cidevworkspace/docker-compose.yml at master · davidjsanders/cidevworkspace · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
version: '3.7'

services:
  socat:
    # Reference: https://blog.mikesir87.io/2018/07/letting-traefik-run-on-worker-nodes/
    # Using socat allows the redirection of the docker sock and means only socat has
    # to run on managers
    image: alpine/socat:1.0.3
    command: tcp-listen:2375,fork,reuseaddr unix-connect:/var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - cidev_network
  traefik:
    # Reference: https://blog.mikesir87.io/2018/07/letting-traefik-run-on-worker-nodes/
    # Using socat allows the redirection of the docker sock and means only socat has
    # to run on managers. Here, traefik is running on any worker node and using the
    # swarm mesh to route traffic in.
    #
    image: traefik:v1.7-alpine  # The official Traefik docker image
    volumes:
      - ./config/traefik.toml:/etc/traefik/traefik.toml
      - ./selfsigned.crt:/certs/selfsigned.crt
      - ./selfsigned.key:/certs/selfsigned.key
      - ./secrets/.htpasswd:/run/secrets/.htpasswd
#    user: traefiker
    ports:
      - "80:80"      # The HTTP port
      - "443:443"    # The HTTPS port
    networks:
      - cidev_network
    restart: always
    labels:
      traefik.enable: "true"
      traefik.port: 9443
      traefik.backend: "traefik"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.passHostHeader: false
      traefik.frontend.rule: "Host:dasander-air.local;PathPrefixStrip: /traefik"
    depends_on:
      - socat
  cadvisor:
    image: google/cadvisor
    command: --http_digest_realm="localhost/cadvisor"
    volumes:
     - /:/rootfs:ro
     - /var/run:/var/run:rw
     - /sys:/sys:ro
     - /var/lib/docker/:/var/lib/docker:ro
    depends_on:
      - traefik
    networks:
      - cidev_network
    labels:
      traefik.enable: "true"
      traefik.port: 8080
      traefik.backend: "cadvisor"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.rule: "Host:cadvisor.dasander-air.local"
  grafana:
    image: grafana/grafana
    command: -config=/etc/grafana/grafana.ini
    volumes:
      - grafana_data:/var/lib/grafana
      - ./config/grafana.ini:/etc/grafana/grafana.ini
    networks:
      - cidev_network
    depends_on:
      - prometheus
    labels:
      traefik.enable: "true"
      traefik.port: 3000
      traefik.backend: "grafana"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.entryPoints.headerValue: "X-WebAuth-User"
      traefik.frontend.passHostHeader: true
      traefik.frontend.rule: "Host:dasander-air.local;PathPrefixStrip: /grafana"
  prometheus:
    image: prom/prometheus:latest
    command: --web.external-url=https://dasander-air.local/prometheus --config.file=/etc/prometheus/prometheus.yml
    volumes:
      - ./config/prometheus.yml:/etc/prometheus/prometheus.yml
    # healthcheck:
    #   test: ["CMD", "curl", "-f", "http://localhost:9090"]
    #   interval: 30s
    #   timeout: 10s
    #   retries: 3
    #   start_period: 5s
    labels:
      traefik.enable: "true"
      traefik.port: 9090
      traefik.backend: "prometheus"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.rule: "Host:dasander-air.local;PathPrefix: /prometheus"
    networks:
      - cidev_network
  sonarqube:
    image: sonarqube:7.5-community
    volumes:
      - cidev_sonar_conf:/opt/sonarqube/conf
      - cidev_sonar_data:/opt/sonarqube/data
      - cidev_sonar_logs:/opt/sonarqube/logs
      - cidev_sonar_extensions:/opt/sonarqube/extensions
      - ./config/sonar.properties:/opt/sonarqube/conf/sonar.properties
    networks:
      - cidev_network
    labels:
      traefik.enable: "true"
      traefik.port: 9000
      traefik.backend: "sonarqube"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.rule: "Host:dasander-air.local;PathPrefix: /sonarqube"
  jenkins:
    image: dsanderscan/cidev-jenkins:dev-0.2-2.164
    command: --prefix=/jenkins
    volumes:
      - cidev_jenkins:/var/jenkins_home
    ports:
      - 50000:50000
    networks:
      - cidev_network
    environment:
      - DOCKER_HOST=tcp://socat:2375
    labels:
      traefik.enable: "true"
      traefik.port: 8080
      traefik.backend: "backend-jenkins-docker"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.passHostHeader: false
      traefik.frontend.rule: "PathPrefix: /jenkins"
    restart: always
  nexus3:
    image: dsanderscan/nexus3:dev-0.1-3.15.2
    volumes:
      - cidev_nexus:/nexus-data
      - cidev_nexus_userroot:/userRoot
      - cidev_nexus_blobs:/blob-store
      - ./config/nexus.properties:/nexus-data/etc/nexus.properties
    networks:
      - cidev_network
    environment:
      - "INSTALL4J_ADD_VM_PARAMS=-Djava.util.prefs.userRoot=/userRoot"
    labels:
      traefik.enable: "true"
      traefik.docker.network: cidev_network
      traefik.ui.backend: "nexus-ui"
      traefik.ui.backend.protocol: http
      traefik.ui.frontend.entryPoints: https
      traefik.ui.frontend.passHostHeader: true
      traefik.ui.frontend.rule: "PathPrefix: /nexus"
      traefik.ui.port: 8081
      traefik.hub-registry.backend: "docker-hub"
      traefik.hub-registry.frontend.rule: "Host: docker-hub.dsanders.com"
      traefik.hub-registry.frontend.passHostHeader: true
      traefik.hub-registry.port: 18080
      traefik.private-reg.backend: "docker-private"
      traefik.private-reg.frontend.rule: "Host: docker-private.dsanders.com"
      traefik.private-reg.port: 18081
    restart: always
  db:
    image: postgres:9.4
    restart: on-failure
    environment:
      POSTGRES_PASSWORD: example
    labels:
      traefik.enable: "true"
      traefik.port: 8080
      traefik.backend: "backend-jenkins-docker"
      traefik.backend.protocol: http
      traefik.docker.network: cidev_network
      traefik.frontend.auth.basic.usersFile: /run/secrets/.htpasswd
      traefik.frontend.entryPoints: https
      traefik.frontend.passHostHeader: false
      traefik.frontend.rule: "PathPrefix: /postgres"
networks:
  cidev_network:
volumes:
  grafana_data:
  cidev_sonar_conf:
    external: true
  cidev_sonar_data:
    external: true
  cidev_sonar_logs:
    external: true
  cidev_sonar_extensions:
    external: true
  cidev_jenkins:
    external: true
  cidev_nexus:
    external: true
  cidev_nexus_userroot:
    external: true
  cidev_nexus_blobs:
    external: true