Env:
CONFIGS=/srv/config
EMAIL=squizduos@gmail.com
DOMAIN=sqds.me
RESTARTS=unless-stopped
version: '3' | |
networks: | |
web: | |
external: true | |
volumes: | |
ide-config: | |
external: true | |
ide-data: | |
external: true | |
services: | |
ide: | |
image: codercom/code-server:v2 | |
container_name: ide | |
command: --auth none --disable-telemetry | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
volumes: | |
- ide-config:/home/coder/.local/share/code-server | |
- ide-data:/home/coder/projects | |
- ${VOLUMES_DIR:-/var/lib/docker/volumes}:/home/coder/volumes | |
labels: | |
- traefik.enable=true | |
- traefik.frontend.rule=Host:ide.${DOMAIN:-localhost} | |
- "traefik.frontend.auth.basic=${CODE_SERVER_REPLACE}." | |
- traefik.port=8080 | |
- traefik.tags=ide | |
- traefik.docker.network=web |
version: '3' | |
networks: | |
web: | |
external: true | |
volumes: | |
registry: | |
external: true | |
services: | |
registry: | |
image: registry:2 | |
container_name: registry | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
volumes: | |
- ${CONFIGS:-/srv/config}/registry:/etc/docker/registry | |
- registry:/var/lib/registry | |
environment: | |
REGISTRY_AUTH: htpasswd | |
REGISTRY_AUTH_HTPASSWD_PATH: /etc/docker/registry/htpasswd | |
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm | |
labels: | |
- traefik.enable=true | |
- traefik.frontend.rule=Host:registry.${DOMAIN:-localhost} | |
- traefik.port=5000 | |
- traefik.tags=registry | |
- traefik.docker.network=web | |
registry_ui: | |
image: joxit/docker-registry-ui:static | |
container_name: registry_ui | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
environment: | |
- REGISTRY_URL=http://registry:5000 | |
- REGISTRY_TITLE=Squizduos Container Registry | |
- DELETE_IMAGES=true | |
labels: | |
- traefik.enable=true | |
- traefik.frontend.rule=Host:ui.registry.${DOMAIN:-localhost} | |
- traefik.port=80 | |
- traefik.tags=credentials | |
- traefik.docker.network=web |
version: 0.1 | |
log: | |
fields: | |
service: registry | |
storage: | |
delete: | |
enabled: true | |
cache: | |
blobdescriptor: inmemory | |
filesystem: | |
rootdirectory: /var/lib/registry | |
http: | |
addr: :5000 | |
headers: | |
X-Content-Type-Options: [nosniff] | |
Access-Control-Allow-Origin: ['https://ui.registry.sqds.me'] | |
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] | |
Access-Control-Allow-Headers: ['Authorization'] | |
Access-Control-Max-Age: [1728000] | |
Access-Control-Allow-Credentials: [true] | |
Access-Control-Expose-Headers: ['Docker-Content-Digest'] |
# Traefik will listen for traffic on both HTTP and HTTPS. | |
defaultEntryPoints = ["http", "https"] | |
# Network traffic will be entering our Docker network on the usual web ports | |
# (ie, 80 and 443), where Traefik will be listening. | |
[entryPoints] | |
[entryPoints.dashboard] | |
address = ":8080" | |
[entryPoints.dashboard.auth] | |
[entryPoints.dashboard.auth.basic] | |
usersFile = "htpasswd" | |
[entryPoints.http] | |
address = ":80" | |
# Uncomment the following two lines to redirect HTTP to HTTPS. | |
[entryPoints.http.redirect] | |
entryPoint = "https" | |
[entryPoints.https] | |
address = ":443" | |
[entryPoints.https.tls] | |
# These options are for Traefik's integration with Docker. | |
[docker] | |
endpoint = "unix:///var/run/docker.sock" | |
watch = true | |
exposedByDefault = false | |
network = "web" | |
[api] | |
entryPoint = "dashboard" | |
[acme] | |
storage = "acme.json" | |
onHostRule = true | |
entryPoint = "https" | |
[acme.httpChallenge] | |
entryPoint = "http" | |
[log] | |
format = "json" | |
level = "DEBUG" |
version: '3' | |
networks: | |
web: | |
external: true | |
services: | |
# Traefik is a reverse proxy. It handles SSL and passes traffic to | |
# Docker containers via rules you define in docker-compose labels. | |
# Its dashboard is at http://example.com/traefik/ (behind a login). | |
traefik: | |
image: traefik:1.7.13-alpine | |
container_name: traefik | |
# env_file: | |
# - ${CONFIGS:-/srv/config}/traefik/app.env | |
command: > | |
--acme.email="${EMAIL:-root@localhost}" | |
--acme.onhostrule | |
--acme.acmelogging | |
--docker.domain=${DOMAIN:-localhost} | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock # Access to Docker | |
- ${CONFIGS:-/srv/config}/traefik/acme.json:/acme.json # Traefik configuration | |
- ${CONFIGS:-/srv/config}/traefik/htpasswd:/htpasswd | |
- ${CONFIGS:-/srv/config}/traefik/traefik.toml:/traefik.toml | |
# - traefik:/data | |
ports: | |
# Map port 80 and 443 on the host to this container. | |
- "80:80" | |
- "443:443" | |
labels: | |
- traefik.enable=true | |
- traefik.frontend.rule=Host:traefik.${DOMAIN:-localhost} | |
- traefik.port=8080 | |
- traefik.tags=base |
version: '3' | |
networks: | |
web: | |
external: true | |
volumes: | |
vault: | |
external: true | |
services: | |
vault: | |
image: vault | |
container_name: vault | |
command: server -config=/config/config.json | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
volumes: | |
- vault:/vault | |
- ${CONFIGS:-/srv/config}/vault:/config | |
environment: | |
- VAULT_ADDR=http://0.0.0.0:8200 | |
cap_add: | |
- IPC_LOCK | |
labels: | |
- traefik.enable=true | |
- traefik.frontend.rule=Host:vault.${DOMAIN:-localhost} | |
- traefik.port=8200 | |
- traefik.tags=credentials | |
- traefik.docker.network=web |
{ | |
"backend": { | |
"file": { | |
"path": "/vault/file" | |
} | |
}, | |
"listener": { | |
"tcp":{ | |
"address": "0.0.0.0:8200", | |
"tls_disable": 1 | |
} | |
}, | |
"ui": true | |
} |
version: '3' | |
networks: | |
web: | |
external: true | |
services: | |
# Watchtower detects if any linked containers have an new image | |
# available, automatically updating & restarting them if needed. | |
watchtower: | |
image: v2tec/watchtower:latest | |
container_name: watchtower | |
command: --cleanup --interval 300 | |
restart: ${RESTARTS:-no} | |
networks: | |
- web | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
- ${CONFIGS:-/srv/config}/watchtower/config.json:/config.json |