UNOV/manager-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docker compose mymuseum

Browse Source
This commit is contained in:
Fransolet Thomas 2022-09-29 17:56:08 +02:00
parent ee021510c8
commit 9328318468
1 changed files with 164 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

164
docker-compose.yml Normal file
View File

@ -0,0 +1,164 @@
version: "3.3"
services:
################################################
#### Traefik Proxy Setup #####
###############################################
traefik:
image: traefik:v2.8
restart: always
container_name: traefik
ports:
- "80:80" # <== http
- "8080:8080" # <== :8080 is where the dashboard runs on
- "443:443" # <== https
command:
#### These are the CLI commands that will configure Traefik and tell it how to work! ####
## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ##
- --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
- --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc...
- --api.debug=true # <== Enabling additional endpoints for debugging and profiling
## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ##
- --log.level=DEBUG # <== Setting the level of the logs from traefik
## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ##
- --providers.docker=true # <== Enabling docker as the provider for traefik
- --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik, only expose enabled ones
- --providers.file.filename=/dynamic.yaml # <== Referring to a dynamic configuration file
- --providers.docker.network=web # <== Operate on the docker network named web
## Entrypoints Settings - https://docs.traefik.io/routing/entrypoints/#configuration ##
- --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
- --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 named web-secured
## Certificate Settings (Let's Encrypt) - https://docs.traefik.io/https/acme/#configuration-examples ##
- --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 to generate and renew ACME certs
- --certificatesresolvers.mytlschallenge.acme.email=fransolet.thomas@gmail.com # <== Setting email for certs
- --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== Defining acme file to store cert information
volumes:
- ./letsencrypt:/letsencrypt # <== Volume for certs (TLS)
- /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
- ./dynamic.yaml:/dynamic.yaml # <== Volume for dynamic conf file, **ref: line 27
networks:
- web # <== Placing traefik on the network named web, to access containers on this network
labels:
#### Labels define the behavior and rules of the traefik proxy for this container ####
- "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to view it
- "traefik.http.routers.api.rule=Host(`monitor.mymuseum.be`)" # <== Setting the domain for the dashboard
- "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to access
- "traefik.http.routers.api.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.api-secured.rule=Host(`monitor.mymuseum.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.api-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.api-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
- "traefik.http.routers.api-secured.service=api@internal" # <== Enabling the api to be a service to access
################################################
#### Site Setup Container #####
##############################################
wordpress: # <== we aren't going to open :80 here because traefik is going to serve this on entrypoint 'web'
image: wordpress
depends_on:
- db
restart: always
container_name: wordpress
environment:
- WORDPRESS_DB_HOST=db:3306
- WORDPRESS_DB_USER=$MYSQL_USER
- WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
- WORDPRESS_DB_NAME=wordpress
volumes:
- wordpress:/var/www/html
networks:
- web
- backend
labels:
#### Labels define the behavior and rules of the traefik proxy for this container ####
- "traefik.enable=true" # <== Enable traefik to proxy this container
- "traefik.http.routers.nginx-web.rule=Host(`mymuseum.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.nginx-web.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.nginx-web.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.nginx-secured.rule=Host(`mymuseum.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.nginx-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.nginx-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
managerService:
container_name: "manager-service"
image: registry.unov.be/managerservice:latest
networks:
- web
- backend
#ports:
# - 5005:5005
volumes:
- /etc/managerservice
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.manager-service.rule=Host(`api.mymuseum.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.manager-service.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.manager-service.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.manager-service-secured.rule=Host(`api.mymuseum.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.manager-service-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.manager-service-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
managerWeb:
container_name: "manager-web"
image: registry.unov.be/mymuseum/manager:latest
networks:
- web
volumes:
- /etc/managerweb
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.manager-web.rule=Host(`manager.mymuseum.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.manager-web.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.manager-web.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.manager-web-secured.rule=Host(`manager.mymuseum.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.manager-web-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.manager-web-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
################################################
#### DB Container not on traefik #####
##############################################
db:
image: mysql:8.0
container_name: db
restart: unless-stopped
command: '--default-authentication-plugin=mysql_native_password'
env_file: .env
environment:
- MYSQL_DATABASE=wordpress
volumes:
- dbdata:/var/lib/mysql
networks:
- backend
mongo:
image: mongo
container_name: "mongodb"
ports:
- 27017:27017
volumes:
- ~/apps/mongo:/data/db
restart: always
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.mongodb.rule=HostSNI(`mymuseum.be`)"
- "traefik.tcp.routers.mongo.entrypoints=mongo"
- "traefik.tcp.routers.mongo.tls=true"
- "traefik.tcp.services.mongo.loadbalancer.server.port=27017"
environment:
MONGO_INITDB_ROOT_USERNAME: $MONGODB_USERNAME
MONGO_INITDB_ROOT_PASSWORD: $MONGODB_PASSWORD
networks:
web:
external: true
backend:
external: false
volumes:
wordpress:
external: true
dbdata:
db:
external: true