-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproxy-only.yml
133 lines (125 loc) · 3.71 KB
/
proxy-only.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
version: '3.9'
networks:
proxy:
driver: bridge
driver_opts:
com.docker.network.driver.mtu: 1420
services:
#
# FORWARD TO BIKETRIPPLANNER SERVER
#
btp-proxy:
logging:
driver: json-file
options:
max-size: '10m'
max-file: '1'
image: nginx:stable-alpine
environment:
- DOMAIN_TILESERVER_GL=${DOMAIN_TILESERVER_GL:?}
- DOMAIN_OPENTRIPPLANNER=${DOMAIN_OPENTRIPPLANNER:?}
- DOMAIN_API=${DOMAIN_API:?}
- DOMAIN_DIGITRANSIT_UI=${DOMAIN_DIGITRANSIT_UI:?}
#
- IP_TILESERVER_GL=${IP_TILESERVER_GL:?}
- IP_OPENTRIPPLANNER=${IP_OPENTRIPPLANNER:?}
- IP_API=${IP_API:?}
- IP_DIGITRANSIT_UI=${IP_DIGITRANSIT_UI:?}
#
- VIRTUAL_HOST=${DOMAIN_TILESERVER_GL:?},${DOMAIN_OPENTRIPPLANNER:?},${DOMAIN_API:?},${DOMAIN_DIGITRANSIT_UI:?}
- VIRTUAL_PORT=80
- LETSENCRYPT_HOST=${DOMAIN_TILESERVER_GL:?},${DOMAIN_OPENTRIPPLANNER:?},${DOMAIN_API:?},${DOMAIN_DIGITRANSIT_UI:?}
volumes:
- ./default.conf.template:/etc/nginx/templates/default.conf.template:ro
networks:
- proxy
#
# REVERSE PROXY & CERTIFICATES
#
nginx-proxy:
logging:
driver: json-file
options:
max-size: '10m'
max-file: '1'
image: nginx:stable-alpine
restart: unless-stopped
ports:
- '0.0.0.0:80:80'
- '0.0.0.0:443:443'
# - '::0:80:80' # IPv6
# - '::0:443:443' # IPv6
environment:
SSL_POLICY: Mozilla-Modern
# ENABLE_IPV6: true
TRUST_DOWNSTREAM_PROXY: false
volumes:
- ./private/conf.d:/etc/nginx/conf.d
- ./private/vhost.d:/etc/nginx/vhost.d
- ./private/html:/usr/share/nginx/html
- ./private/certs:/etc/nginx/certs:ro
- ./private/httpasswd:/etc/nginx/htpasswd:ro
labels:
- 'com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy'
networks:
- proxy
docker-gen:
logging:
driver: json-file
options:
max-size: '10m'
max-file: '1'
# nginxproxy/docker-gen:latest with added nginx.tmpl
image: p1st/docker-gen:latest
command: -notify-sighup nginx-proxy -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
restart: unless-stopped
volumes:
- ./private/conf.d:/etc/nginx/conf.d
- ./private/vhost.d:/etc/nginx/vhost.d
- ./private/html:/usr/share/nginx/html
- ./private/certs:/etc/nginx/certs:ro
- ./private/httpasswd:/etc/nginx/htpasswd:ro
#
- /var/run/docker.sock:/tmp/docker.sock:ro
labels:
- 'com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen'
networks:
- proxy
acme-companion:
logging:
driver: json-file
options:
max-size: '10m'
max-file: '1'
image: nginxproxy/acme-companion
restart: unless-stopped
environment:
DEFAULT_EMAIL: ${LETS_ENCRYPT_NOTIFICATION_EMAIL:?}
volumes:
- ./private/conf.d:/etc/nginx/conf.d
- ./private/vhost.d:/etc/nginx/vhost.d
- ./private/html:/usr/share/nginx/html
- ./private/certs:/etc/nginx/certs:rw
#
- ./private/acme.sh:/etc/acme.sh
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy
depends_on:
- nginx-proxy
- docker-gen
#
# PERIODICALLY DELETE LOG FILES
#
# They contain personal information such as IP addresses.
#
docker_cron_logging:
image: busybox
volumes:
- /mnt/data/docker/containers:/docker-containers
# Daily at 04:30: Truncate docker logfiles.
command: >
sh -c "
mkdir -p /var/spool/cron/crontabs/
&& echo '30 4 * * * truncate -s 0 /docker-containers/*/*-json.log > /proc/1/fd/1 2>/proc/1/fd/2' > /var/spool/cron/crontabs/root
&& crond -f -d 8"