forked from TampereHacklab/mulysa
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
91 lines (84 loc) · 2.84 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
version: '3'
services:
db:
image: mariadb:10.8
container_name: db
restart: always
env_file:
- mulysa-environment.env
volumes:
- "./data/db:/var/lib/mysql:z"
nginx:
image: nginx:1.23.1-alpine
restart: always
container_name: nginx
volumes:
- ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf:ro
- static_files:/code/static/
depends_on:
- mulysa
labels:
- "traefik.enable=true"
# our service is named mulysa and it is on port 8000
- "traefik.http.services.nginxmulysa.loadbalancer.server.port=80"
# router listens only on this host
- "traefik.http.routers.nginxmulysa.rule=Host(`my.tampere.hacklab.fi`)"
# listen on websecure entrypoint
- "traefik.http.routers.nginxmulysa.entrypoints=websecure"
# use le for tls
- "traefik.http.routers.nginxmulysa.tls.certresolver=myhttpchallenge"
# defined middleware for redirects
- "traefik.http.middlewares.nginxmulysa-redirect-web-secure.redirectscheme.scheme=https"
# listen on web also and use the middlware to do the redirect
- "traefik.http.routers.nginxmulysa-redir.rule=host(`my.tampere.hacklab.fi`)"
- "traefik.http.routers.nginxmulysa-redir.entrypoints=web"
- "traefik.http.routers.nginxmulysa-redir.middlewares=nginxmulysa-redirect-web-secure"
mulysa:
build: .
restart: always
container_name: mulysa
env_file:
- mulysa-environment.env
depends_on:
- db
volumes:
- static_files:/code/static/
proxy:
image: "traefik:v2.8.1"
restart: always
container_name: proxy
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
# two entrypoints, web and websecure
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
# define lets encrypt tls resolver
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myhttpchallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myhttpchallenge.acme.email=postmaster@tampere.hacklab.fi"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
volumes:
- "./data/letsencrypt:/letsencrypt:z"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
ports:
- "80:80"
- "443:443"
- "8080:8080"
depends_on:
- mulysa
- nginx
ofelia:
image: 'mcuadros/ofelia:latest'
container_name: ofelia
volumes:
- "./ofelia.ini:/etc/ofelia/config.ini"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
depends_on:
- mulysa
restart: always
volumes:
static_files: