148 lines
4.7 KiB
YAML
148 lines
4.7 KiB
YAML
version: '3.6'
|
|
|
|
services:
|
|
consul:
|
|
build:
|
|
args:
|
|
- CONSUL_VERSION=1.11.1
|
|
- DOCKER_BUILD_DIR=docker/consul
|
|
context: ../..
|
|
dockerfile: docker/consul/Dockerfile
|
|
image: ${DOCKER_REPOSITORY_NODE}/consul:${DOCKER_IMAGE_TAG}
|
|
environment:
|
|
CONSUL_BIND_INTERFACE: '${DOCKER_HOST_IFACE}'
|
|
CONSUL_CLIENT_INTERFACE: '${DOCKER_HOST_IFACE}'
|
|
CONSUL_HTTP_TOKEN: '${CONSUL_CONSUL_HTTP_TOKEN}'
|
|
CONSUL_LOCAL_CONFIG: '{ "log_level": "warn"
|
|
, "enable_script_checks": true
|
|
, "acl": { "enabled": true
|
|
, "default_policy": "deny"
|
|
, "down_policy": "extend-cache"
|
|
, "enable_token_persistence": true
|
|
, "tokens": { "initial_management": "$CONSUL_ACL_TOKENS_MASTER"
|
|
, "agent": "$CONSUL_CONSUL_HTTP_TOKEN"
|
|
}
|
|
}
|
|
}'
|
|
hostname: ${HOSTNAME}
|
|
labels:
|
|
- SERVICE_8300_IGNORE=true
|
|
- SERVICE_8301_IGNORE=true
|
|
- SERVICE_8302_IGNORE=true
|
|
- SERVICE_8500_CHECK_HTTP=/v1/health/service/consul
|
|
- SERVICE_8500_NAME=${COMPOSE_SERVICE_NAME}-consul:8500
|
|
- SERVICE_8500_TAGS=${CONSUL_SERVICE_8500_TAGS}
|
|
- SERVICE_8600_IGNORE=true
|
|
- SERVICE_ADDRESS=${DOCKER_HOST_INET}
|
|
- SERVICE_CHECK_SCRIPT=docker-healthcheck ${DOCKER_HOST_INET}
|
|
network_mode: host
|
|
restart: always
|
|
volumes:
|
|
- consul:/consul/data
|
|
- ssl-certs:/certs
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
fabio:
|
|
build:
|
|
args:
|
|
- DOCKER_BUILD_DIR=docker/fabio
|
|
- FABIO_VERSION=1.6.0
|
|
- OPERATING_SYSTEM=${OPERATING_SYSTEM}
|
|
- PROCESSOR_ARCHITECTURE=${PROCESSOR_ARCHITECTURE}
|
|
context: ../..
|
|
dockerfile: docker/fabio/Dockerfile
|
|
image: ${DOCKER_REPOSITORY_NODE}/fabio:${DOCKER_IMAGE_TAG}
|
|
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "$FABIO_CONSUL_HTTP_TOKEN" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
|
|
depends_on:
|
|
- consul
|
|
extra_hosts:
|
|
- consul:${DOCKER_HOST_INET}
|
|
hostname: ${HOSTNAME}
|
|
labels:
|
|
- SERVICE_80_CHECK_TCP=true
|
|
- SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-fabio:80
|
|
- SERVICE_443_CHECK_TCP=true
|
|
- SERVICE_443_NAME=${COMPOSE_SERVICE_NAME}-fabio:443
|
|
- SERVICE_9998_CHECK_HTTP=/routes
|
|
- SERVICE_9998_NAME=${COMPOSE_SERVICE_NAME}-fabio:9998
|
|
- SERVICE_9998_TAGS=${FABIO_SERVICE_9998_TAGS}
|
|
- SERVICE_9999_IGNORE=true
|
|
ports:
|
|
- 80:80/tcp
|
|
- 443:443/tcp
|
|
- 9998/tcp
|
|
networks:
|
|
- public
|
|
restart: always
|
|
volumes:
|
|
- ssl-certs:/certs
|
|
ipfs:
|
|
build:
|
|
args:
|
|
- DOCKER_BUILD_DIR=docker/ipfs
|
|
- IPFS_VERSION=0.13.0
|
|
context: ../..
|
|
dockerfile: docker/ipfs/Dockerfile
|
|
command: daemon --migrate=true --mount
|
|
cap_add:
|
|
- SYS_ADMIN
|
|
devices:
|
|
- /dev/fuse:/dev/fuse
|
|
environment:
|
|
- IPFS_PROFILE=${IPFS_PROFILE}
|
|
image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG}
|
|
labels:
|
|
- SERVICE_4001_CHECK_TCP=true
|
|
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:4001
|
|
- SERVICE_5001_CHECK_TCP=true
|
|
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:5001
|
|
- SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
|
|
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs:8080
|
|
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS}
|
|
- SERVICE_8081_IGNORE=true
|
|
networks:
|
|
- public
|
|
ports:
|
|
- 4001:4001
|
|
- 5001/tcp
|
|
- 8080/tcp
|
|
security_opt:
|
|
- apparmor:unconfined
|
|
ulimits:
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
volumes:
|
|
- ipfs:/data/ipfs
|
|
restart: always
|
|
registrator:
|
|
build:
|
|
args:
|
|
- DOCKER_BUILD_DIR=docker/registrator
|
|
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
|
|
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
|
|
context: ../..
|
|
dockerfile: docker/registrator/Dockerfile
|
|
image: ${DOCKER_REPOSITORY_NODE}/registrator:${DOCKER_IMAGE_TAG}
|
|
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
|
|
depends_on:
|
|
- consul
|
|
environment:
|
|
- CONSUL_HTTP_TOKEN=${REGISTRATOR_CONSUL_HTTP_TOKEN}
|
|
extra_hosts:
|
|
- consul:${DOCKER_HOST_INET}
|
|
hostname: ${HOSTNAME}
|
|
network_mode: host
|
|
restart: always
|
|
volumes:
|
|
- /var/run/docker.sock:/tmp/docker.sock
|
|
|
|
volumes:
|
|
consul:
|
|
ipfs:
|
|
ssl-certs:
|
|
|
|
networks:
|
|
public:
|
|
external: true
|
|
name: ${DOCKER_NETWORK_PUBLIC}
|