forked from netbox-community/netbox-docker
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathdocker-compose.override.yml
98 lines (96 loc) · 3.83 KB
/
docker-compose.override.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
version: '3.4'
volumes:
traefik-certs:
services:
# Replace database service from upstream with dummy because we are using an external database
postgres:
image: registry.suse.com/bci/bci-minimal:latest
command: "true"
entrypoint: "true"
healthcheck:
test: ["NONE"]
volumes: []
# "Real" overrides below
netbox:
env_file: /etc/opt/netbox-docker/netbox.env
build:
args:
FROM: registry.suse.com/bci/python:3.11
NETBOX_PATH: ${NETBOX_PATH}
context: .
dockerfile: Dockerfile
target: main
image: netbox:${TAG}
pull_policy: never
ports:
- 8000:8080
labels:
traefik.enable: "true"
traefik.http.routers.frontend.rule: "Host(`${NETBOX_FRONTEND_HOST}`) || Host(`${NETBOX_BACKEND_HOST}`)"
traefik.http.routers.frontend.entrypoints: web
traefik.http.routers.frontend.middlewares: https_redirect
traefik.http.routers.backendtls.rule: "Host(`${NETBOX_BACKEND_HOST}`)"
traefik.http.routers.backendtls.entrypoints: websecure
traefik.http.routers.backendtls.tls: true
traefik.http.routers.backendtls.tls.certresolver: myresolver
traefik.http.routers.frontendtls.rule: "Host(`${NETBOX_FRONTEND_HOST}`)"
traefik.http.routers.frontendtls.entrypoints: websecure
traefik.http.routers.frontendtls.tls: true
traefik.http.middlewares.https_redirect.redirectscheme.scheme: https
traefik.http.middlewares.https_redirect.redirectscheme.permanent: true
traefik.http.services.frontend.loadbalancer.server.port: 8080
traefik.http.services.frontend.loadbalancer.passhostheader: true
volumes:
- /opt/netbox-data:/opt/netbox-data:ro
- /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro
- ./branding/SUSE_NetBox_Neg.svg:/opt/netbox/netbox/project-static/img/logo_netbox_bright_teal.svg:ro
- ./branding/SUSE_NetBox_Neg.svg:/opt/netbox/netbox/static/logo_netbox_bright_teal.svg:ro
- ./branding/SUSE_NetBox_Pos.svg:/opt/netbox/netbox/project-static/img/logo_netbox_dark_teal.svg:ro
- ./branding/SUSE_NetBox_Pos.svg:/opt/netbox/netbox/static/logo_netbox_dark_teal.svg:ro
- ./templates/login.html:/opt/netbox/netbox/templates/login.html
restart: unless-stopped
netbox-worker:
env_file: /etc/opt/netbox-docker/netbox.env
image: netbox:${TAG}
pull_policy: never
volumes:
- /opt/netbox-data:/opt/netbox-data:ro
- /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro
restart: unless-stopped
netbox-housekeeping:
env_file: /etc/opt/netbox-docker/netbox.env
image: netbox:${TAG}
pull_policy: never
volumes:
- /opt/netbox-data:/opt/netbox-data:ro
- /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro
restart: unless-stopped
traefik:
image: traefik:v2.8
container_name: traefik
hostname: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.caserver=${ACME_SERVER}"
- "--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}"
- "--certificatesresolvers.myresolver.acme.storage=/certs/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-certs:/certs
- /var/lib/ca-certificates/ca-bundle.pem:/etc/ssl/certs/ca-certificates.crt:ro
restart: unless-stopped
redis:
env_file: /etc/opt/netbox-docker/redis.env
restart: unless-stopped
redis-cache:
env_file: /etc/opt/netbox-docker/redis-cache.env
restart: unless-stopped