Permalink
Cannot retrieve contributors at this time
version: '3.5' | |
x-log-options: | |
&log-options | |
fluentd-address: 192.168.0.52:24224 | |
fluentd-async-connect: 'true' | |
fluentd-sub-second-precision: 'true' | |
x-nfs-volume-opts: | |
&volume-options | |
type: nfs4 | |
o: addr=192.168.0.52,rsize=8192,wsize=8192,timeo=15,hard,intr | |
services: | |
# Reverse proxy | |
nginx: | |
image: nginx:1.13.10 | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 32M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
#labels: | |
# - routing-extra-hosts=viktoradam.net | |
labels: | |
domain.automation.signal: HUP | |
configs: | |
- source: nginx-main-config | |
target: /etc/nginx/nginx.conf | |
secrets: | |
- source: nginx-kibana-auth | |
target: /etc/auth-config/kibana.auth.conf | |
volumes: | |
- type: volume | |
source: nginx-config | |
target: /etc/nginx/conf.d | |
read_only: true | |
volume: | |
nocopy: true | |
- type: volume | |
source: ssl-certs | |
target: /etc/letsencrypt | |
read_only: true | |
volume: | |
nocopy: true | |
networks: | |
- web | |
ports: | |
- 80:80 | |
- 443:443 | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.nginx | |
# PyGen configuration generator | |
nginx-pygen: | |
image: rycus86/docker-pygen | |
command: > | |
--template /etc/docker-pygen/templates/nginx.tmpl | |
--target /etc/nginx/conf.d/default.conf | |
--signal nginx HUP | |
--interval 3 10 | |
--swarm-manager | |
--workers tasks.nginx-pygen-worker | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 32M | |
labels: | |
prometheus-job: pygen-manager-nginx | |
prometheus-port: 9413 | |
environment: | |
DOCKER_HOST: tcp://docker-manager:2375 | |
configs: | |
- source: nginx-pygen-template | |
target: /etc/docker-pygen/templates/nginx.tmpl | |
volumes: | |
- nginx-config:/etc/nginx/conf.d:nocopy | |
networks: | |
- default | |
- monitoring | |
- docker | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.pygen.manager.nginx | |
nginx-pygen-worker: | |
image: rycus86/docker-pygen:worker | |
command: --manager nginx-pygen | |
read_only: true | |
deploy: | |
mode: global | |
resources: | |
limits: | |
memory: 32M | |
labels: | |
prometheus-job: pygen-worker-nginx | |
prometheus-port: 9414 | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock:ro | |
networks: | |
- default | |
- monitoring | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.pygen.worker.nginx | |
# Blog | |
ghost: | |
image: ghost:1.22.8 | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 170M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
placement: | |
constraints: | |
- node.labels.memory == high | |
labels: | |
routing-host: blog.viktoradam.net | |
routing-port: 2368 | |
routing-max-body: 10m | |
environment: | |
- url=https://blog.viktoradam.net | |
- server__host=0.0.0.0 | |
- server__port=2368 | |
volumes: | |
- ghost-data:/var/lib/ghost/content/data:nocopy | |
- ghost-images:/var/lib/ghost/content/images:nocopy | |
- ghost-themes:/var/lib/ghost/content/themes:nocopy | |
- ghost-apps:/var/lib/ghost/content/apps:nocopy | |
networks: | |
- web | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.web.blog | |
# Demo site | |
demo-site: | |
image: rycus86/demo-site | |
read_only: true | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 48M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
labels: | |
routing-host: demo.viktoradam.net | |
routing-port: 5000 | |
prometheus-job: demo-site | |
prometheus-port: 5000 | |
environment: | |
- HTTP_HOST=0.0.0.0 | |
networks: | |
- web | |
- monitoring | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.web.demo | |
# REST services | |
github-proxy: | |
image: rycus86/github-proxy | |
read_only: true | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 48M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
labels: | |
routing-host: api.viktoradam.net | |
routing-context: /github | |
routing-port: 5000 | |
prometheus-job: github-proxy | |
prometheus-port: 5000 | |
secrets: | |
- source: github-proxy-secrets | |
target: /var/secrets/secrets.env | |
environment: | |
- HTTP_HOST=0.0.0.0 | |
networks: | |
- web | |
- monitoring | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.github-proxy | |
dockerhub-proxy: | |
image: rycus86/dockerhub-proxy | |
read_only: true | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 48M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
labels: | |
routing-host: api.viktoradam.net | |
routing-context: /docker | |
routing-port: 5000 | |
prometheus-job: dockerhub-proxy | |
prometheus-port: 5000 | |
secrets: | |
- source: dockerhub-proxy-secrets | |
target: /var/secrets/secrets.env | |
environment: | |
- HTTP_HOST=0.0.0.0 | |
networks: | |
- web | |
- monitoring | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.dockerhub-proxy | |
# Redirect servers | |
redirect-server: | |
image: rycus86/redirect-server | |
read_only: true | |
deploy: | |
replicas: 1 | |
resources: | |
limits: | |
memory: 32M | |
update_config: | |
parallelism: 1 | |
order: start-first | |
labels: | |
routing-host: r.viktoradam.net | |
routing-port: 5000 | |
prometheus-job: redirect-server | |
prometheus-port: 5000 | |
secrets: | |
- source: redirect-server-secrets | |
target: /var/conf/redir/admin-config.yml | |
configs: | |
- source: redirect-server-rules | |
target: /var/conf/redir/static-rules.yml | |
environment: | |
- HTTP_HOST=0.0.0.0 | |
- RULES_DIR=/var/conf/redir | |
- TARGET_FILE=/var/conf/rules/admin.rules | |
volumes: | |
- redirect-rules:/var/conf/rules:nocopy | |
networks: | |
- web | |
- monitoring | |
logging: | |
driver: 'fluentd' | |
options: | |
<<: *log-options | |
tag: app.redirect-server.r | |
# redirect-server-www: | |
# image: rycus86/redirect-server | |
# read_only: true | |
# deploy: | |
# replicas: 1 | |
# resources: | |
# limits: | |
# memory: 32M | |
# update_config: | |
# parallelism: 1 | |
# order: start-first | |
# labels: | |
# routing-host: www.viktoradam.net | |
# routing-port: 5000 | |
# prometheus-job: redirect-server-www | |
# prometheus-port: 5000 | |
# configs: | |
# - source: redirect-server-www | |
# target: /var/conf/redir/static-rules.yml | |
# environment: | |
# - HTTP_HOST=0.0.0.0 | |
# - RULES_DIR=/var/conf/redir | |
# networks: | |
# - web | |
# - monitoring | |
# logging: | |
# driver: 'fluentd' | |
# options: | |
# <<: *log-options | |
# tag: app.redirect-server.www | |
configs: | |
nginx-main-config: | |
name: nginx-main-config-${NGINX_MAIN_CONFIG} | |
file: ./config/nginx.main.config | |
nginx-pygen-template: | |
name: pygen-nginx-${NGINX_PYGEN_TEMPLATE_CONFIG} | |
file: ./config/nginx.pygen.template.config | |
redirect-server-rules: | |
name: redirect-server-rules-${REDIRECT_SERVER_CONFIG} | |
file: ./config/redirect-server.config | |
redirect-server-www: | |
name: redirect-server-www-${REDIRECT_SERVER_WWW_CONFIG} | |
file: ./config/redirect-server-www.config | |
secrets: | |
nginx-kibana-auth: | |
name: nginx-auth-kibana-${NGINX_KIBANA_AUTH_CONF} | |
file: ./config/nginx.kibana.auth.conf | |
github-proxy-secrets: | |
name: github-proxy-secrets-${GITHUB_PROXY_SECRETS} | |
file: ./config/github-proxy.secrets | |
dockerhub-proxy-secrets: | |
name: dockerhub-proxy-secrets-${DOCKERHUB_PROXY_SECRETS} | |
file: ./config/dockerhub-proxy.secrets | |
redirect-server-secrets: | |
name: redirect-server-secrets-${REDIRECT_SERVER_SECRETS} | |
file: ./config/redirect-server.secrets | |
volumes: | |
nginx-config: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/nginx-config | |
ssl-certs: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/ssl-certs | |
ghost-data: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/ghost/data | |
ghost-images: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/ghost/images | |
ghost-themes: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/ghost/themes | |
ghost-apps: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/ghost/apps | |
redirect-rules: | |
driver: local | |
driver_opts: | |
<<: *volume-options | |
device: :/redirect-rules | |
networks: | |
web: | |
name: home-web | |
external: true | |
monitoring: | |
name: home-monitoring | |
external: true | |
docker: | |
name: home-docker | |
external: true |