robert/server-setup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
server-setup/docker-compose.yml
RZ_MINIX\rober 42b03fd03a Initial server setup configuration
2025-06-15 20:39:45 -07:00

174 lines
6.3 KiB
YAML
Raw Blame History

networks:
traefik-public:
driver: bridge
services:
traefik:
networks:
- traefik-public
image: traefik:latest
restart: always
command:
- "--api.dashboard=true"
- "--api.insecure=false"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.file.directory=/etc/traefik"
- "--providers.file.watch=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.websecure.http.tls=true"
- "--entrypoints.websecure.http.tls.certresolver=letsencrypt"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=robert@wellnuo.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme.json"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--entrypoints.amqp.address=:5672"
- "--log.level=DEBUG"
ports:
- "80:80"
- "443:443"
- "8080:8080" # Add this line for dashboard internal access
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/config:/etc/traefik
- ./traefik/acme.json:/etc/traefik/acme.json
labels:
- "traefik.enable=true"
# Dashboard
- "traefik.http.routers.dashboard.rule=Host(`traefik.eluxnetworks.net`)"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$mG0yHveI$$y2hSROLHtMbuWFK4F.p2c1"
nginx:
build:
context: ./nginx
dockerfile: Dockerfile
restart: always
networks:
- traefik-public
volumes:
- /home/ubuntu/www:/usr/share/nginx/html
- /mnt/data/well_tests:/usr/share/nginx/html/well_tests
- /mnt/data/shared:/usr/share/nginx/html/shared
- /home/ubuntu/server-setup/well_mob_pwa/build:/usr/share/nginx/html/react
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/conf.d:/etc/nginx/conf.d:ro
- ./nginx/.htpasswd:/etc/nginx/.htpasswd:ro
labels:
- "traefik.enable=true"
# Main website
- "traefik.http.routers.nginx-web.rule=Host(`eluxnetworks.net`)"
- "traefik.http.routers.nginx-web.entrypoints=websecure"
- "traefik.http.routers.nginx-web.tls.certresolver=letsencrypt"
# React app
- "traefik.http.routers.nginx-react.rule=Host(`react.eluxnetworks.net`)"
- "traefik.http.routers.nginx-react.entrypoints=websecure"
- "traefik.http.routers.nginx-react.tls.certresolver=letsencrypt"
- "traefik.http.middlewares.security-headers.headers.stsSeconds=31536000"
- "traefik.http.middlewares.security-headers.headers.forceSTSHeader=true"
- "traefik.http.routers.nginx-web.middlewares=security-headers"
- "traefik.http.routers.nginx-react.middlewares=security-headers"
- "traefik.http.services.nginx-react.loadbalancer.server.port=80"
rabbitmq:
networks:
- traefik-public
user: "999:65534"
image: rabbitmq:3.13-management
restart: always
hostname: "rabbitmq" # Add this line
environment:
- RABBITMQ_DEFAULT_USER=admin
- RABBITMQ_DEFAULT_PASS=Cbx696969!
- RABBITMQ_NODENAME=rabbit@rabbitmq # Add this line
- RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS=-rabbit log_levels [{connection,error}]
- RABBITMQ_MNESIA_DIR=/var/lib/rabbitmq/mnesia
volumes:
- /mnt/data/rabbitmq:/var/lib/rabbitmq
ports:
- "5672:5672" # AMQP port
- "15672:15672" # Management UI
expose:
- 5672
- 15672
labels:
- "traefik.enable=true"
- "traefik.http.routers.rabbitmq.rule=Host(`rabbitmq.eluxnetworks.net`)"
- "traefik.http.routers.rabbitmq.entrypoints=websecure"
- "traefik.http.routers.rabbitmq.tls.certresolver=letsencrypt"
- "traefik.http.services.rabbitmq.loadbalancer.server.port=15672"
minio:
image: minio/minio:latest
restart: always
command: server /data --console-address ":9001" --address ":9000"
environment:
# Admin credentials for console login
- MINIO_ROOT_USER=admin
- MINIO_ROOT_PASSWORD=Cbx696969!
# Access keys for API access
- MINIO_ACCESS_KEY=well_pipe
- MINIO_SECRET_KEY=WellNuo_2024
# Optional: Force all credentials to be set before starting
- MINIO_SITE_REGION=us-east-1
- MINIO_BROWSER_REDIRECT_URL=https://minio-console.eluxnetworks.net
ports:
- "9000:9000"
- "9001:9001" # Adding explicit port mapping for debugging
volumes:
- /mnt/data/minio:/data
networks:
- traefik-public
labels:
- "traefik.enable=true"
# API Service
- "traefik.http.routers.minio-api.rule=Host(`minio.eluxnetworks.net`)"
- "traefik.http.routers.minio-api.entrypoints=websecure"
- "traefik.http.routers.minio-api.tls.certresolver=letsencrypt"
- "traefik.http.services.minio-api-service.loadbalancer.server.port=9000"
- "traefik.http.routers.minio-api.service=minio-api-service"
# Console Service
- "traefik.http.routers.minio-console.rule=Host(`minio-console.eluxnetworks.net`)"
- "traefik.http.routers.minio-console.entrypoints=websecure"
- "traefik.http.routers.minio-console.tls.certresolver=letsencrypt"
- "traefik.http.services.minio-console-service.loadbalancer.server.port=9001"
- "traefik.http.routers.minio-console.service=minio-console-service"
registry:
image: registry:latest
restart: always
ports:
- "5000:5000"
networks:
- traefik-public
labels:
- "traefik.enable=true"
- "traefik.http.routers.registry.rule=Host(`repo.eluxnetworks.net`)"
- "traefik.http.routers.registry.entrypoints=websecure"
- "traefik.http.routers.registry.tls.certresolver=letsencrypt"
- "traefik.http.services.registry.loadbalancer.server.port=5000"
redis:
image: redis:alpine
restart: always
networks:
- traefik-public
volumes:
- /mnt/data/redis:/data
ports:
- "6379:6379"
command: redis-server --appendonly yes
labels:
- "traefik.enable=false" # No need to expose Redis to the internet
Reference in New Issue View Git Blame Copy Permalink