-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yaml
123 lines (122 loc) · 3.79 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# docker-compose file
version: '3'
services:
portainer:
image: ${FIRST_BASE_IMAGE}
container_name: ${STACK_NAME:-defstack}_portainer
restart: always
security_opt:
- no-new-privileges:true
ports:
- 8000:8000
- 9000:9000
- 9443:9443
networks:
- mydefaultstack
environment:
- EXAMPLE_VAR_VERBOSE=true
- CONTAINER_USERNAME=${FIRST_USERNAME:-null}
- CONTAINER_PASSWORD=${FIRST_PASSWORD:-null}
labels:
- "traefik.enable=true"
- "traefik.http.routers.portainer.tls=true"
- "traefik.http.routers.portainer.rule=Host(`portainer.${DOMAIN_NAME}`)"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/localtime:/etc/localtime:ro
- persistent_portainer_data:/data
traefik:
image: ${SECOND_BASE_IMAGE}
container_name: ${STACK_NAME:-defstack}_traefik
restart: always
networks:
- mydefaultstack
ports:
- "80:80"
- "443:443"
- "8080:8080"
- "5432:5432"
environment:
- EXAMPLE_VAR_VERBOSE=true
- CONTAINER_USERNAME=${SECOND_USERNAME:-null}
- CONTAINER_PASSWORD=${SECOND_PASSWORD:-null}
- DOMAIN_NAME=${DOMAIN_NAME}
- DOMAIN_ALT=${DOMAIN_ALT}
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN_NAME}`)"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
volumes:
- ./config/traefik_dynamic_conf.yaml:/etc/traefik/dynamic_conf.yaml:ro
- ./config/traefik_traefik.yaml:/etc/traefik/traefik.yaml:ro
- ./certs:/etc/certs:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
nginx:
image: ${THIRD_BASE_IMAGE}
container_name: ${STACK_NAME:-defstack}_nginx
restart: unless-stopped
networks:
- mydefaultstack
environment:
- EXAMPLE_VAR_VERBOSE=true
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx.tls=true"
- "traefik.http.routers.nginx.rule=Host(`nginx.${DOMAIN_NAME}`)"
volumes:
- ./site-content:/usr/share/nginx/html
pihole:
hostname: pihole.${DOMAIN_NAME}
image: ${FOURTH_BASE_IMAGE}
container_name: ${STACK_NAME:-defstack}_pihole
restart: unless-stopped
networks:
- mydefaultstack
ports:
- "53:53/tcp"
- "53:53/udp"
# - "67:67/udp" # only relevant for DHCP mode
- "8888:80"
dns:
- "9.9.9.9"
- "149.112.112.112"
- "2620:fe::fe"
- "2620:fe::9"
environment:
TZ: ${PIHOLE_TZ}
WEBPASSWORD: 'pihole'
# Pihole-DNS: e.g.,"Quad9
PIHOLE_DNS_: ${PIHOLE_DNS1};${PIHOLE_DNS2};${PIHOLE_DNS3};${PIHOLE_DNS4}
labels:
- "traefik.enable=true"
- "traefik.http.routers.pihole.tls=true"
- "traefik.http.routers.pihole.rule=Host(`pihole.${DOMAIN_NAME}`)"
- 'traefik.http.routers.pihole.entrypoints=websecure'
# - 'traefik.http.middlewares.pihole.addprefix.prefix=/admin'
- 'traefik.http.services.pihole.loadBalancer.server.port=80'
volumes:
- persistent_etc-pihole_data:/etc/pihole
- persistent_etc-dnsmasq_data:/etc/dnsmasq.d
volumes:
persistent_portainer_data:
# for new platform setup - switch false/true during first/subsequent runs
external: true
name: portainer_data
persistent_etc-pihole_data:
external: true
name: etc_pihole_data
persistent_etc-dnsmasq_data:
external: true
name: etc_dnsmasq_data
networks:
mydefaultstack:
name: mydefaultstack
driver: bridge
attachable: true
# for new platform setup - switch false/true during first/subsequent runs
external: true
labels:
- "testkey=testvalue"
- "${DOMAIN_BACKWARD-com.example}.description=My standard network"