networks: traefik-public: driver: bridge services: traefik: networks: - traefik-public image: traefik:latest restart: always command: - "--api.dashboard=true" - "--api.insecure=false" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--providers.file.directory=/etc/traefik" - "--providers.file.watch=true" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--entrypoints.websecure.http.tls=true" - "--entrypoints.websecure.http.tls.certresolver=letsencrypt" - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true" - "--certificatesresolvers.letsencrypt.acme.email=robert@wellnuo.com" - "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme.json" - "--api.dashboard=true" - "--api.insecure=true" - "--entrypoints.amqp.address=:5672" - "--log.level=DEBUG" ports: - "80:80" - "443:443" - "8080:8080" # Add this line for dashboard internal access volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./traefik/config:/etc/traefik - ./traefik/acme.json:/etc/traefik/acme.json labels: - "traefik.enable=true" # Dashboard - "traefik.http.routers.dashboard.rule=Host(`traefik.eluxnetworks.net`)" - "traefik.http.routers.dashboard.service=api@internal" - "traefik.http.routers.dashboard.entrypoints=websecure" - "traefik.http.routers.dashboard.tls.certresolver=letsencrypt" - "traefik.http.routers.dashboard.middlewares=auth" - "traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$mG0yHveI$$y2hSROLHtMbuWFK4F.p2c1" nginx: build: context: ./nginx dockerfile: Dockerfile restart: always networks: - traefik-public volumes: - /home/ubuntu/www:/usr/share/nginx/html - /mnt/data/well_tests:/usr/share/nginx/html/well_tests - /mnt/data/shared:/usr/share/nginx/html/shared - /home/ubuntu/server-setup/well_mob_pwa/build:/usr/share/nginx/html/react - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro - ./nginx/conf.d:/etc/nginx/conf.d:ro - ./nginx/.htpasswd:/etc/nginx/.htpasswd:ro labels: - "traefik.enable=true" # Main website - "traefik.http.routers.nginx-web.rule=Host(`eluxnetworks.net`)" - "traefik.http.routers.nginx-web.entrypoints=websecure" - "traefik.http.routers.nginx-web.tls.certresolver=letsencrypt" # React app - "traefik.http.routers.nginx-react.rule=Host(`react.eluxnetworks.net`)" - "traefik.http.routers.nginx-react.entrypoints=websecure" - "traefik.http.routers.nginx-react.tls.certresolver=letsencrypt" - "traefik.http.middlewares.security-headers.headers.stsSeconds=31536000" - "traefik.http.middlewares.security-headers.headers.forceSTSHeader=true" - "traefik.http.routers.nginx-web.middlewares=security-headers" - "traefik.http.routers.nginx-react.middlewares=security-headers" - "traefik.http.services.nginx-react.loadbalancer.server.port=80" rabbitmq: networks: - traefik-public user: "999:65534" image: rabbitmq:3.13-management restart: always hostname: "rabbitmq" # Add this line environment: - RABBITMQ_DEFAULT_USER=admin - RABBITMQ_DEFAULT_PASS=Cbx696969! - RABBITMQ_NODENAME=rabbit@rabbitmq # Add this line - RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS=-rabbit log_levels [{connection,error}] - RABBITMQ_MNESIA_DIR=/var/lib/rabbitmq/mnesia volumes: - /mnt/data/rabbitmq:/var/lib/rabbitmq ports: - "5672:5672" # AMQP port - "15672:15672" # Management UI expose: - 5672 - 15672 labels: - "traefik.enable=true" - "traefik.http.routers.rabbitmq.rule=Host(`rabbitmq.eluxnetworks.net`)" - "traefik.http.routers.rabbitmq.entrypoints=websecure" - "traefik.http.routers.rabbitmq.tls.certresolver=letsencrypt" - "traefik.http.services.rabbitmq.loadbalancer.server.port=15672" minio: image: minio/minio:latest restart: always command: server /data --console-address ":9001" --address ":9000" environment: # Admin credentials for console login - MINIO_ROOT_USER=admin - MINIO_ROOT_PASSWORD=Cbx696969! # Access keys for API access - MINIO_ACCESS_KEY=well_pipe - MINIO_SECRET_KEY=WellNuo_2024 # Optional: Force all credentials to be set before starting - MINIO_SITE_REGION=us-east-1 - MINIO_BROWSER_REDIRECT_URL=https://minio-console.eluxnetworks.net ports: - "9000:9000" - "9001:9001" # Adding explicit port mapping for debugging volumes: - /mnt/data/minio:/data networks: - traefik-public labels: - "traefik.enable=true" # API Service - "traefik.http.routers.minio-api.rule=Host(`minio.eluxnetworks.net`)" - "traefik.http.routers.minio-api.entrypoints=websecure" - "traefik.http.routers.minio-api.tls.certresolver=letsencrypt" - "traefik.http.services.minio-api-service.loadbalancer.server.port=9000" - "traefik.http.routers.minio-api.service=minio-api-service" # Console Service - "traefik.http.routers.minio-console.rule=Host(`minio-console.eluxnetworks.net`)" - "traefik.http.routers.minio-console.entrypoints=websecure" - "traefik.http.routers.minio-console.tls.certresolver=letsencrypt" - "traefik.http.services.minio-console-service.loadbalancer.server.port=9001" - "traefik.http.routers.minio-console.service=minio-console-service" registry: image: registry:latest restart: always ports: - "5000:5000" networks: - traefik-public labels: - "traefik.enable=true" - "traefik.http.routers.registry.rule=Host(`repo.eluxnetworks.net`)" - "traefik.http.routers.registry.entrypoints=websecure" - "traefik.http.routers.registry.tls.certresolver=letsencrypt" - "traefik.http.services.registry.loadbalancer.server.port=5000" redis: image: redis:alpine restart: always networks: - traefik-public volumes: - /mnt/data/redis:/data ports: - "6379:6379" command: redis-server --appendonly yes labels: - "traefik.enable=false" # No need to expose Redis to the internet