Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- version: "3.4"
- services:
- traefik:
- image: traefik:v2.3.2
- container_name: traefik
- command:
- - "--api.insecure=true"
- - "--providers.docker=true"
- - "--providers.docker.exposedbydefault=false"
- - "--entrypoints.http.address=:80"
- - "--entrypoints.https.address=:443"
- - --metrics=true
- - --metrics.prometheus=true
- - --accesslog=true
- - --certificatesresolvers.myresolver.acme.email=postmaster@mydomain.com
- - --certificatesresolvers.myresolver.acme.storage=/acme.json
- - --certificatesresolvers.myresolver.acme.caserver=https://acme-v02.api.letsencrypt.org/directory
- - --certificatesresolvers.myresolver.acme.dnschallenge=true
- - --certificatesresolvers.myresolver.acme.dnschallenge.delaybeforecheck=0
- - --certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare
- - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers[0]=1.1.1.1:53
- - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers[1]=8.8.8.8:53
- environment:
- - CLOUDFLARE_EMAIL=postmaster@mydomain.com
- - CLOUDFLARE_API_KEY=mysecretapikey
- ports:
- - "30080:80"
- - "30443:443"
- - "38080:8080"
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - /share/docker/traefik/acme.json:/acme.json
- restart: on-failure
- traefik-forward-auth:
- image: thomseddon/traefik-forward-auth:2
- container_name: traefik-forward-auth
- environment:
- - PROVIDERS_GOOGLE_CLIENT_ID=myapplication_id
- - PROVIDERS_GOOGLE_CLIENT_SECRET=myapplication_secret
- - SECRET=mysupersecret
- - WHITELIST=****@gmail.com
- - COOKIE_DOMAIN=mydomain.com
- labels:
- - "traefik.enable=true"
- - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
- - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
- grafana:
- image: grafana/grafana:7.2.2
- container_name: grafana
- environment:
- - GF_METRICS_ENABLED=true
- - GF_AUTH_ANONYMOUS_ENABLED=true
- - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
- - GF_AUTH_BASIC_ENABLED=false
- - GF_AUTH_DISABLE_LOGIN_FORM=true
- - GF_INSTALL_PLUGINS=grafana-piechart-panel
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.grafana.rule=Host(`grafana.mydomain.com`)"
- - "traefik.http.routers.grafana.entrypoints=http,https"
- - "traefik.http.routers.grafana.middlewares=traefik-forward-auth"
- - traefik.http.routers.grafana.tls=true
- - traefik.http.routers.grafana.tls.certresolver=myresolver
- volumes:
- - /share/docker/grafana:/var/lib/grafana
- restart: on-failure
- prometheus:
- image: prom/prometheus:v2.22.0
- container_name: prometheus
- command:
- - "--config.file=/etc/prometheus/prometheus.yml"
- - "--storage.tsdb.path=/prometheus"
- - --storage.tsdb.retention.time=30d
- - "--web.console.libraries=/usr/share/prometheus/console_libraries"
- - "--web.console.templates=/usr/share/prometheus/consoles"
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.prometheus.rule=Host(`prometheus.mydomain.com`)"
- - "traefik.http.routers.prometheus.entrypoints=http,https"
- - "traefik.http.routers.prometheus.middlewares=traefik-forward-auth"
- - traefik.http.routers.prometheus.tls=true
- - traefik.http.routers.prometheus.tls.certresolver=myresolver
- volumes:
- - /share/docker/prometheus/datas:/prometheus
- - /share/docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
- - /share/docker/prometheus/rules:/etc/prometheus/rules
- restart: on-failure
- node_exporter:
- image: prom/node-exporter:v1.0.1
- container_name: node-exporter
- restart: on-failure
- alertmanager:
- image: prom/alertmanager:v0.21.0
- container_name: alertmanager
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.alertmanager.rule=Host(`alertmanager.mydomain.com`)"
- - "traefik.http.routers.alertmanager.entrypoints=http,https"
- - "traefik.http.routers.alertmanager.middlewares=traefik-forward-auth"
- - traefik.http.routers.alertmanager.tls=true
- - traefik.http.routers.alertmanager.tls.certresolver=myresolver
- restart: on-failure
- cadvisor:
- image: gcr.io/google-containers/cadvisor:v0.36.0
- container_name: cadvisor
- volumes:
- - /:/rootfs:ro
- - /var/run:/var/run:rw
- - /sys:/sys:ro
- - /var/lib/docker/:/var/lib/docker:ro
- restart: on-failure
Add Comment
Please, Sign In to add comment