2024-11-21 12:37:24 +00:00
|
|
|
version: "3.3"
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
|
|
|
traefik:
|
|
|
|
image: "traefik:latest"
|
|
|
|
container_name: "traefik"
|
|
|
|
command:
|
2024-11-21 16:08:11 +00:00
|
|
|
# - "--log.level=DEBUG" # disable in prod
|
|
|
|
- "--api.insecure=true" # disable in prod
|
2024-11-21 12:37:24 +00:00
|
|
|
- "--providers.docker=true"
|
|
|
|
- "--providers.docker.exposedbydefault=false"
|
|
|
|
- "--providers.file.directory=/etc/traefik/dynamic_conf.d"
|
|
|
|
- "--entryPoints.https.address=:443"
|
|
|
|
- "--entryPoints.http.address=:80"
|
|
|
|
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/letsencrypt/acme.json"
|
|
|
|
- "--certificatesresolvers.letsencrypt.acme.email=infra@clps.ch"
|
|
|
|
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
|
|
|
|
volumes:
|
|
|
|
- "/home/cloud/traefik/dynamic_conf.d:/etc/traefik/dynamic_conf.d/"
|
|
|
|
- "/home/cloud/traefik/letsencrypt/acme.json:/etc/traefik/letsencrypt/acme.json"
|
|
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
|
|
restart: unless-stopped
|
|
|
|
ports:
|
|
|
|
- "80:80"
|
|
|
|
- "443:443"
|
|
|
|
- "8069:8080"
|
|
|
|
|
|
|
|
grafana:
|
|
|
|
image: "grafana/grafana:latest"
|
|
|
|
container_name: "grafana"
|
|
|
|
labels:
|
|
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.http.routers.grafana.rule=Host(`grafana.clps.ch`)"
|
|
|
|
- "traefik.http.routers.grafana.entrypoints=https"
|
|
|
|
- "traefik.http.routers.grafana.tls.certresolver=letsencrypt"
|
|
|
|
- "traefik.http.routers.grafana.tls=true"
|
|
|
|
- "traefik.http.services.grafana.loadbalancer.server.port=3000"
|
|
|
|
depends_on:
|
|
|
|
- traefik
|
2024-11-21 16:08:11 +00:00
|
|
|
restart: unless-stopped
|
|
|
|
environment:
|
|
|
|
- GF_SECURITY_ADMIN_USER=admin
|
|
|
|
- GF_SECURITY_ADMIN_PASSWORD=grafana
|
|
|
|
volumes:
|
|
|
|
- ./grafana:/etc/grafana/provisioning/datasources
|
|
|
|
|
|
|
|
prometheus:
|
|
|
|
image: "prom/prometheus:latest"
|
|
|
|
container_name: "prometheus"
|
|
|
|
command:
|
|
|
|
- '--config.file=/etc/prometheus/prometheus.yml'
|
|
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
|
|
- ./prometheus:/etc/prometheus
|
|
|
|
- prom_data:/prometheus
|
|
|
|
#labels: # We might want to reserve this interface to a closed network
|
|
|
|
# - "traefik.enable=true"
|
|
|
|
# - "traefik.http.routers.prometheus.rule=Host(`prom.clps.ch`)"
|
|
|
|
# - "traefik.http.routers.prometheus.entrypoints=https"
|
|
|
|
# - "traefik.http.routers.prometheus.tls.certresolver=letsencrypt"
|
|
|
|
# - "traefik.http.routers.prometheus.tls=true"
|
|
|
|
# - "traefik.http.services.prometheus.loadbalancer.server.port=9090"
|
|
|
|
depends_on:
|
|
|
|
- traefik
|
2024-11-21 12:37:24 +00:00
|
|
|
|
|
|
|
nextcloud:
|
|
|
|
image: "nextcloud/all-in-one:latest"
|
|
|
|
container_name: "nextcloud-aio-mastercontainer"
|
|
|
|
init: true
|
|
|
|
environment:
|
|
|
|
- "APACHE_PORT=11000"
|
|
|
|
- "APACHE_IP_BINDING=0.0.0.0"
|
|
|
|
ports:
|
2024-11-21 16:08:11 +00:00
|
|
|
- "8080:8080" # disable in prod
|
|
|
|
- "8443:8443" # disable in prod
|
2024-11-21 12:37:24 +00:00
|
|
|
volumes:
|
|
|
|
- "nextcloud_aio_mastercontainer:/mnt/docker-aio-config"
|
|
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
|
|
depends_on:
|
|
|
|
- traefik
|
|
|
|
restart: unless-stopped
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
nextcloud_aio_mastercontainer:
|
2024-11-21 16:08:11 +00:00
|
|
|
prom_data:
|