-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathdocker-compose.yml
155 lines (145 loc) · 5.29 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
version: '3'
# See https://docs.docker.com/compose/overview/ for more information.
# If you make changes to this file or any related files, apply them by
# navigating to the directory that holds this file and run this as root:
# docker-compose down; docker-compose up -d
# Create two networks: one for front-end containers that we'll make
# publicly accessible to the internet, and one for private back-end.
networks:
frontend:
backend:
# Create persistent Docker volumes to preserve important data.
# We don't want our data to be lost when restarting containers.
volumes:
vol-huginn-db:
# Create our containers.
services:
# Traefik is a reverse proxy. It handles SSL and passes traffic to
# Docker containers via rules you define in docker-compose labels.
# Its dashboard is at http://example.com/traefik/ (behind a login).
traefik:
# https://hub.docker.com/_/traefik/
image: traefik:latest
command: --api --docker --acme.email="${ACME_EMAIL}"
restart: always
networks:
- backend
- frontend
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Access to Docker
- ./traefik.toml:/traefik.toml # Traefik configuration
- ./acme.json:/acme.json # SSL certificates
ports:
# Map port 80 and 443 on the host to this container.
- "80:80"
- "443:443"
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${TRAEFIK_DOMAINS}; PathPrefixStrip:/traefik"
- "traefik.port=8080"
- "traefik.protocol=http"
# Remove next line to disable login prompt for the dashboard.
- "traefik.frontend.auth.basic=${BASIC_AUTH}"
# Watchtower detects if any linked containers have an new image
# available, automatically updating & restarting them if needed.
watchtower:
# https://hub.docker.com/r/centurylink/watchtower/
image: v2tec/watchtower:latest
# https://github.com/v2tec/watchtower#options
# This schedule applies updates (if available) at midnight.
command: --cleanup --schedule "0 0 0 * * *"
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
huginn-db:
# https://hub.docker.com/_/mariadb/
# Specify 10.3 as we only want watchtower to apply minor updates
# (eg, 10.3.1) and not major updates (eg, 10.4).
image: mariadb:10.3
restart: always
networks:
- backend
volumes:
# Ensure the database persists between restarts.
- vol-huginn-db:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: ${HUGINN_DB_ROOT_PASSWORD}
MYSQL_DATABASE: ${HUGINN_DB_NAME}
MYSQL_USER: ${HUGINN_DB_USER}
MYSQL_PASSWORD: ${HUGINN_DB_PASSWORD}
# The main application, visble through Traefik.
huginn:
# https://hub.docker.com/hugin/hugin/
image: huginn/huginn
depends_on:
- huginn-db
restart: always
networks:
- frontend
- backend
environment:
# Don't create the default "admin" user with password "password".
DO_NOT_SEED: "true"
# Database configuration
MYSQL_PORT_3306_TCP_ADDR: huginn-db
MYSQL_ROOT_PASSWORD: ${HUGINN_DB_ROOT_PASSWORD}
HUGINN_DATABASE_NAME: ${HUGINN_DB_NAME}
HUGINN_DATABASE_USERNAME: ${HUGINN_DB_USER}
HUGINN_DATABASE_PASSWORD: ${HUGINN_DB_PASSWORD}
DATABASE_ENCODING: "utf8mb4"
# General Configuration
INVITATION_CODE: ${HUGINN_INVITATION_CODE}
TIMEZONE: ${HUGINN_TIMEZONE}
# Email Configuration
SMTP_DOMAIN: ${TRAEFIK_DOMAINS}
EMAIL_FROM_ADDRESS: ${HUGINN_EMAIL}
SMTP_USER_NAME: "none"
SMTP_PASSWORD: "none"
SMTP_SERVER: "mail"
SMTP_PORT: "25"
SMTP_AUTHENTICATION: "none"
SMTP_ENABLE_STARTTLS_AUTO: "true"
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${HUGINN_DOMAINS}"
- "traefik.port=3000"
- "traefik.protocol=http"
# Uncomment the next line to enable HSTS header.
#- "traefik.frontend.headers.STSSeconds=15768000"
# Navigate to http://example.com/phpmyadmin/ to manage your MySQL
# databases. (Don't forget the last forward slash.) Like the Traefik
# dashboard, this is behind a login prompt to help you stay secure.
phpmyadmin:
# https://hub.docker.com/r/phpmyadmin/phpmyadmin/
image: phpmyadmin/phpmyadmin:latest
depends_on:
- huginn-db
restart: always
networks:
- frontend
- backend
volumes:
# Install our own php.ini, which can be customized.
- ./php.ini:/usr/local/etc/php/php.ini
environment:
PMA_HOST: huginn-db
PMA_ABSOLUTE_URI: /phpmyadmin/
MYSQL_ROOT_PASSWORD: ${HUGINN_DB_ROOT_PASSWORD}
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${HUGINN_DOMAINS}; PathPrefixStrip:/phpmyadmin/"
- "traefik.port=80"
- "traefik.protocol=http"
# Remove the next line if you don't want a browser login prompt.
- "traefik.frontend.auth.basic=${BASIC_AUTH}"
# This allows Huginn to send email straight out of the box without
# having to rely on an external provider like SendGrid or MailGun.
# It makes an SMTP host available at the hostname "mail".
mail:
image: bytemark/smtp
restart: always
networks:
- frontend