|
|
@@ -0,0 +1,197 @@
|
|
|
+#version: '3.2'
|
|
|
+
|
|
|
+services:
|
|
|
+
|
|
|
+ portainer:
|
|
|
+ container_name: portainer
|
|
|
+ image: portainer/portainer-ce
|
|
|
+ volumes:
|
|
|
+ - /var/run/docker.sock:/var/run/docker.sock
|
|
|
+ - portainer-data:/data
|
|
|
+ restart: unless-stopped
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.portainer.rule=Host(`${PORTAINER_VIRTUAL_HOST}`) || Host(`www.${PORTAINER_VIRTUAL_HOST}`)
|
|
|
+ - traefik.http.services.portainer.loadbalancer.server.port=9000
|
|
|
+
|
|
|
+ postgres:
|
|
|
+ container_name: postgres
|
|
|
+ image: postgres:16.3
|
|
|
+ volumes:
|
|
|
+ - postgres-data:/var/lib/postgresql/data
|
|
|
+ - ./default/postgres:/docker-entrypoint-initdb.d
|
|
|
+ environment:
|
|
|
+ POSTGRES_USER: ${POSTGRES_USER}
|
|
|
+ POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
|
+ POSTGRES_DB: ${POSTGRES_DB}
|
|
|
+ PGDATA: /var/lib/postgresql/data/db-files/
|
|
|
+ POSTGRES_MULTIPLE_DATABASES: ${WIKI_DB_NAME},${MATTERMOST_DB_NAME}
|
|
|
+ POSTGRES_INITDB_ARGS: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
|
+ NETWORK_ACCESS: internal
|
|
|
+ restart: unless-stopped
|
|
|
+ healthcheck:
|
|
|
+ test: ["CMD-SHELL", "pg_isready -U '${POSTGRES_USER}' -d '${POSTGRES_DB}'"]
|
|
|
+ interval: 5s
|
|
|
+ timeout: 5s
|
|
|
+ retries: 5
|
|
|
+
|
|
|
+ pgadmin:
|
|
|
+ container_name: pgadmin
|
|
|
+ image: dpage/pgadmin4:8.8
|
|
|
+ environment:
|
|
|
+ PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL}
|
|
|
+ PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD}
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.pgadmin.rule=Host(`${PGADMIN_VIRTUAL_HOST}`) || Host(`www.${PGADMIN_VIRTUAL_HOST}`)
|
|
|
+ - traefik.http.services.pgadmin.loadbalancer.server.port=80
|
|
|
+ volumes:
|
|
|
+ - pgadmin-data:/var/lib/pgadmin
|
|
|
+ - ./default/pgadmin/servers.json:/pgadmin4/servers.json # preconfigured servers/connections
|
|
|
+ restart: unless-stopped
|
|
|
+
|
|
|
+ wiki:
|
|
|
+ container_name: wiki
|
|
|
+ image: requarks/wiki:2.5
|
|
|
+ environment:
|
|
|
+ DB_TYPE: postgres
|
|
|
+ DB_HOST: postgres
|
|
|
+ DB_PORT: 5432
|
|
|
+ DB_USER: ${POSTGRES_USER}
|
|
|
+ DB_PASS: ${POSTGRES_PASSWORD}
|
|
|
+ DB_NAME: ${WIKI_DB_NAME}
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.wiki.rule=Host(`${WIKI_VIRTUAL_HOST}`) || Host(`www.${WIKI_VIRTUAL_HOST}`)
|
|
|
+ - traefik.http.services.wiki.loadbalancer.server.port=3000
|
|
|
+ restart: unless-stopped
|
|
|
+ depends_on:
|
|
|
+ postgres:
|
|
|
+ condition: service_healthy
|
|
|
+
|
|
|
+ artifactshub:
|
|
|
+ container_name: artifactshub
|
|
|
+ image: sonatype/nexus3
|
|
|
+ restart: unless-stopped
|
|
|
+ volumes:
|
|
|
+ - nexus-data:/nexus-data
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.artifactshub.rule=Host(`${ARTIFACTSHUB_VIRTUAL_HOST}`) || Host(`www.${ARTIFACTSHUB_VIRTUAL_HOST}`)
|
|
|
+ - traefik.http.services.artifactshub.loadbalancer.server.port=8081
|
|
|
+
|
|
|
+ jenkins:
|
|
|
+ container_name: jenkins
|
|
|
+ image: jenkins/jenkins:lts-jdk17
|
|
|
+ restart: unless-stopped
|
|
|
+ volumes:
|
|
|
+ - jenkins-docker-certs:/certs/client
|
|
|
+ - jenkins-data:/var/jenkins_home
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.jenkins.rule=Host(`${JENKINS_VIRTUAL_HOST}`) || Host(`www.${JENKINS_VIRTUAL_HOST}`)
|
|
|
+ - traefik.http.routers.jenkins.service=jenkins-service
|
|
|
+ - traefik.http.services.jenkins-service.loadbalancer.server.port=8080
|
|
|
+ - traefik.tcp.routers.jenkins-agent.rule=HostSNI(`*`)
|
|
|
+ - traefik.tcp.routers.jenkins-agent.entryPoints=jenkins-agents
|
|
|
+ - traefik.tcp.routers.jenkins-agent.service=jenkins-agent-service
|
|
|
+ - traefik.tcp.services.jenkins-agent-service.loadbalancer.server.port=50000
|
|
|
+
|
|
|
+ mattermost:
|
|
|
+ container_name: mattermost
|
|
|
+ depends_on:
|
|
|
+ postgres:
|
|
|
+ condition: service_healthy
|
|
|
+ image: mattermost/mattermost-team-edition:release-8.1
|
|
|
+ restart: unless-stopped
|
|
|
+ ports:
|
|
|
+ - "8443:8443/tcp"
|
|
|
+ - "8445:8445/udp"
|
|
|
+ security_opt:
|
|
|
+ - no-new-privileges:true
|
|
|
+ pids_limit: 200
|
|
|
+ read_only: false
|
|
|
+ tmpfs:
|
|
|
+ - /tmp
|
|
|
+ volumes:
|
|
|
+ - mattermost-config:/mattermost/config:rw
|
|
|
+ - mattermost-data:/mattermost/data:rw
|
|
|
+ - mattermost-logs:/mattermost/logs:rw
|
|
|
+ - mattermost-plugins:/mattermost/plugins:rw
|
|
|
+ - mattermost-client-plugins:/mattermost/client/plugins:rw
|
|
|
+ - mattermost-bleve-indexes:/mattermost/bleve-indexes:rw
|
|
|
+ environment:
|
|
|
+ TZ: ${MATTERMOST_TIMEZONE}
|
|
|
+ MM_SQLSETTINGS_DRIVERNAME: ${MATTERMOST_DB_TYPE}
|
|
|
+ MM_SQLSETTINGS_DATASOURCE: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10
|
|
|
+ MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
|
|
|
+ DOMAIN: ${MATTERMOST_HOSTNAME}
|
|
|
+ MM_SERVICESETTINGS_SITEURL: ${MATTERMOST_URL}
|
|
|
+ MM_SERVICESETTINGS_FORWARD80TO443: 'false'
|
|
|
+ MATTERMOST_CONTAINER_READONLY: 'false'
|
|
|
+ labels:
|
|
|
+ - traefik.enable=true
|
|
|
+ - traefik.http.routers.mattermost.rule=Host(`${MATTERMOST_VIRTUAL_HOST}`) || Host(`${MATTERMOST_EXTERNAL_HOST}
|
|
|
+ - "--certificatesresolvers.mymattermost.acme.certificatesDuration=2160"`)
|
|
|
+ - traefik.http.routers.mattermost.tls=true
|
|
|
+ - traefik.http.routers.mattermost.tls.certresolver=mymattermost
|
|
|
+ - traefik.http.routers.mattermost.tls.domains[0].main=${MATTERMOST_EXTERNAL_HOST}
|
|
|
+ - traefik.http.routers.mattermost.tls.domains[0].sans=${MATTERMOST_VIRTUAL_HOST}
|
|
|
+ - traefik.http.services.mattermost.loadbalancer.server.port=8065
|
|
|
+
|
|
|
+ reverse-proxy:
|
|
|
+ container_name: reverse-proxy
|
|
|
+ # The official v3 Traefik docker image
|
|
|
+ image: traefik:v3.0
|
|
|
+ command:
|
|
|
+ - "--accesslog=true"
|
|
|
+ - "--accesslog.filePath=/var/log/traefik/access.log"
|
|
|
+ - "--log=true"
|
|
|
+ - "--log.filePath=/var/log/traefik/traefik.log"
|
|
|
+ - "--log.level=info"
|
|
|
+ - "--api.insecure=true"
|
|
|
+ - "--providers.docker"
|
|
|
+ # spcificare i due entrypoints per la porta 80 e per la 443 (con ssl)
|
|
|
+ - "--entryPoints.web.address=:80"
|
|
|
+ - "--entryPoints.websecure.address=:443"
|
|
|
+ - "--entryPoints.jenkins-agents.address=:50000"
|
|
|
+ - "--certificatesresolvers.mymattermost.acme.tlschallenge=true"
|
|
|
+ #- "--certificatesresolvers.mymattermost.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
|
|
|
+ - "--certificatesresolvers.mymattermost.acme.email=progettoemed@gmail.com"
|
|
|
+ - "--certificatesresolvers.mymattermost.acme.storage=/etc/letsencrypt/acme.json"
|
|
|
+ restart: unless-stopped
|
|
|
+ ports:
|
|
|
+ # The HTTP port
|
|
|
+ - "80:80"
|
|
|
+ # The HTTPS port
|
|
|
+ - "443:443"
|
|
|
+ # The Web UI (enabled by --api.insecure=true)
|
|
|
+ - "8080:8080"
|
|
|
+ # The jenkins agents port
|
|
|
+ - "50000:50000"
|
|
|
+ volumes:
|
|
|
+ # So that Traefik can listen to the Docker events
|
|
|
+ - /var/run/docker.sock:/var/run/docker.sock
|
|
|
+ # posizione standard dei file letsencrypt
|
|
|
+ - /etc/letsencrypt:/etc/letsencrypt
|
|
|
+ # posizione log traefik (default to console)
|
|
|
+ - /var/log/traefik:/var/log/traefik
|
|
|
+ # posizione file di configurazione per il log
|
|
|
+ #- ./traefik.yml:/etc/traefik/traefik.yml
|
|
|
+networks:
|
|
|
+ dev_network:
|
|
|
+
|
|
|
+volumes:
|
|
|
+ portainer-data:
|
|
|
+ postgres-data:
|
|
|
+ pgadmin-data:
|
|
|
+ nexus-data:
|
|
|
+ jenkins-docker-certs:
|
|
|
+ jenkins-data:
|
|
|
+ synapse-matrix-data:
|
|
|
+ mattermost-config:
|
|
|
+ mattermost-data:
|
|
|
+ mattermost-logs:
|
|
|
+ mattermost-plugins:
|
|
|
+ mattermost-client-plugins:
|
|
|
+ mattermost-bleve-indexes:
|
