128 lines
3.9 KiB
YAML
128 lines
3.9 KiB
YAML
version: '3'
|
|
|
|
networks:
|
|
pubnet:
|
|
external: false
|
|
|
|
volumes:
|
|
traefik_acme:
|
|
traefik_logs:
|
|
|
|
services:
|
|
justice:
|
|
image: "traefik:v2.2"
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
environment:
|
|
DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}"
|
|
networks:
|
|
pubnet:
|
|
volumes:
|
|
- "/home/josiah/apps/letsencrypt/:/letsencrypt"
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
- "/home/josiah/apps/traefik/traefik.yml:/etc/traefik/traefik.yml"
|
|
- traefik_logs:/log
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.edge.rule=hostregexp(`{host:.+}`)"
|
|
- "traefik.http.routers.edge.entrypoints=web"
|
|
- "traefik.http.routers.edge.middlewares=redirect-to-https"
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
|
deploy:
|
|
mode: global
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
|
|
|
|
smokeping:
|
|
image: lscr.io/linuxserver/smokeping:latest
|
|
networks:
|
|
pubnet:
|
|
environment:
|
|
- PUID=1000
|
|
- PGID=1000
|
|
- TZ=America/Chicago
|
|
volumes:
|
|
- /home/josiah/apps/smokeping/config/:/config
|
|
- /home/josiah/apps/smokeping/data:/data
|
|
restart: unless-stopped
|
|
labels:
|
|
# global rules
|
|
- "traefik.enable=true"
|
|
# the web ui
|
|
- "traefik.http.routers.smokeping.rule=Host(`monitor.awful.club`)"
|
|
- "traefik.http.routers.smokeping.entrypoints=websecure"
|
|
- "traefik.http.routers.smokeping.tls=true"
|
|
- "traefik.http.routers.smokeping.tls.certresolver=awful-letsencrypt"
|
|
|
|
overseerr:
|
|
image: lscr.io/linuxserver/overseerr:latest
|
|
networks:
|
|
pubnet:
|
|
environment:
|
|
- PUID=1000
|
|
- PGID=1000
|
|
- TZ=America/Chicago
|
|
volumes:
|
|
- /home/josiah/apps/overseerr/config/:/config
|
|
restart: unless-stopped
|
|
labels:
|
|
# global rules
|
|
- "traefik.enable=true"
|
|
# the web ui
|
|
- "traefik.http.routers.overseerr.rule=Host(`requests.awful.club`)"
|
|
- "traefik.http.routers.overseerr.entrypoints=websecure"
|
|
- "traefik.http.routers.overseerr.tls=true"
|
|
- "traefik.http.routers.overseerr.tls.certresolver=awful-letsencrypt"
|
|
- "traefik.http.routers.overseerr.service=overseerr-web-svc"
|
|
- "traefik.http.services.overseerr-web-svc.loadbalancer.server.port=5055"
|
|
|
|
drone:
|
|
image: 'drone/drone:2'
|
|
networks:
|
|
pubnet:
|
|
volumes:
|
|
- '/home/josiah/apps/drone:/data'
|
|
environment:
|
|
- "DRONE_GITEA_SERVER=https://git.awful.club"
|
|
- "DRONE_GITEA_CLIENT_ID={{ vault_drone_client_id}}"
|
|
- "DRONE_GITEA_CLIENT_SECRET={{ vault_drone_client_secret }}"
|
|
- "DRONE_RPC_SECRET={{ vault_drone_rpc_secret }}"
|
|
- "DRONE_SERVER_HOST=drone.awful.club"
|
|
- "DRONE_SERVER_PROTO=https"
|
|
labels:
|
|
# global rules
|
|
- "traefik.enable=true"
|
|
# the web ui
|
|
- "traefik.http.routers.drone.rule=Host(`drone.awful.club`)"
|
|
- "traefik.http.routers.drone.entrypoints=websecure"
|
|
- "traefik.http.routers.drone.tls=true"
|
|
- "traefik.http.routers.drone.tls.certresolver=awful-letsencrypt"
|
|
- "traefik.http.routers.drone.service=drone-web-svc"
|
|
- "traefik.http.services.drone-web-svc.loadbalancer.server.port=80"
|
|
|
|
# drone-runner-docker:
|
|
# image: 'drone/drone-runner-docker:1'
|
|
# ports:
|
|
# - '3000:3000'
|
|
# volumes:
|
|
# - '/var/run/docker.sock:/var/run/docker.sock'
|
|
# environment:
|
|
# - "DRONE_RPC_PROTO=https"
|
|
# - "DRONE_RPC_HOST=drone.awful.club"
|
|
# - "DRONE_RPC_SECRET={{ vault_drone_rpc_secret }}"
|
|
# - "DRONE_RUNNER_CAPACITY=2"
|
|
# - "DRONE_RUNNER_NAME=my-first-runner"
|
|
|
|
drone-runner-ssh:
|
|
image: drone/drone-runner-ssh
|
|
environment:
|
|
- "DRONE_RPC_PROTO=https"
|
|
- "DRONE_RPC_HOST=drone.awful.club"
|
|
- "DRONE_RPC_SECRET={{ vault_drone_rpc_secret }}"
|
|
ports:
|
|
- '3000:3000'
|
|
|