-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathportainer-compose.yml
69 lines (65 loc) · 1.91 KB
/
portainer-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# ----------------------------------------------------------
# Portainer is a web GUI for container management.
# This compose file is used in Synology's Container Manager,
# since Portainer can't be used to edit itself.
# ----------------------------------------------------------
# quick network info:
# - subnet: 172.21.0.0/24
# - port: 2376
services:
# use docker-socket-proxy for portainer's Docker access
portainer-socket-proxy:
image: tecnativa/docker-socket-proxy
container_name: portainer-socket-proxy
security_opt:
- no-new-privileges:true
networks: # uses the socket proxy network
portainer_socket_network:
ipv4_address: 172.21.0.10 # assign a static IP for firewall ease
privileged: true
ports:
- 2376:2375
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- LOG_LEVEL=info
- POST=1
- CONTAINERS=1
- IMAGES=1
- INFO=1
- NETWORKS=1
- SERVICES=1
- TASKS=1
- VOLUMES=1
labels:
- "com.centurylinklabs.watchtower.monitor-only=true"
restart: unless-stopped
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
ports:
- 8000:8000
- 9000:9000
depends_on:
- portainer-socket-proxy
command: -H tcp://portainer-socket-proxy:2375
security_opt:
- no-new-privileges:true
volumes:
- /volume1/docker/portainer:/data
networks:
portainer_socket_network:
ipv4_address: 172.21.0.11 # assign a static IP for firewall ease
labels:
io.portainer.accesscontrol.users: matthewkdies
restart: unless-stopped
networks:
portainer_socket_network:
# a custom network that all docker socket requests are routed through
name: portainer_socket_network
driver: bridge
ipam:
config:
- subnet: "172.21.0.0/24"
gateway: "172.21.0.1"
ip_range: "172.21.0.0/24"