Permalink
Cannot retrieve contributors at this time
| version: '3.5' | |
| x-log-options: | |
| &log-options | |
| fluentd-address: 192.168.0.52:24224 | |
| fluentd-async-connect: 'true' | |
| fluentd-sub-second-precision: 'true' | |
| x-nfs-volume-opts: | |
| &volume-options | |
| type: nfs4 | |
| o: addr=192.168.0.52,rsize=8192,wsize=8192,timeo=15,hard,intr | |
| services: | |
| # Reverse proxy | |
| nginx: | |
| image: nginx:1.13.10 | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 32M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| #labels: | |
| # - routing-extra-hosts=viktoradam.net | |
| labels: | |
| domain.automation.signal: HUP | |
| configs: | |
| - source: nginx-main-config | |
| target: /etc/nginx/nginx.conf | |
| secrets: | |
| - source: nginx-kibana-auth | |
| target: /etc/auth-config/kibana.auth.conf | |
| volumes: | |
| - type: volume | |
| source: nginx-config | |
| target: /etc/nginx/conf.d | |
| read_only: true | |
| volume: | |
| nocopy: true | |
| - type: volume | |
| source: ssl-certs | |
| target: /etc/letsencrypt | |
| read_only: true | |
| volume: | |
| nocopy: true | |
| networks: | |
| - web | |
| ports: | |
| - 80:80 | |
| - 443:443 | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.nginx | |
| # PyGen configuration generator | |
| nginx-pygen: | |
| image: rycus86/docker-pygen | |
| command: > | |
| --template /etc/docker-pygen/templates/nginx.tmpl | |
| --target /etc/nginx/conf.d/default.conf | |
| --signal nginx HUP | |
| --interval 3 10 | |
| --swarm-manager | |
| --workers tasks.nginx-pygen-worker | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 32M | |
| labels: | |
| prometheus-job: pygen-manager-nginx | |
| prometheus-port: 9413 | |
| environment: | |
| DOCKER_HOST: tcp://docker-manager:2375 | |
| configs: | |
| - source: nginx-pygen-template | |
| target: /etc/docker-pygen/templates/nginx.tmpl | |
| volumes: | |
| - nginx-config:/etc/nginx/conf.d:nocopy | |
| networks: | |
| - default | |
| - monitoring | |
| - docker | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.pygen.manager.nginx | |
| nginx-pygen-worker: | |
| image: rycus86/docker-pygen:worker | |
| command: --manager nginx-pygen | |
| read_only: true | |
| deploy: | |
| mode: global | |
| resources: | |
| limits: | |
| memory: 32M | |
| labels: | |
| prometheus-job: pygen-worker-nginx | |
| prometheus-port: 9414 | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock:ro | |
| networks: | |
| - default | |
| - monitoring | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.pygen.worker.nginx | |
| # Blog | |
| ghost: | |
| image: ghost:1.22.8 | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 170M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| placement: | |
| constraints: | |
| - node.labels.memory == high | |
| labels: | |
| routing-host: blog.viktoradam.net | |
| routing-port: 2368 | |
| routing-max-body: 10m | |
| environment: | |
| - url=https://blog.viktoradam.net | |
| - server__host=0.0.0.0 | |
| - server__port=2368 | |
| volumes: | |
| - ghost-data:/var/lib/ghost/content/data:nocopy | |
| - ghost-images:/var/lib/ghost/content/images:nocopy | |
| - ghost-themes:/var/lib/ghost/content/themes:nocopy | |
| - ghost-apps:/var/lib/ghost/content/apps:nocopy | |
| networks: | |
| - web | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.web.blog | |
| # Demo site | |
| demo-site: | |
| image: rycus86/demo-site | |
| read_only: true | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 48M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| labels: | |
| routing-host: demo.viktoradam.net | |
| routing-port: 5000 | |
| prometheus-job: demo-site | |
| prometheus-port: 5000 | |
| environment: | |
| - HTTP_HOST=0.0.0.0 | |
| networks: | |
| - web | |
| - monitoring | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.web.demo | |
| # REST services | |
| github-proxy: | |
| image: rycus86/github-proxy | |
| read_only: true | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 48M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| labels: | |
| routing-host: api.viktoradam.net | |
| routing-context: /github | |
| routing-port: 5000 | |
| prometheus-job: github-proxy | |
| prometheus-port: 5000 | |
| secrets: | |
| - source: github-proxy-secrets | |
| target: /var/secrets/secrets.env | |
| environment: | |
| - HTTP_HOST=0.0.0.0 | |
| networks: | |
| - web | |
| - monitoring | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.github-proxy | |
| dockerhub-proxy: | |
| image: rycus86/dockerhub-proxy | |
| read_only: true | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 48M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| labels: | |
| routing-host: api.viktoradam.net | |
| routing-context: /docker | |
| routing-port: 5000 | |
| prometheus-job: dockerhub-proxy | |
| prometheus-port: 5000 | |
| secrets: | |
| - source: dockerhub-proxy-secrets | |
| target: /var/secrets/secrets.env | |
| environment: | |
| - HTTP_HOST=0.0.0.0 | |
| networks: | |
| - web | |
| - monitoring | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.dockerhub-proxy | |
| # Redirect servers | |
| redirect-server: | |
| image: rycus86/redirect-server | |
| read_only: true | |
| deploy: | |
| replicas: 1 | |
| resources: | |
| limits: | |
| memory: 32M | |
| update_config: | |
| parallelism: 1 | |
| order: start-first | |
| labels: | |
| routing-host: r.viktoradam.net | |
| routing-port: 5000 | |
| prometheus-job: redirect-server | |
| prometheus-port: 5000 | |
| secrets: | |
| - source: redirect-server-secrets | |
| target: /var/conf/redir/admin-config.yml | |
| configs: | |
| - source: redirect-server-rules | |
| target: /var/conf/redir/static-rules.yml | |
| environment: | |
| - HTTP_HOST=0.0.0.0 | |
| - RULES_DIR=/var/conf/redir | |
| - TARGET_FILE=/var/conf/rules/admin.rules | |
| volumes: | |
| - redirect-rules:/var/conf/rules:nocopy | |
| networks: | |
| - web | |
| - monitoring | |
| logging: | |
| driver: 'fluentd' | |
| options: | |
| <<: *log-options | |
| tag: app.redirect-server.r | |
| # redirect-server-www: | |
| # image: rycus86/redirect-server | |
| # read_only: true | |
| # deploy: | |
| # replicas: 1 | |
| # resources: | |
| # limits: | |
| # memory: 32M | |
| # update_config: | |
| # parallelism: 1 | |
| # order: start-first | |
| # labels: | |
| # routing-host: www.viktoradam.net | |
| # routing-port: 5000 | |
| # prometheus-job: redirect-server-www | |
| # prometheus-port: 5000 | |
| # configs: | |
| # - source: redirect-server-www | |
| # target: /var/conf/redir/static-rules.yml | |
| # environment: | |
| # - HTTP_HOST=0.0.0.0 | |
| # - RULES_DIR=/var/conf/redir | |
| # networks: | |
| # - web | |
| # - monitoring | |
| # logging: | |
| # driver: 'fluentd' | |
| # options: | |
| # <<: *log-options | |
| # tag: app.redirect-server.www | |
| configs: | |
| nginx-main-config: | |
| name: nginx-main-config-${NGINX_MAIN_CONFIG} | |
| file: ./config/nginx.main.config | |
| nginx-pygen-template: | |
| name: pygen-nginx-${NGINX_PYGEN_TEMPLATE_CONFIG} | |
| file: ./config/nginx.pygen.template.config | |
| redirect-server-rules: | |
| name: redirect-server-rules-${REDIRECT_SERVER_CONFIG} | |
| file: ./config/redirect-server.config | |
| redirect-server-www: | |
| name: redirect-server-www-${REDIRECT_SERVER_WWW_CONFIG} | |
| file: ./config/redirect-server-www.config | |
| secrets: | |
| nginx-kibana-auth: | |
| name: nginx-auth-kibana-${NGINX_KIBANA_AUTH_CONF} | |
| file: ./config/nginx.kibana.auth.conf | |
| github-proxy-secrets: | |
| name: github-proxy-secrets-${GITHUB_PROXY_SECRETS} | |
| file: ./config/github-proxy.secrets | |
| dockerhub-proxy-secrets: | |
| name: dockerhub-proxy-secrets-${DOCKERHUB_PROXY_SECRETS} | |
| file: ./config/dockerhub-proxy.secrets | |
| redirect-server-secrets: | |
| name: redirect-server-secrets-${REDIRECT_SERVER_SECRETS} | |
| file: ./config/redirect-server.secrets | |
| volumes: | |
| nginx-config: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/nginx-config | |
| ssl-certs: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/ssl-certs | |
| ghost-data: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/ghost/data | |
| ghost-images: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/ghost/images | |
| ghost-themes: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/ghost/themes | |
| ghost-apps: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/ghost/apps | |
| redirect-rules: | |
| driver: local | |
| driver_opts: | |
| <<: *volume-options | |
| device: :/redirect-rules | |
| networks: | |
| web: | |
| name: home-web | |
| external: true | |
| monitoring: | |
| name: home-monitoring | |
| external: true | |
| docker: | |
| name: home-docker | |
| external: true |