myos/stack/node/node.yml

113 lines
3.6 KiB
YAML

version: '3.6'
services:
consul:
build:
args:
- DOCKER_BUILD_DIR=docker/consul
context: ../..
dockerfile: docker/consul/Dockerfile
image: ${DOCKER_REPOSITORY_NODE}/consul:${DOCKER_IMAGE_TAG}
environment:
CONSUL_BIND_INTERFACE: '${DOCKER_HOST_IFACE}'
CONSUL_CLIENT_INTERFACE: '${DOCKER_HOST_IFACE}'
CONSUL_HTTP_TOKEN: '${CONSUL_CONSUL_HTTP_TOKEN}'
CONSUL_LOCAL_CONFIG: '{ "log_level": "warn"
, "enable_script_checks": true
, "acl": { "enabled": true
, "default_policy": "deny"
, "enable_token_persistence": true
, "tokens": { "master": "$CONSUL_ACL_TOKENS_MASTER"
, "agent": "$CONSUL_CONSUL_HTTP_TOKEN"
}
}
}'
hostname: ${HOSTNAME}
labels:
- SERVICE_8300_IGNORE=true
- SERVICE_8301_IGNORE=true
- SERVICE_8302_IGNORE=true
- SERVICE_8500_CHECK_HTTP=/ui
- SERVICE_8500_NAME=${COMPOSE_SERVICE_NAME}-consul-8500
- SERVICE_8500_TAGS=${CONSUL_SERVICE_8500_TAGS}
- SERVICE_8600_IGNORE=true
- SERVICE_ADDRESS=${DOCKER_HOST_INET}
network_mode: host
restart: always
volumes:
- consul:/consul/data
- /var/run/docker.sock:/var/run/docker.sock
fabio:
image: fabiolb/fabio:latest
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "$FABIO_CONSUL_HTTP_TOKEN" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
depends_on:
- consul
extra_hosts:
- consul:${DOCKER_HOST_INET}
hostname: ${HOSTNAME}
labels:
- SERVICE_80_CHECK_TCP=true
- SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-fabio-80
- SERVICE_443_CHECK_TCP=true
- SERVICE_443_NAME=${COMPOSE_SERVICE_NAME}-fabio-443
- SERVICE_9998_CHECK_TCP=true
- SERVICE_9998_NAME=${COMPOSE_SERVICE_NAME}-fabio-9998
- SERVICE_9998_TAGS=${FABIO_SERVICE_9998_TAGS}
- SERVICE_9999_IGNORE=true
ports:
- 80:80
- 443:443
- 9998
networks:
- public
restart: always
volumes:
- ssl-certs:/certs
portainer:
image: portainer/portainer:latest
labels:
- SERVICE_8000_IGNORE=true
- SERVICE_9000_CHECK_HTTP=/
- SERVICE_9000_NAME=${COMPOSE_SERVICE_NAME}-portainer-9000
- SERVICE_9000_TAGS=${PORTAINER_SERVICE_9000_TAGS}
networks:
- public
ports:
- 8000
- 9000
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer:/data
registrator:
build:
args:
- DOCKER_BUILD_DIR=docker/registrator
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
context: ../..
dockerfile: docker/registrator/Dockerfile
image: ${DOCKER_REPOSITORY_NODE}/registrator:${DOCKER_IMAGE_TAG}
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
depends_on:
- consul
environment:
- CONSUL_HTTP_TOKEN=${REGISTRATOR_CONSUL_HTTP_TOKEN}
extra_hosts:
- consul:${DOCKER_HOST_INET}
hostname: ${HOSTNAME}
network_mode: host
restart: always
volumes:
- /var/run/docker.sock:/tmp/docker.sock
volumes:
consul:
portainer:
ssl-certs:
networks:
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}