik-routeros
restart: unless-stopped
privileged: true
environment:
- ROUTEROS_USER=${ROUTEROS_USER:-admin}
- ROUTEROS_PASS=${ROUTEROS_PASS:-admin}
- ROUTEROS_LICENSE=${ROUTEROS_LICENSE:-true}
ports:
# Web interface (HTTP)
- "${ROUTEROS_HTTP_PORT:-8080}:80"
# Web interface (HTTPS)
- "${ROUTEROS_HTTPS_PORT:-8443}:443"
# Winbox
- "${ROUTEROS_WINBOX_PORT:-8291}:8291"
# SSH
- "${ROUTEROS_SSH_PORT:-2222}:22"
# Telnet
- "${ROUTEROS_TELNET_PORT:-2223}:23"
# FTP
- "${ROUTEROS_FTP_PORT:-2121}:21"
# API
- "${ROUTEROS_API_PORT:-8728}:8728"
# API-SSL
- "${ROUTEROS_API_SSL_PORT:-8729}:8729"
volumes:
- routeros-data:/routeros
networks:
mikrotik-network:
ipv4_address: ${ROUTEROS_IP:-172.20.0.2}
cap_add:
- NET_ADMIN
- NET_RAW
devices:
- /dev/net/tun
labels:
- "traefik.enable=true"
- "traefik.http.routers.routeros.rule=Host(`routeros.local`)"
- "traefik.http.services.routeros.loadbalancer.server.port=80"
# MCPO (MCP-to-OpenAPI proxy) - Optional
mcpo:
image: python:3.11-slim
container_name: mcp-mcpo
restart: unless-stopped
working_dir: /app
environment:
- MCPO_PORT=${MCPO_PORT:-9000}
- MCPO_API_KEY=${MCPO_API_KEY:-your-secret-key}
command: >
sh -c "pip install mcpo &&
mcpo --port $${MCPO_PORT}
--api-key $${MCPO_API_KEY}
--config /app/mcp-config.json"
ports:
- "${MCPO_PORT:-9000}:9000"
volumes:
- ./mcp-config.json:/app/mcp-config.json:ro
networks:
- mikrotik-network
depends_on:
- mcp-mikrotik
labels:
- "traefik.enable=true"
- "traefik.http.routers.mcpo.rule=Host(`mcpo.local`)"
- "traefik.http.services.mcpo.loadbalancer.server.port=9000"
# Optional: Reverse Proxy (Traefik)
traefik:
image: traefik:v2.10
container_name: mikrotik-traefik
restart: unless-stopped
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
- "8081:8080" # Traefik dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- mikrotik-network
profiles:
- proxy
# Networks
networks:
mikrotik-network:
driver: bridge
ipam:
config:
- subnet: ${NETWORK_SUBNET:-172.20.0.0/24}
gateway: ${NETWORK_GATEWAY:-172.20.0.1}
# Volumes
volumes:
routeros-data:
driver: local
labels:
- "description=RouterOS persistent data"
# Additional services for development
x-development-services:
# Python development environment
dev:
build:
context: .
dockerfile: Dockerfile
target: builder
container_name: mcp-mikrotik-dev
working_dir: /app
command: /bin/bash
stdin_open: true
tty: true
volumes:
- .:/app
- /app/.venv # Exclude venv from bind mount
networks:
- mikrotik-network
profiles:
- dev