Sākums Izpētīt Palīdzība
Pierakstīties
emed
/
dev-stack
2
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Atzars: master
Atzari Tagi
dev-stack
/
docker-compose-tls-udp.yaml

docker-compose-tls-udp.yaml 7.0 KB
Patstāvīgā saite Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197 
  1. #version: '3.2'
    2. 

  2. 

  3. services:
    4. 

  4. 

  5.   portainer:
    6. 

  6.     container_name: portainer
    7. 

  7.     image: portainer/portainer-ce
    8. 

  8.     volumes:
    9. 

  9.       - /var/run/docker.sock:/var/run/docker.sock
    10. 

  10.       - portainer-data:/data
    11. 

  11.     restart: unless-stopped
    12. 

  12.     labels:
    13. 

  13.       - traefik.enable=true
    14. 

  14.       - traefik.http.routers.portainer.rule=Host(`${PORTAINER_VIRTUAL_HOST}`) || Host(`www.${PORTAINER_VIRTUAL_HOST}`)
    15. 

  15.       - traefik.http.services.portainer.loadbalancer.server.port=9000
    16. 

  16. 

  17.   postgres:
    18. 

  18.     container_name: postgres
    19. 

  19.     image: postgres:16.3
    20. 

  20.     volumes:
    21. 

  21.       - postgres-data:/var/lib/postgresql/data
    22. 

  22.       - ./default/postgres:/docker-entrypoint-initdb.d
    23. 

  23.     environment:
    24. 

  24.       POSTGRES_USER: ${POSTGRES_USER}
    25. 

  25.       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    26. 

  26.       POSTGRES_DB: ${POSTGRES_DB}
    27. 

  27.       PGDATA: /var/lib/postgresql/data/db-files/
    28. 

  28.       POSTGRES_MULTIPLE_DATABASES: ${WIKI_DB_NAME},${MATTERMOST_DB_NAME}
    29. 

  29.       POSTGRES_INITDB_ARGS: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
    30. 

  30.       NETWORK_ACCESS: internal
    31. 

  31.     restart: unless-stopped
    32. 

  32.     healthcheck:
    33. 

  33.       test: ["CMD-SHELL", "pg_isready -U '${POSTGRES_USER}' -d '${POSTGRES_DB}'"]
    34. 

  34.       interval: 5s
    35. 

  35.       timeout: 5s
    36. 

  36.       retries: 5
    37. 

  37. 

  38.   pgadmin:
    39. 

  39.     container_name: pgadmin
    40. 

  40.     image: dpage/pgadmin4:8.8
    41. 

  41.     environment:
    42. 

  42.       PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL}
    43. 

  43.       PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD}
    44. 

  44.     labels:
    45. 

  45.       - traefik.enable=true
    46. 

  46.       - traefik.http.routers.pgadmin.rule=Host(`${PGADMIN_VIRTUAL_HOST}`) || Host(`www.${PGADMIN_VIRTUAL_HOST}`)
    47. 

  47.       - traefik.http.services.pgadmin.loadbalancer.server.port=80
    48. 

  48.     volumes:
    49. 

  49.        - pgadmin-data:/var/lib/pgadmin
    50. 

  50.         - ./default/pgadmin/servers.json:/pgadmin4/servers.json # preconfigured servers/connections
    51. 

  51.     restart: unless-stopped
    52. 

  52. 

  53.   wiki:
    54. 

  54.     container_name: wiki
    55. 

  55.     image: requarks/wiki:2.5
    56. 

  56.     environment:
    57. 

  57.       DB_TYPE: postgres
    58. 

  58.       DB_HOST: postgres
    59. 

  59.       DB_PORT: 5432
    60. 

  60.       DB_USER: ${POSTGRES_USER}
    61. 

  61.       DB_PASS: ${POSTGRES_PASSWORD}
    62. 

  62.       DB_NAME: ${WIKI_DB_NAME}
    63. 

  63.     labels:
    64. 

  64.       - traefik.enable=true
    65. 

  65.       - traefik.http.routers.wiki.rule=Host(`${WIKI_VIRTUAL_HOST}`) || Host(`www.${WIKI_VIRTUAL_HOST}`)
    66. 

  66.       - traefik.http.services.wiki.loadbalancer.server.port=3000
    67. 

  67.     restart: unless-stopped
    68. 

  68.     depends_on:
    69. 

  69.       postgres:
    70. 

  70.         condition: service_healthy
    71. 

  71. 

  72.   artifactshub:
    73. 

  73.     container_name: artifactshub
    74. 

  74.     image: sonatype/nexus3
    75. 

  75.     restart: unless-stopped
    76. 

  76.     volumes:
    77. 

  77.       - nexus-data:/nexus-data
    78. 

  78.     labels:
    79. 

  79.       - traefik.enable=true
    80. 

  80.       - traefik.http.routers.artifactshub.rule=Host(`${ARTIFACTSHUB_VIRTUAL_HOST}`) || Host(`www.${ARTIFACTSHUB_VIRTUAL_HOST}`)
    81. 

  81.       - traefik.http.services.artifactshub.loadbalancer.server.port=8081
    82. 

  82. 

  83.   jenkins:
    84. 

  84.     container_name: jenkins
    85. 

  85.     image: jenkins/jenkins:lts-jdk17
    86. 

  86.     restart: unless-stopped
    87. 

  87.     volumes:
    88. 

  88.       - jenkins-docker-certs:/certs/client
    89. 

  89.       - jenkins-data:/var/jenkins_home
    90. 

  90.     labels:
    91. 

  91.       - traefik.enable=true
    92. 

  92.       - traefik.http.routers.jenkins.rule=Host(`${JENKINS_VIRTUAL_HOST}`) || Host(`www.${JENKINS_VIRTUAL_HOST}`)
    93. 

  93.       - traefik.http.routers.jenkins.service=jenkins-service
    94. 

  94.       - traefik.http.services.jenkins-service.loadbalancer.server.port=8080
    95. 

  95.       - traefik.tcp.routers.jenkins-agent.rule=HostSNI(`*`)
    96. 

  96.       - traefik.tcp.routers.jenkins-agent.entryPoints=jenkins-agents
    97. 

  97.       - traefik.tcp.routers.jenkins-agent.service=jenkins-agent-service
    98. 

  98.       - traefik.tcp.services.jenkins-agent-service.loadbalancer.server.port=50000
    99. 

  99. 

  100.   mattermost:
    101. 

  101.     container_name: mattermost
    102. 

  102.     depends_on:
    103. 

  103.       postgres:
    104. 

  104.         condition: service_healthy
    105. 

  105.     image: mattermost/mattermost-team-edition:release-8.1
    106. 

  106.     restart: unless-stopped
    107. 

  107.     ports:
    108. 

  108.       - "8443:8443/tcp"
    109. 

  109.       - "8443:8443/udp"
    110. 

  110.     security_opt:
    111. 

  111.       - no-new-privileges:true
    112. 

  112.     pids_limit: 200
    113. 

  113.     read_only: false
    114. 

  114.     tmpfs:
    115. 

  115.       - /tmp
    116. 

  116.     volumes:
    117. 

  117.       - mattermost-config:/mattermost/config:rw
    118. 

  118.       - mattermost-data:/mattermost/data:rw
    119. 

  119.       - mattermost-logs:/mattermost/logs:rw
    120. 

  120.       - mattermost-plugins:/mattermost/plugins:rw
    121. 

  121.       - mattermost-client-plugins:/mattermost/client/plugins:rw
    122. 

  122.       - mattermost-bleve-indexes:/mattermost/bleve-indexes:rw
    123. 

  123.     environment:
    124. 

  124.       TZ: ${MATTERMOST_TIMEZONE}
    125. 

  125.       MM_SQLSETTINGS_DRIVERNAME: ${MATTERMOST_DB_TYPE}
    126. 

  126.       MM_SQLSETTINGS_DATASOURCE: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10
    127. 

  127.       MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
    128. 

  128.       DOMAIN: ${MATTERMOST_HOSTNAME}
    129. 

  129.       MM_SERVICESETTINGS_SITEURL: ${MATTERMOST_URL}
    130. 

  130.       MM_SERVICESETTINGS_FORWARD80TO443: 'false'
    131. 

  131.       MATTERMOST_CONTAINER_READONLY: 'false'
    132. 

  132.     labels:
    133. 

  133.       - "traefik.enable=true"
    134. 

  134.       - "traefik.http.routers.mattermost.rule=Host(`${MATTERMOST_VIRTUAL_HOST}`) || Host(`${MATTERMOST_EXTERNAL_HOST}`)"
    135. 

  135.       - "traefik.http.routers.mattermost.tls=true"
    136. 

  136.       - "traefik.http.routers.mattermost.tls.certresolver=mymattermost"
    137. 

  137.       - "traefik.http.routers.mattermost.tls.domains[0].main=${MATTERMOST_EXTERNAL_HOST}"
    138. 

  138.       #- "traefik.http.routers.mattermost.tls.domains[1].sans=${MATTERMOST_VIRTUAL_HOST}"
    139. 

  139.       - "traefik.http.services.mattermost.loadbalancer.server.port=8065"
    140. 

  140. 

  141.   reverse-proxy:
    142. 

  142.     container_name: reverse-proxy
    143. 

  143.     # The official v3 Traefik docker image
    144. 

  144.     image: traefik:v3.0
    145. 

  145.     command:
    146. 

  146.       - "--accesslog=true"
    147. 

  147.       - "--accesslog.filePath=/var/log/traefik/access.log"
    148. 

  148.       - "--log=true"
    149. 

  149.       - "--log.filePath=/var/log/traefik/traefik.log"
    150. 

  150.       - "--log.level=info"
    151. 

  151.       - "--api.insecure=true"
    152. 

  152.       - "--providers.docker"
    153. 

  153.       # spcificare i due entrypoints per la porta 80 e per la 443 (con ssl)
    154. 

  154.       - "--entryPoints.web.address=:80"
    155. 

  155.       - "--entryPoints.websecure.address=:443"
    156. 

  156.       - "--entryPoints.jenkins-agents.address=:50000"
    157. 

  157.       - "--certificatesresolvers.mymattermost.acme.httpchallenge=true"
    158. 

  158.       - "--certificatesresolvers.mymattermost.acme.httpchallenge.entrypoint=web"
    159. 

  159.       #- "--certificatesresolvers.mymattermost.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
    160. 

  160.       - "--certificatesresolvers.mymattermost.acme.email=progettoemed@gmail.com"
    161. 

  161.       #- "--certificatesresolvers.mymattermost.acme.storage=/etc/letsencrypt/acme.json"
    162. 

  162.     restart: unless-stopped
    163. 

  163.     ports:
    164. 

  164.       # The HTTP port
    165. 

  165.       - "80:80"
    166. 

  166.       # The HTTPS port
    167. 

  167.       - "443:443"
    168. 

  168.       # The Web UI (enabled by --api.insecure=true)
    169. 

  169.       - "8080:8080"
    170. 

  170.       # The jenkins agents port
    171. 

  171.       - "50000:50000"
    172. 

  172.     volumes:
    173. 

  173.       # So that Traefik can listen to the Docker events
    174. 

  174.       - /var/run/docker.sock:/var/run/docker.sock
    175. 

  175.       # posizione standard dei file letsencrypt
    176. 

  176.       - /etc/letsencrypt:/etc/letsencrypt
    177. 

  177.       # posizione log traefik (default to console)
    178. 

  178.       - /var/log/traefik:/var/log/traefik
    179. 

  179.       # posizione file di configurazione per il log
    180. 

  180.       #- ./traefik.yml:/etc/traefik/traefik.yml
    181. 

  181. networks:
    182. 

  182.   dev_network:
    183. 

  183. 

  184. volumes:
    185. 

  185.   portainer-data:
    186. 

  186.   postgres-data:
    187. 

  187.   pgadmin-data:
    188. 

  188.   nexus-data:
    189. 

  189.   jenkins-docker-certs:
    190. 

  190.   jenkins-data:
    191. 

  191.   synapse-matrix-data:
    192. 

  192.   mattermost-config:
    193. 

  193.   mattermost-data:
    194. 

  194.   mattermost-logs:
    195. 

  195.   mattermost-plugins:
    196. 

  196.   mattermost-client-plugins:
    197. 

  197.   mattermost-bleve-indexes:
    198.