Skip to content

Instantly share code, notes, and snippets.

@pirate

pirate/docker-compose.yml

Last active Oct 14, 2020
Embed
What would you like to do?
Example sidecar ingress containers for argo, wireguard, tailscale, letsencrypt, caddy, and ssh sidecair containers
# Example docker-compose.yml for argo, wireguard, tailscale, letsencrypt, caddy, and ssh sidecair containers
version: '2.4'
services:
demo:
hostname: demo
image: nginx:alpine # Your image goes here
expose:
- 80
cpus: 2
mem_limit: 4096m
restart: on-failure
tailscale:
# https://rnorth.org/tailscale-docker/
# $ docker-compose up
# $ docker-compose exec tailscale tailscale up
# To authenticate, visit: https://login.tailscale.com/a/SOME_HEX_CODE
image: tailscale:1.0.3
build:
context: https://github.com/tailscale/tailscale.git#v1.0.3
command: tailscaled
cap_add:
- NET_ADMIN
- SYS_MODULE
network_mode: 'service:demo'
volumes:
- /dev/net/tun:/dev/net/tun
- ./data/tailscale:/var/lib
cpus: 2
mem_limit: 4096m
restart: on-failure
wireguard:
# https://hub.docker.com/r/linuxserver/wireguard
image: linuxserver/wireguard
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
cap_add:
- NET_ADMIN
- SYS_MODULE
network_mode: 'service:demo'
volumes:
- ./etc/wireguard/wg0.conf:/config/wg0.conf
cpus: 2
mem_limit: 4096m
restart: on-failure
argo:
# https://hub.docker.com/r/cloudflare/cloudflared
image: cloudflare/cloudflared
command: tunnel --no-autoupdate --retries 8 --hostname demo.zervice.io http://demo:80
network_mode: 'service:demo'
depends_on:
- demo
volumes:
# Get this cert from https://www.cloudflare.com/a/warp
- ./data/argo/cert.pem:/etc/cloudflared/cert.pem:ro
cpus: 2
mem_limit: 4096m
restart: on-failure
letsencrypt:
# https://github.com/wmnnd/nginx-certbot
image: certbot/dns-cloudflare
entrypoint: |
while true; do \
certbot certonly \
--keep-until-expiring \
--dns-cloudflare \
--dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
--domains demo.zervice.io; \
sleep 43200; \
done
volumes:
- ./etc/letsencrypt:/etc/letsencrypt
cpus: 2
mem_limit: 4096m
restart: on-failure
caddy:
# https://hub.docker.com/_/caddy
image: caddy:2-alpine
command: caddy reverse-proxy --from demo.zervice.io --to demo:80
ports:
- '80:80'
- '443:443'
cpus: 2
mem_limit: 4096m
restart: on-failure
cloudflare:
image: oznu/cloudflare-ddns:latest
environment:
- API_KEY=xxxxxxx
- ZONE=zervice.io
- SUBDOMAIN=demo
- PROXIED=true
ssh:
# https://hub.docker.com/r/linuxserver/openssh-server
image: linuxserver/openssh-server
command: ssh -N -T -R 0.0.0.0:80:demo:80 -p 44 root@demo.zervice.io
network_mode: 'service:demo'
volumes:
- ./data/keys:/root/.ssh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.