-
Notifications
You must be signed in to change notification settings - Fork 1
/
elaisa.yml
158 lines (148 loc) · 4.19 KB
/
elaisa.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
version: "3.5"
services:
# redis cache store
cache:
image: redis:6.0-rc1-alpine
# when you restart Redis it will re-play the AOF to rebuild the state.
# source: https://redis.io/topics/persistence
command: ["redis-server", "--appendonly", "yes"]
volumes:
- 'redis:/data/cache'
networks:
- database
# mongo database
db:
image: mongo:4.0.3
environment:
MONGO_INITDB_ROOT_USERNAME_FILE: /run/secrets/mongodb_root_username
MONGO_INITDB_ROOT_PASSWORD_FILE: /run/secrets/mongodb_root_password
secrets:
- mongodb_root_username
- mongodb_root_password
deploy:
restart_policy:
condition: any
volumes:
- 'mongodb:/data/db'
- ./init:/docker-entrypoint-initdb.d
ports:
# external:internal
- '2717:27017'
networks:
- database
# scrapy webcrawler for filling the database
crawler:
image: alexteusz/elaisa-crawler:1.0.0
deploy:
restart_policy:
condition: any
networks:
- database
# python bottle api
api:
image: alexteusz/elaisa-api:1.0.0
secrets:
- mongodb_root_username
- mongodb_root_password
deploy:
restart_policy:
condition: any
labels:
traefik.frontend.rule: 'Host:api.elaisa.org'
traefik.port: '8080'
traefik.enable: 'true'
traefik.docker.network: frontend
networks:
- frontend
- database
# reactjs web application user interface
ui:
image: alexteusz/elaisa-ui:1.0.0
deploy:
restart_policy:
condition: any
labels:
traefik.frontend.rule: 'Host:elaisa.org,www.elaisa.org'
traefik.enable: 'true'
traefik.port: '80'
traefik.docker.network: frontend
networks:
- frontend
# reverse proxy
traefik:
image: 'traefik:1.7.9-alpine'
command:
- --api
- --docker
- --docker.swarmmode
- --docker.watch
- --metrics.prometheus
- --debug=false
- --logLevel=ERROR
- --entryPoints=Name:http Address::80
- --defaultentrypoints=http
- --defaultentrypoints=https,http
- --entryPoints=Name:http Address::80 Redirect.EntryPoint:https
- --entryPoints=Name:https Address::443 TLS
- --retry
- --docker.endpoint=unix:///var/run/docker.sock
- --docker.domain=elaisa.org
- --docker.watch=true
- --docker.exposedbydefault=false
- --acme.email=teusz.alexander@gmail.com
- --acme.storage=acme.json
- --acme.entryPoint=https
- --acme.onHostRule=true
- --acme.httpchallenge.entrypoint=http
ports:
- '80:80'
- '443:443'
- '18080:8080'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# use traefik file for ssl | soure: https://docs.traefik.io/user-guide/docker-and-lets-encrypt/
- /opt/traefik/acme.json:/acme.json
deploy:
restart_policy:
condition: any
mode: global
placement:
constraints:
- node.role == manager
labels:
# we don't want traefik to be available trough itself from the outsite world
traefik.enable: 'false'
networks:
- frontend
# before starting the stack, this network has to be installed:
# - docker network create --attachable --driver overlay frontend
# - docker network create --driver overlay --attachable --opt encrypted=true database
# the services network
networks:
frontend:
external: true
database:
external: true
monitoring:
external: true
# before starting the stack (one time), execute this command to create
# a docker volume for our mongodb data. The data witin this volume will
# persist on the host and will survive restarts of containers
# - docker volume create mongodb
volumes:
redis:
external: true
mongodb:
external: true
# stores time-series db for metrics
prometheus:
external: true
# stores configuration, users, data-sources for grafana
grafana:
external: true
# Docker secrets for hosting passwords, usernames etc.
secrets:
mongodb_root_username:
external: true
mongodb_root_password:
external: true