-
Notifications
You must be signed in to change notification settings - Fork 7
/
docker-compose.yml
106 lines (98 loc) · 2.74 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
version: "3"
services:
nginx:
image: nginx:1.26.0
restart: always
# container name is used internally in code - don't change it
container_name: sarthi_nginx
ports:
- "80:80"
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- ./nginx-confs:/etc/nginx/conf.d
- ./sarthi.conf:/etc/nginx/conf.d/sarthi.conf
depends_on:
- portainer
- vault
- sarthi
- grafana
sarthi:
build: .
restart: always
volumes:
# hack to bypass file resource sharing error
# not tested and no support for windows server 💩
- ./deployments:${DEPLOYMENTS_MOUNT_DIR:-/deployments}
- ./nginx-confs:${NGINX_PROXY_CONF_LOCATION:-/nginx-confs}
- /var/run/docker.sock:/var/run/docker.sock
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
DEPLOYMENTS_MOUNT_DIR: ${DEPLOYMENTS_MOUNT_DIR}
NGINX_PROXY_CONF_LOCATION: ${NGINX_PROXY_CONF_LOCATION}
ENV: ${ENV:-local}
DOMAIN_NAME: ${DOMAIN_NAME:-localhost}
VAULT_TOKEN: ${VAULT_TOKEN}
VAULT_BASE_URL: ${VAULT_BASE_URL:-http://vault:8200}
SECRET_TEXT: ${SECRET_TEXT}
depends_on:
- vault
loki:
image: grafana/loki:2.9.5
restart: always
ports:
- 127.0.0.1:3100:3100
volumes:
- ./logging-config/loki:/etc/loki
command: -config.file=/etc/loki/loki-config.yaml
depends_on:
- promtail
promtail:
image: grafana/promtail:main-8978ecf
restart: always
volumes:
- /var/log:/var/log
- ./logging-config/promtail:/etc/promtail
command: -config.file=/etc/promtail/promtail-config.yaml
grafana:
image: grafana/grafana:10.1.10-ubuntu
restart: always
volumes:
- grafana:/var/lib/grafana
- ./logging-config/grafana/dashboards:/etc/grafana/provisioning/dashboards
- ./logging-config/grafana/datasources:/etc/grafana/provisioning/datasources
depends_on:
- loki
vault:
image: hashicorp/vault:1.16
restart: always
volumes:
- ./vault/vault.json:/vault/config/vault.json
- vault-secrets:/vault/file
environment:
VAULT_ADDR: http://0.0.0.0:8200
VAULT_API_ADDR: http://0.0.0.0:8200
VAULT_ADDRESS: http://0.0.0.0:8200
cap_add:
- IPC_LOCK
command: vault server -config=/vault/config/vault.json
healthcheck:
test:
[
"CMD-SHELL",
"wget --spider http://127.0.0.1:8200/v1/sys/health || exit 1",
]
interval: 10s
timeout: 5s
retries: 3
portainer:
image: portainer/portainer-ce:2.20.2
volumes:
- portainer_data:/data
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stopped
volumes:
grafana:
portainer_data:
vault-secrets: