version: "3.8" volumes: traefik-data-volume: web-data-volume: gitea-data-volume: codepot-data-volume: drone-data-volume: networks: traefik-network: external: false services: traefik-service: image: docker.io/traefik:2.10.1 hostname: traefik-service-host tty: true volumes: - type: bind source: /var/run/docker.sock target: /var/run/docker.sock # if /etc/traefik direcotry exists, traefik looks for /etc/traefik/traefik.toml # use a different directory(/config) to avoid problems for the lack of traefik.toml - type: volume source: traefik-data-volume target: /config ports: #- target: 80 # published: 80 # protocol: tcp # mode: host - target: 443 published: 443 protocol: tcp mode: host - target: 3306 published: 3306 protocol: tcp mode: host - target: 4444 published: 4444 protocol: tcp mode: host networks: - traefik-network #- host-network deploy: mode: global resources: limits: memory: 1GB restart_policy: condition: on-failure command: - --log.level=INFO - --accessLog #- --accesslog.filepath=/config/logs/access.log - --api.dashboard=true - --api.insecure=true - --ping=true - --entrypoints.traefik.address=:4444 - --entrypoints.web.address=:80 - --entrypoints.websec.address=:443 - --entrypoints.mariadb.address=:3306 - --providers.docker=true - --providers.docker.swarmmode=false - --providers.docker.exposedbydefault=false - --providers.docker.network=traefik-network - --providers.docker.watch=true - --providers.file.filename=/config/traefik-cert.yml - --providers.file.watch=true - --metrics.prometheus=true web-service: image: docker.io/hyunghwan/hio:webs hostname: web-service-host networks: - traefik-network volumes: - type: volume source: web-data-volume target: /data #read_only: true read_only: false logging: driver: "local" options: max-file: "5" max-size: "5m" deploy: mode: global resources: limits: memory: 128MB restart_policy: condition: on-failure labels: - traefik.enable=true ##- traefik.docker.network=traefik-network - traefik.http.routers.web-secure.entrypoints=websec - traefik.http.routers.web-secure.rule=Host(`miflux.com`) || Host(`www.miflux.com`) - traefik.http.routers.web-secure.tls=true - traefik.http.services.web-service.loadbalancer.server.port=80 ##- traefik.http.services.web-service.loadbalancer.sticky.cookie=true ##- traefik.http.services.web-service.loadbalancer.sticky.cookie.name=web-sticker gitea-service: image: docker.io/gitea/gitea:1.20.4 hostname: gitea-service-host tty: true environment: ##- USER_UID=1000 ##- USER_GID=1000 - GITEA____APP_NAME=HYUNG-HWAN - GITEA__server__DISABLE_SSH=true - GITEA__server__HTTP_PORT=3000 - GITEA__server__ROOT_URL=https://code.miflux.com/ - GITEA__indexer__REPO_INDEXER_ENABLED=true - GITEA__indexer__REPO_INDEXER_PATH=/data/gitea/indexers/repos.bleve ##- GITEA__indexer__UPDATE_BUFFER_LEN=20 - GITEA__indexer__MAX_FILE_SIZE=1048576 - GITEA__indexer__REPO_INDEXER_INCLUDE= - GITEA__indexer__REPO_INDEXER_EXCLUDE=resources/bin/** - GITEA__service__DISABLE_REGISTRATION=true - GITEA__service__DEFAULT_ALLOW_CREATE_ORGANIZATION=true - GITEA__service__EMAIL_NOTIFY_TRUE=false - GITEA__openid__ENABLE_OPENID_SIGNIN=false - GITEA__openid__ENABLE_OPENID_SIGNUP=false - GITEA__webhook__ALLOWED_HOST_LIST=* - GITEA__metrics__ENABLED=true - GITEA__attachment__ENABLED=true - GITEA__attachment__ALLOWED_TYPES=*/* - GITEA__attachment__MAX_SIZE=100 networks: - traefik-network volumes: - type: volume source: gitea-data-volume target: /data logging: driver: "local" options: max-file: "5" max-size: "5m" deploy: mode: replicated replicas: 1 resources: limits: memory: 1GB restart_policy: condition: on-failure labels: - traefik.enable=true - traefik.http.routers.gitea-secure.entrypoints=websec - traefik.http.routers.gitea-secure.rule=Host(`code.miflux.com`) - traefik.http.routers.gitea-secure.tls=true - traefik.http.routers.gitea-secure.middlewares=gitea-to-codepot-diff-to-file,gitea-to-codepot #- traefik.http.routers.gitea-plain.entrypoints=web #- traefik.http.routers.gitea-plain.rule=Host(`code.miflux.com`) #- traefik.http.routers.gitea-plain.tls=false - traefik.http.services.gitea-service.loadbalancer.server.port=3000 - traefik.http.services.gitea-service.loadbalancer.sticky.cookie=true - traefik.http.services.gitea-service.loadbalancer.sticky.cookie.name=gitea-sticker - traefik.http.middlewares.gitea-to-codepot-diff-to-file.redirectregex.regex=^https://code.miflux.com/code/(fulldiff|diff)/(.*)$ - traefik.http.middlewares.gitea-to-codepot-diff-to-file.redirectregex.replacement=https://cpot.miflux.com/code/file/$${2} - traefik.http.middlewares.gitea-to-codepot.redirectregex.regex=^https://code.miflux.com/code/(.*)$ - traefik.http.middlewares.gitea-to-codepot.redirectregex.replacement=https://cpot.miflux.com/code/$${1} - traefik.http.middlewares.redirect-merisia-benjaminrancourt.redirectregex.permanent=false codepot-service: image: docker.io/hyunghwan/codepot:ubnt hostname: codepot-service-host tty: true command: - --port=80 - --hide-index-page=yes - --https-redirected=yes networks: - traefik-network volumes: - type: volume source: codepot-data-volume target: /var/lib/codepot logging: driver: "local" options: max-file: "5" max-size: "5m" deploy: mode: replicated replicas: 1 resources: limits: memory: 1GB restart_policy: condition: on-failure labels: - traefik.enable=true - traefik.http.routers.codepot-secure.entrypoints=websec - traefik.http.routers.codepot-secure.rule=Host(`cpot.miflux.com`) - traefik.http.routers.codepot-secure.tls=true #- traefik.http.routers.codepot-plain.entrypoints=web #- traefik.http.routers.codepot-plain.rule=Host(`cpot.miflux.com`) #- traefik.http.routers.codepot-secure.tls=false - traefik.http.services.codepot.loadbalancer.sticky.cookie=true - traefik.http.services.codepot.loadbalancer.sticky.cookie.name=codepot-sticker - traefik.http.services.codepot.loadbalancer.server.port=80 drone-service: image: docker.io/drone/drone:2 hostname: drone-service-host tty: true environment: ## unable to use the internal DNS name as this URL is shown to ## the user for oauth login. ##- DRONE_GITEA_SERVER=http://gitea-service-host:3000 - DRONE_GITEA_SERVER=https://code.miflux.com - DRONE_GITEA_CLIENT_ID=272c7bf0-b081-4e3a-a9bf-4e39231fb162 - DRONE_GITEA_CLIENT_SECRET=gto_najtmt4bnfo37x7egy45s4g7esvhgs2b26wcfskvwn6bjajz672a - DRONE_RPC_SECRET=bd7c7058fd60caa00b86f7ea944c913d - DRONE_SERVER_HOST=ci.miflux.com - DRONE_SERVER_PROTO=https - DRONE_USER_CREATE=username:hyung-hwan,admin:true networks: #- drone-network - traefik-network volumes: - type: volume source: drone-data-volume target: /data #ports: # - target: 80 # published: 80 # protocol: tcp # - target: 443 # published: 443 # protocol: tcp deploy: mode: replicated replicas: 1 resources: limits: memory: 1GB restart_policy: condition: on-failure labels: - traefik.enable=true - traefik.docker.network=traefik-network - traefik.http.routers.drone-secure.entrypoints=websec - traefik.http.routers.drone-secure.rule=Host(`ci.miflux.com`) - traefik.http.routers.drone-secure.tls=true #- traefik.http.routers.drone-plain.entrypoints=web #- traefik.http.routers.drone-plain.rule=Host(`ci.miflux.com`) #- traefik.http.routers.drone-plain.tls=false - traefik.http.services.drone-service.loadbalancer.server.port=80 - traefik.http.services.drone-service.loadbalancer.sticky.cookie=true - traefik.http.services.drone-service.loadbalancer.sticky.cookie.name=drone-sticker drone-runner-service: image: docker.io/drone/drone-runner-docker:1 hostname: drone-runner-service-host tty: true environment: ##- DRONE_RPC_PROTO=https ##- DRONE_RPC_HOST=ci.miflux.com - DRONE_RPC_PROTO=http - DRONE_RPC_HOST=drone-service-host - DRONE_RPC_PORT=:80 - DRONE_RPC_SECRET=bd7c7058fd60caa00b86f7ea944c913d - DRONE_RUNNER_CAPACITY=10 - DRONE_RUNNER_NAME=drone-runner-docker-1 networks: - traefik-network volumes: - type: bind source: /var/run/docker.sock target: /var/run/docker.sock deploy: mode: replicated replicas: 2 resources: limits: memory: 1GB restart_policy: condition: on-failure