-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcontrol-stack.yml
160 lines (153 loc) · 3.44 KB
/
control-stack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
version: '3.7'
services:
shepherd:
image: containrrr/shepherd
environment:
TZ: 'Europe/Paris'
SLEEP_TIME: '5m'
FILTER_SERVICES: label=shop.unchained.box.autoupdate
IMAGE_AUTOCLEAN_LIMIT: '5'
ROLLBACK_ON_FAILURE: 'true'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
deploy:
replicas: 1
update_config:
delay: 0s
order: start-first
restart_policy:
condition: any
delay: 5s
resources:
reservations:
memory: 128M
cpus: "0.1"
limits:
memory: 256M
cpus: "0.2"
wstunnel-client:
image: ghcr.io/erebe/wstunnel:v7.8.2
hostname: wstunnel-client
networks:
- control
command: ./wstunnel client --connection-min-idle 3 --tls-verify-certificate -L tcp://0.0.0.0:2222:unbox-site:22 wss://unbox-connect.unchained.wtf
logging:
driver: json-file
options:
max-file: 5
max-size: 10m
deploy:
replicas: 1
update_config:
delay: 0s
order: start-first
restart_policy:
condition: any
delay: 5s
resources:
reservations:
memory: 128M
cpus: "0.1"
limits:
memory: 256M
cpus: "0.2"
traefik:
image: traefik:v2.9
hostname: traefik
networks:
- traefik
- control
configs:
- source: traefik_dynamic_config
target: /etc/traefik/dynamic.yml
- source: traefik_static_config
target: /etc/traefik/static.yml
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
command:
- "--configFile=/etc/traefik/static.yml"
ports:
- target: 80
published: 80
protocol: tcp
mode: host
logging:
options:
max-file: 5
max-size: 10m
healthcheck:
test: traefik healthcheck --ping
deploy:
replicas: 1
update_config:
parallelism: 1
delay: 30s
order: stop-first
restart_policy:
condition: any
delay: 1s
resources:
reservations:
memory: 128M
cpus: "0.1"
limits:
memory: 256M
cpus: "0.2"
ssh-tunnel:
image: jnovack/autossh:2.0.1
hostname: ssh-tunnel
environment:
- SSH_REMOTE_USER=root
- SSH_REMOTE_HOST=wstunnel-client
- SSH_REMOTE_PORT=2222
- SSH_BIND_IP=0.0.0.0
- SSH_TUNNEL_PORT=3000
- SSH_TARGET_HOST=traefik
- SSH_TARGET_PORT=80
- SSH_MODE=-R
networks:
- control
secrets:
- source: client-key
target: /id_rsa
mode: 0600
logging:
driver: json-file
options:
max-file: 5
max-size: 10m
deploy:
replicas: 1
update_config:
delay: 0s
order: start-first
restart_policy:
condition: any
delay: 5s
resources:
reservations:
memory: 128M
cpus: "0.1"
limits:
memory: 256M
cpus: "0.2"
configs:
client-key-pub:
name: client-pub-20231030-6
file: ./id_rsa.pub
traefik_dynamic_config:
name: traefik-dynamic-config-20220926
file: ./traefik-dynamic.yml
traefik_static_config:
name: traefik-static-config-20220804
file: ./traefik-static.yml
secrets:
client-key:
name: client-20231030-6
file: ./id_rsa
networks:
control:
name: control
traefik:
name: traefik
attachable: true