-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.deploy.yaml
102 lines (94 loc) · 3.39 KB
/
docker-compose.deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# MORE Platform
# Overrides for staging
name: more-platform${ENV_SUFFIX--test}
services:
watchtower:
image: containrrr/watchtower
restart: always
environment:
WATCHTOWER_LABEL_ENABLE: "true"
WATCHTOWER_CLEANUP: "true"
WATCHTOWER_POLL_INTERVAL: "30"
WATCHTOWER_NO_STARTUP_MESSAGE: "true"
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
- type: bind
source: /root/.docker/config.json
target: /config.json
read_only: true
autohealer:
image: willfarrell/autoheal
restart: always
environment:
AUTOHEAL_INTERVAL: 15
AUTOHEAL_START_PERIOD: 30
AUTOHEAL_DEFAULT_STOP_TIMEOUT: 15
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
ingress:
environment:
# let's-encrypt config
TRAEFIK_CERTIFICATESRESOLVERS_LE_ACME_EMAIL: "${[email protected]}"
TRAEFIK_CERTIFICATESRESOLVERS_LE_ACME_HTTPCHALLENGE_ENTRYPOINT: "web"
TRAEFIK_CERTIFICATESRESOLVERS_LE_ACME_STORAGE: "/etc/traefik/acme/acme${ENV_SUFFIX--test}.json"
ports:
- "80:80"
- "443:443"
volumes:
- type: volume
source: letsencrypt
target: /etc/traefik/acme
elastic:
deploy:
resources:
limits:
memory: 2G
reservations:
memory: 2G
study-manager-backend:
labels:
'autoheal': 'true'
'com.centurylinklabs.watchtower.enable': "true"
'traefik.http.routers.studymanager-backend.rule': "Host(`studymanager.platform${ENV_SUFFIX--test}.more.redlink.io`) && (PathPrefix(`/api`) || PathPrefix(`/kibana`) || PathPrefix(`/oauth2`) || PathPrefix(`/login`))"
'traefik.http.routers.studymanager-backend.tls.certResolver': 'le'
environment:
FIREBASE_SETTINGS: 'file:/data/secrets/firebase-settings.json'
MORE_FE_TITLE: "MORE '${ENV-test}' Studymanager"
volumes:
- type: bind
source: ./secrets
target: /data/secrets
read_only: true
study-manager-frontend:
labels:
'autoheal': 'true'
'com.centurylinklabs.watchtower.enable': "true"
'traefik.http.routers.studymanager-frontend.rule': "Host(`studymanager.platform${ENV_SUFFIX--test}.more.redlink.io`)"
'traefik.http.routers.studymanager-frontend.tls.certResolver': 'le'
data-gateway:
labels:
'autoheal': 'true'
'com.centurylinklabs.watchtower.enable': "true"
'traefik.http.routers.dsb-gateway.rule': "Host(`data.platform${ENV_SUFFIX--test}.more.redlink.io`)"
'traefik.http.routers.dsb-gateway.tls.certResolver': 'le'
kibana:
labels:
'traefik.http.routers.kibana.rule': "Host(`kibana.platform${ENV_SUFFIX--test}.more.redlink.io`)"
'traefik.http.routers.kibana.tls.certResolver': 'le'
healthcheck:
disable: true #Overwriting the healthcheck does not work, so just disable it...
environment:
SERVER_PUBLICBASEURL: https://kibana.platform${ENV_SUFFIX--test}.more.redlink.io/kibana
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: a7a6311933d3503b89bc2dbc36572c33a6c10925682e591bffcab6911c06786d
SERVER_BASEPATH: /kibana
SERVER_REWRITEBASEPATH: "true"
limesurvey:
labels:
'traefik.http.routers.limesurvey.rule': "Host(`lime.platform${ENV_SUFFIX--test}.more.redlink.io`)"
'traefik.http.routers.limesurvey.tls.certResolver': 'le'
volumes:
letsencrypt: