UNOV/manager-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
manager-service/docker-compose-myinfomate.yml

211 lines
11 KiB
YAML
Raw Blame History

version: "3.3"
services:
################################################
#### Traefik Proxy Setup #####
###############################################
traefik:
image: traefik:v2.8
restart: always
container_name: traefik
ports:
- "80:80" # <== http
- "8080:8080" # <== :8080 is where the dashboard runs on
- "443:443" # <== https
command:
#### These are the CLI commands that will configure Traefik and tell it how to work! ####
## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ##
- --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
- --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc...
- --api.debug=true # <== Enabling additional endpoints for debugging and profiling
## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ##
- --log.level=ERROR # <== Setting the level of the logs from traefik
## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ##
- --providers.docker=true # <== Enabling docker as the provider for traefik
- --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik, only expose enabled ones
- --providers.file.filename=/dynamic.yaml # <== Referring to a dynamic configuration file
- --providers.docker.network=web # <== Operate on the docker network named web
## Entrypoints Settings - https://docs.traefik.io/routing/entrypoints/#configuration ##
- --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web
- --entrypoints.web-secured.address=:443 # <== Defining an entrypoint for https on port :443 named web-secured
## Certificate Settings (Let's Encrypt) - https://docs.traefik.io/https/acme/#configuration-examples ##
- --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 to generate and renew ACME certs
- --certificatesresolvers.mytlschallenge.acme.email=fransolet.thomas@gmail.com # <== Setting email for certs
- --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== Defining acme file to store cert information
volumes:
- ./letsencrypt:/letsencrypt # <== Volume for certs (TLS)
- /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin
- ./dynamic.yaml:/dynamic.yaml # <== Volume for dynamic conf file, **ref: line 27
networks:
- web # <== Placing traefik on the network named web, to access containers on this network
labels:
#### Labels define the behavior and rules of the traefik proxy for this container ####
- "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to view it
- "traefik.http.routers.api.rule=Host(`monitor.myinfomate.be`)" # <== Setting the domain for the dashboard
- "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to access
- "traefik.http.routers.api.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.api-secured.rule=Host(`monitor.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.api-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.api-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
- "traefik.http.routers.api-secured.service=api@internal" # <== Enabling the api to be a service to access
################################################
#### Site Setup Container #####
##############################################
myinfomate-landing:
container_name: "myinfomate-landing"
image: registry.unov.be/myinfomate/landing:latest
restart: always
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=Host(`myinfomate.be`)"
- "traefik.http.routers.landing.entrypoints=web"
- "traefik.http.routers.landing.middlewares=redirect@file"
- "traefik.http.routers.landing-secured.rule=Host(`myinfomate.be`)"
- "traefik.http.routers.landing-secured.entrypoints=web-secured"
- "traefik.http.routers.landing-secured.tls.certresolver=mytlschallenge"
managerService:
container_name: "manager-service"
image: registry.unov.be/managerservice:version-2.0.0
networks:
- web
- backend
#ports:
# - 5005:5005
volumes:
# - /etc/managerservice
- ~/apps/manager:/app/service-data
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.manager-service.rule=Host(`api.myinfomate.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.manager-service.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.manager-service.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.manager-service-secured.rule=Host(`api.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.manager-service-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.manager-service-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
command: /bin/sh -c "sudo chmod -R 777 /root/service-data/configurations /root/service-data/resources"
managerWeb:
container_name: "manager-web"
image: registry.unov.be/mymuseum/manager:version-2.0.0
networks:
- web
volumes:
- /etc/managerweb
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.manager-web.rule=Host(`manager.myinfomate.be`, `visitnamur.myinfomate.be`, `fortsaintheribert.myinfomate.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.manager-web.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.manager-web.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.manager-web-secured.rule=Host(`manager.myinfomate.be`, `visitnamur.myinfomate.be`, `fortsaintheribert.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.manager-web-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.manager-web-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
- "traefik.http.routers.manager-web-fsh.rule=Host(`visitnamur.myinfomate.be`, `fortsaintheribert.myinfomate.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.manager-web-fsh.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.manager-web-fsh.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.manager-web-fsh-secured.rule=Host(`visitnamur.myinfomate.be`, `fortsaintheribert.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.manager-web-fsh-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.manager-web-fsh-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
demoWeb:
container_name: "demo-web"
image: registry.unov.be/mymuseum/demo:latest
networks:
- web
volumes:
- /etc/demoweb
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.demo-web.rule=Host(`demo.myinfomate.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.demo-web.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.demo-web.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.demo-web-secured.rule=Host(`demo.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.demo-web-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.demo-web-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
- "traefik.http.routers.demo-web-fsh.rule=Host(`demo.myinfomate.be`)" # <== Your Domain Name goes here for the http rule
- "traefik.http.routers.demo-web-fsh.entrypoints=web" # <== Defining the entrypoint for http, **ref: line 30
- "traefik.http.routers.demo-web-fsh.middlewares=redirect@file" # <== This is a middleware to redirect to https
- "traefik.http.routers.demo-web-fsh-secured.rule=Host(`demo.myinfomate.be`)" # <== Your Domain Name for the https rule
- "traefik.http.routers.demo-web-fsh-secured.entrypoints=web-secured" # <== Defining entrypoint for https, **ref: line 31
- "traefik.http.routers.demo-web-fsh-secured.tls.certresolver=mytlschallenge" # <== Defining certsresolvers for https
mqtt:
container_name: mqtt
image: eclipse-mosquitto
networks:
- web
ports:
- "1883:1883" #default mqtt port
- "9001:9001" #default mqtt port for websockets
volumes:
- /etc/mqtt/config:/mosquitto/config:rw
- /etc/mqtt/data:/mosquitto/data:rw
- /etc/mqtt/log:/mosquitto/log:rw
restart: always
labels:
- "traefik.enable=true"
- "traefik.docker.network=mqtt"
- "traefik.tcp.services.mqtt.loadbalancer.server.port=1883"
- "traefik.tcp.services.mqtt_websocket.loadbalancer.server.port=9001"
- "traefik.tcp.routers.tcpr_mqtt.entrypoints=mqtt"
- "traefik.tcp.routers.tcpr_mqtt.rule=HostSNI(`myinfomate.be`)"
- "traefik.tcp.routers.tcpr_mqtt.service=mqtt"
- "traefik.tcp.routers.tcpr_mqtt_websocket.entrypoints=websocket"
- "traefik.tcp.routers.tcpr_mqtt_websocket.rule=HostSNI(`myinfomate.be`)"
- "traefik.tcp.routers.tcpr_mqtt_websocket.service=mqtt_websocket"
################################################
#### DB Container not on traefik #####
##############################################
#db:
# image: mysql:8.0
# container_name: db
# restart: unless-stopped
# command: '--default-authentication-plugin=mysql_native_password'
# env_file: .env
# environment:
# - MYSQL_DATABASE=wordpress
# volumes:
# - dbdata:/var/lib/mysql
# networks:
# - backend
mongo:
image: mongo
container_name: "mongodb"
ports:
- 27017:27017
volumes:
- ~/apps/mongo:/data/db
restart: always
labels:
- "traefik.enable=true"
- "traefik.tcp.routers.mongodb.rule=HostSNI(`myinfomate.be`)"
- "traefik.tcp.routers.mongo.entrypoints=mongo"
- "traefik.tcp.routers.mongo.tls=true"
- "traefik.tcp.services.mongo.loadbalancer.server.port=27017"
environment:
MONGO_INITDB_ROOT_USERNAME: $MONGODB_USERNAME
MONGO_INITDB_ROOT_PASSWORD: $MONGODB_PASSWORD
networks:
web:
external: true
backend:
external: false
volumes:
#wordpress:
# external: true
#dbdata:
db:
external: true
mongo:
external: true
Reference in New Issue View Git Blame Copy Permalink