From 1faebbb2069466bb3e4c00970902f3a04675be40 Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Thu, 29 Jan 2026 15:46:57 +0100 Subject: [PATCH 1/7] Added compose files for testing 2.0 --- .gitignore | 1 + docker-compose2.0/docker-compose.2.0-ha.yaml | 87 ++++++++++++++++++++ docker-compose2.0/docker-compose.2.0.yaml | 56 +++++++++++++ docker-compose2.0/nginx/edge.conf | 38 +++++++++ docker-compose2.0/nginx/gateway.conf | 30 +++++++ 5 files changed, 212 insertions(+) create mode 100644 docker-compose2.0/docker-compose.2.0-ha.yaml create mode 100644 docker-compose2.0/docker-compose.2.0.yaml create mode 100644 docker-compose2.0/nginx/edge.conf create mode 100644 docker-compose2.0/nginx/gateway.conf diff --git a/.gitignore b/.gitignore index 4ad00b8..6b2e499 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ docker-compose/.env docker-compose/.volumes +docker-compose2.0/.volumes .idea terraform/**/terraform.tfstate terraform/**/terraform.tfstate.backup diff --git a/docker-compose2.0/docker-compose.2.0-ha.yaml b/docker-compose2.0/docker-compose.2.0-ha.yaml new file mode 100644 index 0000000..98bbaa6 --- /dev/null +++ b/docker-compose2.0/docker-compose.2.0-ha.yaml @@ -0,0 +1,87 @@ +services: + core: + image: ghcr.io/defguard/defguard:dev + environment: + DEFGUARD_COOKIE_INSECURE: "true" + DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94 + DEFGUARD_AUTH_SECRET: defguard-auth-secret + DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret + DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret + DEFGUARD_DB_HOST: db + DEFGUARD_DB_PORT: 5432 + DEFGUARD_DB_USER: defguard + DEFGUARD_DB_PASSWORD: defguard + DEFGUARD_DB_NAME: defguard + DEFGUARD_URL: http://localhost:8000 + RUST_BACKTRACE: 1 + depends_on: + - db + ports: + - "8000:8000" + + edge1: + image: ghcr.io/defguard/defguard-proxy:dev + volumes: + - ./.volumes/certs2.0-ha/edge1:/etc/defguard/certs + depends_on: + - core + + edge2: + image: ghcr.io/defguard/defguard-proxy:dev + volumes: + - ./.volumes/certs2.0-ha/edge2:/etc/defguard/certs + depends_on: + - core + + edge-lb: + image: nginx:1.25-alpine + depends_on: + - edge1 + - edge2 + ports: + - "8080:8080" + volumes: + - ./nginx/edge.conf:/etc/nginx/conf.d/default.conf:ro + + gateway1: + image: ghcr.io/defguard/gateway:dev + depends_on: + - core + cap_add: + - NET_ADMIN + volumes: + - ./.volumes/certs2.0-ha/gateway1:/etc/defguard/certs + environment: + DEFGUARD_STATS_PERIOD: 10 + + gateway2: + image: ghcr.io/defguard/gateway:dev + depends_on: + - core + cap_add: + - NET_ADMIN + volumes: + - ./.volumes/certs2.0-ha/gateway2:/etc/defguard/certs + environment: + DEFGUARD_STATS_PERIOD: 10 + + gateway-lb: + image: nginx:1.25-alpine + depends_on: + - gateway1 + - gateway2 + ports: + - "50051:50051/udp" + volumes: + - ./nginx/gateway.conf:/etc/nginx/nginx.conf:ro + + db: + image: postgres:17-alpine + environment: + POSTGRES_DB: defguard + POSTGRES_USER: defguard + POSTGRES_PASSWORD: defguard + volumes: + - ./.volumes/db2.0-ha:/var/lib/postgresql/data + ports: + - "5432:5432" diff --git a/docker-compose2.0/docker-compose.2.0.yaml b/docker-compose2.0/docker-compose.2.0.yaml new file mode 100644 index 0000000..d679cd5 --- /dev/null +++ b/docker-compose2.0/docker-compose.2.0.yaml @@ -0,0 +1,56 @@ +services: + core: + image: ghcr.io/defguard/defguard:dev + build: + context: . + dockerfile: Dockerfile + environment: + DEFGUARD_COOKIE_INSECURE: "true" + DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94 + DEFGUARD_AUTH_SECRET: defguard-auth-secret + DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret + DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret + DEFGUARD_DB_HOST: db + DEFGUARD_DB_PORT: 5432 + DEFGUARD_DB_USER: defguard + DEFGUARD_DB_PASSWORD: defguard + DEFGUARD_DB_NAME: defguard + DEFGUARD_URL: http://localhost:8000 + RUST_BACKTRACE: 1 + ports: + # rest api + - "8000:8000" + # grpc + - "50055:50055" + depends_on: + - db + + edge: + image: ghcr.io/defguard/defguard-proxy:dev + volumes: + - ./.volumes/certs2.0/proxy:/etc/defguard/certs + ports: + - "8080:8080" + + gateway: + image: ghcr.io/defguard/gateway:dev + ports: + # WireGuard endpoint + - "50051:50051/udp" + depends_on: + - core + cap_add: + - NET_ADMIN + volumes: + - ./.volumes/certs2.0/gateway:/etc/defguard/certs + + db: + image: postgres:17-alpine + environment: + POSTGRES_DB: defguard + POSTGRES_USER: defguard + POSTGRES_PASSWORD: defguard + volumes: + - ./.volumes/db2.0:/var/lib/postgresql/data + ports: + - "5432:5432" diff --git a/docker-compose2.0/nginx/edge.conf b/docker-compose2.0/nginx/edge.conf new file mode 100644 index 0000000..c0a11ce --- /dev/null +++ b/docker-compose2.0/nginx/edge.conf @@ -0,0 +1,38 @@ +upstream defguard_edge { + # For HTTP, round-robin is the default + server edge1:8080 max_fails=2 fail_timeout=10s; + server edge2:8080 max_fails=2 fail_timeout=10s; + + # Optional: keepalive connections to backends + keepalive 64; +} + +server { + listen 8080; + + # Preserve original client information + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # WebSockets support (if used) + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + location / { + proxy_pass http://defguard_edge; + + # Reasonable timeouts for long requests / SSE + proxy_connect_timeout 5s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } +} + +# Map used by WebSocket upgrade header handling +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} diff --git a/docker-compose2.0/nginx/gateway.conf b/docker-compose2.0/nginx/gateway.conf new file mode 100644 index 0000000..86622b7 --- /dev/null +++ b/docker-compose2.0/nginx/gateway.conf @@ -0,0 +1,30 @@ +worker_processes auto; + +events { } + +stream { + # Upstream group containing all Defguard Gateway instances + upstream defguard_gateways { + # Sticky sessions: the same client IP will always be routed + # to the same backend gateway (important for WireGuard/UDP) + hash $remote_addr consistent; + + # Backend gateways (Docker service names) + server gateway1:50051 max_fails=2 fail_timeout=10s; + server gateway2:50051 max_fails=2 fail_timeout=10s; + } + + server { + # Public UDP listener for WireGuard clients + listen 50051 udp; + + # Forward traffic to the upstream gateways + proxy_pass defguard_gateways; + + # Increase timeout for long-lived UDP sessions + proxy_timeout 10m; + + # Number of expected responses per request (usually 1 for WireGuard) + proxy_responses 1; + } +} From f47e4847ed7a5ca00604e6d36cd85a67e7a205ea Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Tue, 3 Feb 2026 09:57:14 +0100 Subject: [PATCH 2/7] Added additional gateways --- docker-compose2.0/docker-compose.2.0-ha.yaml | 32 ++++++++++++++++++++ docker-compose2.0/nginx/gateway.conf | 3 +- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/docker-compose2.0/docker-compose.2.0-ha.yaml b/docker-compose2.0/docker-compose.2.0-ha.yaml index 98bbaa6..6c55fb0 100644 --- a/docker-compose2.0/docker-compose.2.0-ha.yaml +++ b/docker-compose2.0/docker-compose.2.0-ha.yaml @@ -75,6 +75,38 @@ services: volumes: - ./nginx/gateway.conf:/etc/nginx/nginx.conf:ro + gatewaymfa1: + image: ghcr.io/defguard/gateway:dev + depends_on: + - core + cap_add: + - NET_ADMIN + volumes: + - ./.volumes/certs2.0-ha/gatewaymfa1:/etc/defguard/certs + environment: + DEFGUARD_STATS_PERIOD: 10 + + gatewaymfa2: + image: ghcr.io/defguard/gateway:dev + depends_on: + - core + cap_add: + - NET_ADMIN + volumes: + - ./.volumes/certs2.0-ha/gatewaymfa2:/etc/defguard/certs + environment: + DEFGUARD_STATS_PERIOD: 10 + + gatewaymfa-lb: + image: nginx:1.25-alpine + depends_on: + - gateway1 + - gateway2 + ports: + - "50052:50051/udp" + volumes: + - ./nginx/gateway.conf:/etc/nginx/nginx.conf:ro + db: image: postgres:17-alpine environment: diff --git a/docker-compose2.0/nginx/gateway.conf b/docker-compose2.0/nginx/gateway.conf index 86622b7..29f8137 100644 --- a/docker-compose2.0/nginx/gateway.conf +++ b/docker-compose2.0/nginx/gateway.conf @@ -7,7 +7,8 @@ stream { upstream defguard_gateways { # Sticky sessions: the same client IP will always be routed # to the same backend gateway (important for WireGuard/UDP) - hash $remote_addr consistent; + # Hash by client IP + client UDP source port (better re-connect distribution) + hash "$remote_addr:$remote_port" consistent; # Backend gateways (Docker service names) server gateway1:50051 max_fails=2 fail_timeout=10s; From 7840283e46c7d2f904167dbde45ee7caab3bfe58 Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Wed, 4 Feb 2026 13:26:33 +0100 Subject: [PATCH 3/7] Added load balancer based on envoy --- docker-compose2.0/docker-compose.2.0-ha.yaml | 62 +++++++++----------- docker-compose2.0/envoy/envoy.yaml | 60 +++++++++++++++++++ 2 files changed, 87 insertions(+), 35 deletions(-) create mode 100644 docker-compose2.0/envoy/envoy.yaml diff --git a/docker-compose2.0/docker-compose.2.0-ha.yaml b/docker-compose2.0/docker-compose.2.0-ha.yaml index 6c55fb0..40efe20 100644 --- a/docker-compose2.0/docker-compose.2.0-ha.yaml +++ b/docker-compose2.0/docker-compose.2.0-ha.yaml @@ -53,6 +53,7 @@ services: - ./.volumes/certs2.0-ha/gateway1:/etc/defguard/certs environment: DEFGUARD_STATS_PERIOD: 10 + HEALTH_PORT: 55003 gateway2: image: ghcr.io/defguard/gateway:dev @@ -64,48 +65,39 @@ services: - ./.volumes/certs2.0-ha/gateway2:/etc/defguard/certs environment: DEFGUARD_STATS_PERIOD: 10 + HEALTH_PORT: 55003 - gateway-lb: - image: nginx:1.25-alpine - depends_on: - - gateway1 - - gateway2 + envoy: + image: envoyproxy/envoy:v1.33-latest ports: - "50051:50051/udp" volumes: - - ./nginx/gateway.conf:/etc/nginx/nginx.conf:ro - - gatewaymfa1: - image: ghcr.io/defguard/gateway:dev - depends_on: - - core - cap_add: - - NET_ADMIN - volumes: - - ./.volumes/certs2.0-ha/gatewaymfa1:/etc/defguard/certs - environment: - DEFGUARD_STATS_PERIOD: 10 - - gatewaymfa2: - image: ghcr.io/defguard/gateway:dev - depends_on: - - core - cap_add: - - NET_ADMIN - volumes: - - ./.volumes/certs2.0-ha/gatewaymfa2:/etc/defguard/certs - environment: - DEFGUARD_STATS_PERIOD: 10 - - gatewaymfa-lb: - image: nginx:1.25-alpine + - ./envoy/envoy.yaml:/etc/envoy/envoy.yaml:ro depends_on: - gateway1 - gateway2 - ports: - - "50052:50051/udp" - volumes: - - ./nginx/gateway.conf:/etc/nginx/nginx.conf:ro + + # gatewaymfa1: + # image: ghcr.io/defguard/gateway:dev + # depends_on: + # - core + # cap_add: + # - NET_ADMIN + # volumes: + # - ./.volumes/certs2.0-ha/gatewaymfa1:/etc/defguard/certs + # environment: + # DEFGUARD_STATS_PERIOD: 10 + + # gatewaymfa2: + # image: ghcr.io/defguard/gateway:dev + # depends_on: + # - core + # cap_add: + # - NET_ADMIN + # volumes: + # - ./.volumes/certs2.0-ha/gatewaymfa2:/etc/defguard/certs + # environment: + # DEFGUARD_STATS_PERIOD: 10 db: image: postgres:17-alpine diff --git a/docker-compose2.0/envoy/envoy.yaml b/docker-compose2.0/envoy/envoy.yaml new file mode 100644 index 0000000..f2e7957 --- /dev/null +++ b/docker-compose2.0/envoy/envoy.yaml @@ -0,0 +1,60 @@ +static_resources: + listeners: + - name: udp_listener + address: + socket_address: + address: 0.0.0.0 + port_value: 50051 + protocol: UDP + + # UDP listeners use udp_listener_config + listener_filters (not filter_chains) + udp_listener_config: + downstream_socket_config: + # Optional: enable GRO/GSO if kernel supports it, otherwise omit + prefer_gro: true + + listener_filters: + - name: envoy.filters.udp_listener.udp_proxy + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig + stat_prefix: udp_lb + cluster: defguard_gateway_cluster + idle_timeout: 60s + + clusters: + - name: defguard_gateway_cluster + type: STRICT_DNS + connect_timeout: 1s + lb_policy: ROUND_ROBIN + dns_lookup_family: V4_ONLY + + health_checks: + - timeout: 2s + interval: 5s + unhealthy_threshold: 2 + healthy_threshold: 2 + http_health_check: + path: /health + host: gateway_health + expected_statuses: + start: 200 + end: 300 + + load_assignment: + cluster_name: defguard_gateway_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: gateway1 + port_value: 50051 + health_check_config: + port_value: 55003 + - endpoint: + address: + socket_address: + address: gateway2 + port_value: 50051 + health_check_config: + port_value: 55003 \ No newline at end of file From 4d603a5cd12941932125cd2bed75018ee2cddb61 Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Sun, 8 Feb 2026 22:04:30 +0100 Subject: [PATCH 4/7] Removed redundant configuration --- docker-compose2.0/docker-compose.2.0.yaml | 56 ------------------- ...ompose.2.0-ha.yaml => docker-compose.yaml} | 24 +------- docker-compose2.0/nginx/gateway.conf | 31 ---------- 3 files changed, 1 insertion(+), 110 deletions(-) delete mode 100644 docker-compose2.0/docker-compose.2.0.yaml rename docker-compose2.0/{docker-compose.2.0-ha.yaml => docker-compose.yaml} (80%) delete mode 100644 docker-compose2.0/nginx/gateway.conf diff --git a/docker-compose2.0/docker-compose.2.0.yaml b/docker-compose2.0/docker-compose.2.0.yaml deleted file mode 100644 index d679cd5..0000000 --- a/docker-compose2.0/docker-compose.2.0.yaml +++ /dev/null @@ -1,56 +0,0 @@ -services: - core: - image: ghcr.io/defguard/defguard:dev - build: - context: . - dockerfile: Dockerfile - environment: - DEFGUARD_COOKIE_INSECURE: "true" - DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94 - DEFGUARD_AUTH_SECRET: defguard-auth-secret - DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret - DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret - DEFGUARD_DB_HOST: db - DEFGUARD_DB_PORT: 5432 - DEFGUARD_DB_USER: defguard - DEFGUARD_DB_PASSWORD: defguard - DEFGUARD_DB_NAME: defguard - DEFGUARD_URL: http://localhost:8000 - RUST_BACKTRACE: 1 - ports: - # rest api - - "8000:8000" - # grpc - - "50055:50055" - depends_on: - - db - - edge: - image: ghcr.io/defguard/defguard-proxy:dev - volumes: - - ./.volumes/certs2.0/proxy:/etc/defguard/certs - ports: - - "8080:8080" - - gateway: - image: ghcr.io/defguard/gateway:dev - ports: - # WireGuard endpoint - - "50051:50051/udp" - depends_on: - - core - cap_add: - - NET_ADMIN - volumes: - - ./.volumes/certs2.0/gateway:/etc/defguard/certs - - db: - image: postgres:17-alpine - environment: - POSTGRES_DB: defguard - POSTGRES_USER: defguard - POSTGRES_PASSWORD: defguard - volumes: - - ./.volumes/db2.0:/var/lib/postgresql/data - ports: - - "5432:5432" diff --git a/docker-compose2.0/docker-compose.2.0-ha.yaml b/docker-compose2.0/docker-compose.yaml similarity index 80% rename from docker-compose2.0/docker-compose.2.0-ha.yaml rename to docker-compose2.0/docker-compose.yaml index 40efe20..f04e06d 100644 --- a/docker-compose2.0/docker-compose.2.0-ha.yaml +++ b/docker-compose2.0/docker-compose.yaml @@ -67,7 +67,7 @@ services: DEFGUARD_STATS_PERIOD: 10 HEALTH_PORT: 55003 - envoy: + gateway-lb: image: envoyproxy/envoy:v1.33-latest ports: - "50051:50051/udp" @@ -77,28 +77,6 @@ services: - gateway1 - gateway2 - # gatewaymfa1: - # image: ghcr.io/defguard/gateway:dev - # depends_on: - # - core - # cap_add: - # - NET_ADMIN - # volumes: - # - ./.volumes/certs2.0-ha/gatewaymfa1:/etc/defguard/certs - # environment: - # DEFGUARD_STATS_PERIOD: 10 - - # gatewaymfa2: - # image: ghcr.io/defguard/gateway:dev - # depends_on: - # - core - # cap_add: - # - NET_ADMIN - # volumes: - # - ./.volumes/certs2.0-ha/gatewaymfa2:/etc/defguard/certs - # environment: - # DEFGUARD_STATS_PERIOD: 10 - db: image: postgres:17-alpine environment: diff --git a/docker-compose2.0/nginx/gateway.conf b/docker-compose2.0/nginx/gateway.conf deleted file mode 100644 index 29f8137..0000000 --- a/docker-compose2.0/nginx/gateway.conf +++ /dev/null @@ -1,31 +0,0 @@ -worker_processes auto; - -events { } - -stream { - # Upstream group containing all Defguard Gateway instances - upstream defguard_gateways { - # Sticky sessions: the same client IP will always be routed - # to the same backend gateway (important for WireGuard/UDP) - # Hash by client IP + client UDP source port (better re-connect distribution) - hash "$remote_addr:$remote_port" consistent; - - # Backend gateways (Docker service names) - server gateway1:50051 max_fails=2 fail_timeout=10s; - server gateway2:50051 max_fails=2 fail_timeout=10s; - } - - server { - # Public UDP listener for WireGuard clients - listen 50051 udp; - - # Forward traffic to the upstream gateways - proxy_pass defguard_gateways; - - # Increase timeout for long-lived UDP sessions - proxy_timeout 10m; - - # Number of expected responses per request (usually 1 for WireGuard) - proxy_responses 1; - } -} From 2a5ce09d95c223fb271737ea4a93d27a85feb173 Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Mon, 9 Feb 2026 11:34:59 +0100 Subject: [PATCH 5/7] Removed redundant setting --- docker-compose2.0/docker-compose.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker-compose2.0/docker-compose.yaml b/docker-compose2.0/docker-compose.yaml index f04e06d..8f5a337 100644 --- a/docker-compose2.0/docker-compose.yaml +++ b/docker-compose2.0/docker-compose.yaml @@ -3,7 +3,7 @@ services: image: ghcr.io/defguard/defguard:dev environment: DEFGUARD_COOKIE_INSECURE: "true" - DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94 + DEFGUARD_SECRET_KEY: defguard-secret-key DEFGUARD_AUTH_SECRET: defguard-auth-secret DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret @@ -12,7 +12,6 @@ services: DEFGUARD_DB_USER: defguard DEFGUARD_DB_PASSWORD: defguard DEFGUARD_DB_NAME: defguard - DEFGUARD_URL: http://localhost:8000 RUST_BACKTRACE: 1 depends_on: - db From cfbc8c21394dd6896ed302a00ce368406cf42026 Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Mon, 9 Feb 2026 11:39:00 +0100 Subject: [PATCH 6/7] Fixed secret env variable --- docker-compose2.0/docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose2.0/docker-compose.yaml b/docker-compose2.0/docker-compose.yaml index 8f5a337..405cf69 100644 --- a/docker-compose2.0/docker-compose.yaml +++ b/docker-compose2.0/docker-compose.yaml @@ -3,7 +3,7 @@ services: image: ghcr.io/defguard/defguard:dev environment: DEFGUARD_COOKIE_INSECURE: "true" - DEFGUARD_SECRET_KEY: defguard-secret-key + DEFGUARD_SECRET_KEY: defguard-secret-key-defguard-secret-key-defguard-secret-key-defguard-secret-key DEFGUARD_AUTH_SECRET: defguard-auth-secret DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret From f3d221d8098b88a96fd07bdacd1eef72ea0fe8be Mon Sep 17 00:00:00 2001 From: Kamil Chudy Date: Mon, 9 Feb 2026 12:36:50 +0100 Subject: [PATCH 7/7] Upgraded postgres --- docker-compose2.0/docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose2.0/docker-compose.yaml b/docker-compose2.0/docker-compose.yaml index 405cf69..8e192ac 100644 --- a/docker-compose2.0/docker-compose.yaml +++ b/docker-compose2.0/docker-compose.yaml @@ -77,7 +77,7 @@ services: - gateway2 db: - image: postgres:17-alpine + image: postgres:18-alpine environment: POSTGRES_DB: defguard POSTGRES_USER: defguard