Micha/homelab-infra
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
85a8d0c2f26c94eb67252263b28b298d7698892a
homelab-infra/ops/komodo/docker-compose.yml
T
Micha 85a8d0c2f2 Protect Traefik dashboard with Authelia 
Protect Traefik dashboard with Authelia
2026-04-17 13:11:43 +02:00

101 lines
4.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
services:
# ──────────────────────────────────────────────────────────────────
# MongoDB Datenbank fuer Komodo Core
# Netz: komodo_net (internal: true) niemals frontend_net
# ──────────────────────────────────────────────────────────────────
komodo-mongo:
image: mongo:7
container_name: komodo-mongo
restart: unless-stopped
command: --quiet
volumes:
- /mnt/user/appdata/komodo/mongo:/data/db
- /mnt/user/appdata/secrets/komodo_mongo_password.txt:/run/secrets/mongo_password:ro
networks:
- komodo_net
environment:
- MONGO_INITDB_ROOT_USERNAME=komodo
- MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo_password
healthcheck:
test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
security_opt:
- no-new-privileges:true
# ──────────────────────────────────────────────────────────────────
# Komodo Core Management-UI (Portainer-Ersatz)
# Netz: frontend_net (Traefik) + komodo_net (MongoDB/Periphery)
# Admin-Dienst: bewusst ohne pauschale ForwardAuth-Middleware; dokumentierte Ausnahme
# ──────────────────────────────────────────────────────────────────
komodo-core:
image: ghcr.io/mbecker20/komodo:latest@sha256:d0a201fdf7113b7a47fe925e0a8a9c337f632980a27f151729030f05e99e22c0
container_name: komodo-core
restart: unless-stopped
depends_on:
komodo-mongo:
condition: service_healthy
volumes:
- /mnt/user/appdata/komodo/core:/repo-cache
networks:
- komodo_net
- frontend_net
extra_hosts:
- "git.kaleschke.info:172.30.0.17"
environment:
- TZ=Europe/Berlin
- KOMODO_HOST=https://komodo.kaleschke.info
- KOMODO_TITLE=Kallilabcore
- KOMODO_SECRET_KEY=${KOMODO_SECRET_KEY}
- KOMODO_WEBHOOK_SECRET=${KOMODO_SECRET_KEY}
- KOMODO_MONGO_ADDRESS=komodo-mongo:27017
- KOMODO_MONGO_USERNAME=komodo
- KOMODO_MONGO_PASSWORD=${KOMODO_MONGO_PASSWORD}
- KOMODO_LOG_LEVEL=info
- KOMODO_LOCAL_AUTH=true
- KOMODO_JWT_SECRET=${KOMODO_JWT_SECRET}
labels:
- traefik.enable=true
- traefik.docker.network=frontend_net
- traefik.http.routers.komodo.rule=Host(`komodo.kaleschke.info`)
- traefik.http.routers.komodo.entrypoints=websecure
- traefik.http.routers.komodo.tls=true
- traefik.http.routers.komodo.tls.certresolver=le
- traefik.http.services.komodo.loadbalancer.server.port=9120
security_opt:
- no-new-privileges:true
# ──────────────────────────────────────────────────────────────────
# Komodo Periphery Docker-Agent auf Kallilabcore
# Netz: komodo_net (internal) kein Traefik noetig
# Ausnahme: Docker-Socket ohne :ro (Periphery startet/stoppt Container)
# ──────────────────────────────────────────────────────────────────
komodo-periphery:
image: ghcr.io/mbecker20/periphery:latest@sha256:087babb8a6090882846750f72c48323007cbf9a548bd930a19a0c09e8220d95c
container_name: komodo-periphery
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /mnt/user/appdata/komodo/periphery:/etc/komodo
networks:
- komodo_net
environment:
- PERIPHERY_ROOT_DIRECTORY=/mnt/user/services
- PERIPHERY_PASSKEY=${KOMODO_PERIPHERY_PASSKEY}
- TZ=Europe/Berlin
extra_hosts:
- "git.kaleschke.info:192.168.178.58"
security_opt:
- no-new-privileges:true
networks:
frontend_net:
external: true
komodo_net:
name: komodo_net
internal: true
driver: bridge
Reference in New Issue View Git Blame Copy Permalink