Guest User

docker-compose.yaml

a guest
Oct 25th, 2020
136
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. version: "3.4"
  2.  
  3. services:
  4.   traefik:
  5.     image: traefik:v2.3.2
  6.     container_name: traefik
  7.     command:
  8.    - "--api.insecure=true"
  9.     - "--providers.docker=true"
  10.     - "--providers.docker.exposedbydefault=false"
  11.     - "--entrypoints.http.address=:80"
  12.     - "--entrypoints.https.address=:443"
  13.     - --metrics=true
  14.     - --metrics.prometheus=true
  15.     - --accesslog=true
  16.     - --certificatesresolvers.myresolver.acme.email=postmaster@mydomain.com
  17.     - --certificatesresolvers.myresolver.acme.storage=/acme.json
  18.     - --certificatesresolvers.myresolver.acme.caserver=https://acme-v02.api.letsencrypt.org/directory
  19.     - --certificatesresolvers.myresolver.acme.dnschallenge=true
  20.     - --certificatesresolvers.myresolver.acme.dnschallenge.delaybeforecheck=0
  21.     - --certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare
  22.     - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers[0]=1.1.1.1:53
  23.     - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers[1]=8.8.8.8:53
  24.     environment:
  25.    - CLOUDFLARE_EMAIL=postmaster@mydomain.com
  26.     - CLOUDFLARE_API_KEY=mysecretapikey
  27.     ports:
  28.    - "30080:80"
  29.     - "30443:443"
  30.     - "38080:8080"
  31.     volumes:
  32.    - /var/run/docker.sock:/var/run/docker.sock:ro
  33.     - /share/docker/traefik/acme.json:/acme.json
  34.     restart: on-failure
  35.  
  36.   traefik-forward-auth:
  37.     image: thomseddon/traefik-forward-auth:2
  38.     container_name: traefik-forward-auth
  39.     environment:
  40.      - PROVIDERS_GOOGLE_CLIENT_ID=myapplication_id
  41.       - PROVIDERS_GOOGLE_CLIENT_SECRET=myapplication_secret
  42.       - SECRET=mysupersecret
  43.       - WHITELIST=****@gmail.com
  44.       - COOKIE_DOMAIN=mydomain.com
  45.     labels:
  46.      - "traefik.enable=true"
  47.       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
  48.       - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
  49.       - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
  50.  
  51.   grafana:
  52.     image: grafana/grafana:7.2.2
  53.     container_name: grafana
  54.     environment:
  55.      - GF_METRICS_ENABLED=true
  56.       - GF_AUTH_ANONYMOUS_ENABLED=true
  57.       - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
  58.       - GF_AUTH_BASIC_ENABLED=false
  59.       - GF_AUTH_DISABLE_LOGIN_FORM=true
  60.       - GF_INSTALL_PLUGINS=grafana-piechart-panel
  61.     labels:
  62.      - "traefik.enable=true"
  63.       - "traefik.http.routers.grafana.rule=Host(`grafana.mydomain.com`)"
  64.       - "traefik.http.routers.grafana.entrypoints=http,https"
  65.       - "traefik.http.routers.grafana.middlewares=traefik-forward-auth"
  66.       - traefik.http.routers.grafana.tls=true
  67.       - traefik.http.routers.grafana.tls.certresolver=myresolver
  68.     volumes:
  69.        - /share/docker/grafana:/var/lib/grafana
  70.     restart: on-failure
  71.  
  72.   prometheus:
  73.     image: prom/prometheus:v2.22.0
  74.     container_name: prometheus
  75.     command:
  76.      - "--config.file=/etc/prometheus/prometheus.yml"
  77.       - "--storage.tsdb.path=/prometheus"
  78.       - --storage.tsdb.retention.time=30d
  79.       - "--web.console.libraries=/usr/share/prometheus/console_libraries"
  80.       - "--web.console.templates=/usr/share/prometheus/consoles"
  81.     labels:
  82.      - "traefik.enable=true"
  83.       - "traefik.http.routers.prometheus.rule=Host(`prometheus.mydomain.com`)"
  84.       - "traefik.http.routers.prometheus.entrypoints=http,https"
  85.       - "traefik.http.routers.prometheus.middlewares=traefik-forward-auth"
  86.       - traefik.http.routers.prometheus.tls=true
  87.       - traefik.http.routers.prometheus.tls.certresolver=myresolver
  88.     volumes:
  89.        - /share/docker/prometheus/datas:/prometheus
  90.         - /share/docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
  91.         - /share/docker/prometheus/rules:/etc/prometheus/rules
  92.     restart: on-failure
  93.  
  94.   node_exporter:
  95.     image: prom/node-exporter:v1.0.1
  96.     container_name: node-exporter
  97.     restart: on-failure
  98.  
  99.   alertmanager:
  100.     image: prom/alertmanager:v0.21.0
  101.     container_name: alertmanager
  102.     labels:
  103.      - "traefik.enable=true"
  104.       - "traefik.http.routers.alertmanager.rule=Host(`alertmanager.mydomain.com`)"
  105.       - "traefik.http.routers.alertmanager.entrypoints=http,https"
  106.       - "traefik.http.routers.alertmanager.middlewares=traefik-forward-auth"
  107.       - traefik.http.routers.alertmanager.tls=true
  108.       - traefik.http.routers.alertmanager.tls.certresolver=myresolver
  109.     restart: on-failure
  110.  
  111.   cadvisor:
  112.     image: gcr.io/google-containers/cadvisor:v0.36.0
  113.     container_name: cadvisor
  114.     volumes:
  115.    - /:/rootfs:ro
  116.     - /var/run:/var/run:rw
  117.     - /sys:/sys:ro
  118.     - /var/lib/docker/:/var/lib/docker:ro
  119.     restart: on-failure
RAW Paste Data