91 lines
5.1 KiB
YAML
91 lines
5.1 KiB
YAML
services:
|
|
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
# MongoDB â Datenbank fuer Komodo Core
|
|
# Netz: komodo_net (internal: true) â niemals frontend_net
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
komodo-mongo:
|
|
image: mongo:7
|
|
container_name: komodo-mongo
|
|
restart: unless-stopped
|
|
command: --quiet
|
|
volumes:
|
|
- /mnt/user/appdata/komodo/mongo:/data/db
|
|
- /mnt/user/appdata/secrets/komodo_mongo_password.txt:/run/secrets/mongo_password:ro
|
|
networks:
|
|
- komodo_net
|
|
environment:
|
|
- MONGO_INITDB_ROOT_USERNAME=komodo
|
|
- MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo_password
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
# Komodo Core â Management-UI (Portainer-Ersatz)
|
|
# Netz: frontend_net (Traefik) + komodo_net (MongoDB/Periphery)
|
|
# Admin-Dienst: dashboard-auth@file + secure-headers@file Pflicht
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
komodo-core:
|
|
image: ghcr.io/mbecker20/komodo:latest
|
|
container_name: komodo-core
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- komodo-mongo
|
|
volumes:
|
|
- /mnt/user/appdata/komodo/core:/repo-cache
|
|
networks:
|
|
- komodo_net
|
|
- frontend_net
|
|
extra_hosts:
|
|
- "git.kaleschke.info:172.30.0.17"
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- KOMODO_HOST=https://komodo.kaleschke.info
|
|
- KOMODO_TITLE=Kallilabcore
|
|
- KOMODO_SECRET_KEY=${KOMODO_SECRET_KEY}
|
|
- KOMODO_MONGO_ADDRESS=komodo-mongo:27017
|
|
- KOMODO_MONGO_USERNAME=komodo
|
|
- KOMODO_MONGO_PASSWORD=${KOMODO_MONGO_PASSWORD}
|
|
- KOMODO_LOG_LEVEL=info
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=frontend_net
|
|
- traefik.http.routers.komodo.rule=Host(`komodo.kaleschke.info`)
|
|
- traefik.http.routers.komodo.entrypoints=websecure
|
|
- traefik.http.routers.komodo.tls=true
|
|
- traefik.http.routers.komodo.tls.certresolver=le
|
|
- traefik.http.routers.komodo.middlewares=dashboard-auth@file,secure-headers@file
|
|
- traefik.http.services.komodo.loadbalancer.server.port=9120
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
# Komodo Periphery â Docker-Agent auf Kallilabcore
|
|
# Netz: komodo_net (internal) â kein Traefik noetig
|
|
# Ausnahme: Docker-Socket ohne :ro (Periphery startet/stoppt Container)
|
|
# ââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââââ
|
|
komodo-periphery:
|
|
image: ghcr.io/mbecker20/periphery:latest
|
|
container_name: komodo-periphery
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- /mnt/user/appdata/komodo/periphery:/etc/komodo
|
|
networks:
|
|
- komodo_net
|
|
environment:
|
|
- PERIPHERY_PASSKEY=${KOMODO_PERIPHERY_PASSKEY}
|
|
- TZ=Europe/Berlin
|
|
extra_hosts:
|
|
- "git.kaleschke.info:192.168.178.58"
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
networks:
|
|
frontend_net:
|
|
external: true
|
|
komodo_net:
|
|
name: komodo_net
|
|
internal: true
|
|
driver: bridge
|