79 lines
1.6 KiB
Plaintext
79 lines
1.6 KiB
Plaintext
|
---
|
||
|
version: "{{ skylab_compose_version }}"
|
||
|
|
||
|
|
||
|
networks:
|
||
|
meta:
|
||
|
name: meta
|
||
|
driver: overlay
|
||
|
ipam:
|
||
|
driver: default
|
||
|
config:
|
||
|
- subnet: {{ app.networks.ext }}
|
||
|
|
||
|
|
||
|
volumes:
|
||
|
{% for key, value in app.volumes.items() %}
|
||
|
meta-{{ key }}:
|
||
|
name: datastore{{ value }}
|
||
|
driver: glusterfs
|
||
|
{% endfor %}
|
||
|
|
||
|
|
||
|
services:
|
||
|
proxy:
|
||
|
image: nginx:{{ app.versions.proxy }}
|
||
|
hostname: proxy
|
||
|
networks:
|
||
|
- meta
|
||
|
extra_hosts:
|
||
|
- "dockerloopback:{{ app.settings.loopback_address }}"
|
||
|
ports:
|
||
|
- published: {{ app.ports.80 }}
|
||
|
target: 80
|
||
|
protocol: tcp
|
||
|
mode: ingress
|
||
|
- published: {{ app.ports.443 }}
|
||
|
target: 443
|
||
|
protocol: tcp
|
||
|
mode: ingress
|
||
|
volumes:
|
||
|
- type: volume
|
||
|
source: meta-nginx
|
||
|
target: /etc/nginx
|
||
|
read_only: true
|
||
|
- type: volume
|
||
|
source: meta-letsencrypt-config
|
||
|
target: /etc/letsencrypt
|
||
|
read_only: true
|
||
|
deploy:
|
||
|
replicas: 2
|
||
|
placement:
|
||
|
max_replicas_per_node: 1
|
||
|
|
||
|
certbot:
|
||
|
image: certbot/certbot:{{ app.versions.certbot }}
|
||
|
hostname: certbot
|
||
|
command: renew --standalone
|
||
|
networks:
|
||
|
- meta
|
||
|
ports:
|
||
|
- published: 8088 # This is hardcoded to avoid conflicts
|
||
|
target: 80
|
||
|
protocol: tcp
|
||
|
mode: ingress
|
||
|
volumes:
|
||
|
- type: volume
|
||
|
source: meta-letsencrypt-config
|
||
|
target: /etc/letsencrypt
|
||
|
read_only: false
|
||
|
- type: volume
|
||
|
source: meta-letsencrypt-data
|
||
|
target: /var/lib/letsencrypt
|
||
|
read_only: false
|
||
|
deploy:
|
||
|
replicas: 1
|
||
|
restart_policy:
|
||
|
condition: any
|
||
|
delay: 24h
|