-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
150 lines (141 loc) · 4.92 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
version: "3.9"
services:
nginx:
container_name: sandbox_manager_nginx
image: ghcr.io/serdcebolit/nginx:latest
restart: always
networks:
- main_proxy_sandbox_network
- local_network
depends_on:
- backend
volumes:
- ./www:/home/bitrix/www
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx-sandboxmanager.rule=Host(`${SITE_HOST}`)"
- "traefik.http.routers.nginx-sandboxmanager.middlewares=https-only,auth"
- "traefik.http.routers.nginx-sandboxmanager.entrypoints=websecure"
- "traefik.http.routers.nginx-sandboxmanager.tls=true"
- "traefik.http.routers.nginx-sandboxmanager.tls.certresolver=mainresolver"
- "traefik.http.routers.nginx-sandboxmanager2.rule=Host(`${SITE_HOST}`)"
- "traefik.http.routers.nginx-sandboxmanager2.priority=2"
- "traefik.http.routers.nginx-sandboxmanager2.middlewares=secured"
- "traefik.http.routers.nginx-sandboxmanager2.entrypoints=websecure"
- "traefik.http.routers.nginx-sandboxmanager2.tls=true"
- "traefik.http.routers.nginx-sandboxmanager2.tls.certresolver=mainresolver"
- "traefik.http.routers.nginx-sandboxmanager3.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.nginx-sandboxmanager3.priority=1"
- "traefik.http.routers.nginx-sandboxmanager3.entrypoints=websecure"
- "traefik.http.routers.nginx-sandboxmanager3.middlewares=error-pages-middleware"
- "traefik.http.routers.nginx-sandboxmanager3.tls=true"
- "traefik.http.routers.nginx-sandboxmanager3.tls.certresolver=mainresolver"
- "traefik.http.middlewares.error-pages-middleware.errors.status=404"
- "traefik.http.middlewares.error-pages-middleware.errors.service=nginx-sandbox-manager"
- "traefik.http.middlewares.error-pages-middleware.errors.query=/404/"
backend:
container_name: sandbox_manager_httpd
image: ghcr.io/serdcebolit/sandbox_docker_manager_httpd:latest
restart: always
networks:
- local_network
- main_proxy_sshproxy
depends_on:
- mysql
- socket_proxy
volumes:
- ./www:/home/bitrix/www
- ${SSHPIPER_VOLUME}:/home/bitrix/sshpiper
- "${SANDBOXES_ROOT_PATH}:${SANDBOXES_ROOT_PATH}"
- "${SANDBOX_DOCKER_ENV_PATH}:/home/bitrix/sandbox_docker_env:ro"
- ./httpd/crontab.cfg:/root/crontab.cfg
- backend_cron:/var/spool/cron
environment:
- SITE_HOST=${SITE_HOST}
- SSH_PASSWORD=${SSH_PASSWORD}
- DB_HOST=${DB_HOST}
- DB_LOGIN=${DB_LOGIN}
- DB_PASSWORD=${DB_PASSWORD}
- DB_NAME=${DB_NAME}
- CONTAINERS_ENV=${CONTAINERS_ENV}
- SMTP_HOST=${SMTP_HOST}
- SMTP_LOGIN=${SMTP_LOGIN}
- SMTP_PASSWORD=${SMTP_PASSWORD}
- SMTP_PORT=${SMTP_PORT}
- SMTP_FROM_NAME=${SMTP_FROM_NAME}
- MAIN_DOMAIN=${MAIN_DOMAIN}
- TRAEFIK_BASEURL=${TRAEFIK_BASEURL}
- TRAEFIK_LOGIN=${TRAEFIK_LOGIN}
- TREFIK_PASSWORD=${TREFIK_PASSWORD}
- SANDBOXES_ROOT_PATH=${SANDBOXES_ROOT_PATH}
- DOCKER_HOST=tcp://socket_proxy:2375
socket_proxy:
container_name: sandbox_manager_socket_proxy
image: tecnativa/docker-socket-proxy:0.1.1
privileged: true
restart: always
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
networks:
- local_network
environment:
- INFO=1
- CONTAINERS=1
- VOLUMES=1
- IMAGES=1
- NETWORKS=1
- POST=1
- BUILD=1
- SYSTEM=1
- INSPECT=1
- PLUGINS=1
mysql:
container_name: sandbox_manager_mysql
image: ghcr.io/serdcebolit/mysql:latest
restart: always
networks:
- local_network
- main_proxy_db_network
volumes:
- mysql_data:/var/lib/mysql
environment:
- MYSQL_USER=${DB_LOGIN}
- MYSQL_PASSWORD=${DB_PASSWORD}
- MYSQL_DATABASE=${DB_NAME}
- MYSQL_ROOT_PASSWORD=SuperSecretRootPASSWORD
mail:
container_name: sandbox_manager_mail
image: axllent/mailpit
restart: on-failure
networks:
- main_proxy_sandbox_network
- local_network
volumes:
- mail_data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.mail-sandboxmanager.rule=Host(`mail.${SITE_HOST}`)"
- "traefik.http.routers.mail-sandboxmanager.entrypoints=websecure"
- "traefik.http.routers.mail-sandboxmanager.middlewares=auth"
- "traefik.http.routers.mail-sandboxmanager.tls=true"
- "traefik.http.routers.mail-sandboxmanager.tls.certresolver=mainresolver"
- "traefik.http.services.mail-sandboxmanager.loadbalancer.server.port=8025"
environment:
MP_MAX_MESSAGES: 5000
MP_DATA_FILE: /data/mailpit.db
MP_SMTP_AUTH_ACCEPT_ANY: 1
MP_SMTP_AUTH_ALLOW_INSECURE: 1
volumes:
backend_cron:
mysql_data:
main_proxy_sshpiper_config:
external: true
mail_data:
networks:
local_network:
main_proxy_sshproxy:
external: true
main_proxy_sandbox_network:
external: true
main_proxy_db_network:
external: true