Hack into working shape
This commit is contained in:
parent
8b16715091
commit
80b301876a
|
@ -1,2 +1,4 @@
|
||||||
# The path to our pass credentials store
|
export STACK_NAME=portainer
|
||||||
export PASSWORD_STORE_DIR=$(pwd)/../infrastructure/credentials/password-store
|
|
||||||
|
export DOMAIN=portainer.example.com
|
||||||
|
export LETS_ENCRYPT_ENV=production
|
||||||
|
|
|
@ -2,6 +2,35 @@
|
||||||
version: "3.7"
|
version: "3.7"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
app:
|
||||||
|
image: portainer/portainer
|
||||||
|
command: "-H tcp://tasks.agent:9001 --tlsskipverify"
|
||||||
|
volumes:
|
||||||
|
- "portainer_data:/data"
|
||||||
|
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||||
|
networks:
|
||||||
|
- agent_network
|
||||||
|
- proxy
|
||||||
|
deploy:
|
||||||
|
mode: replicated
|
||||||
|
replicas: 1
|
||||||
|
update_config:
|
||||||
|
failure_action: rollback
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- node.role == manager
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.docker.network=proxy"
|
||||||
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=9000"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
|
|
||||||
agent:
|
agent:
|
||||||
image: portainer/agent
|
image: portainer/agent
|
||||||
volumes:
|
volumes:
|
||||||
|
@ -17,34 +46,12 @@ services:
|
||||||
constraints:
|
constraints:
|
||||||
- node.role == manager
|
- node.role == manager
|
||||||
|
|
||||||
portainer:
|
volumes:
|
||||||
command: "-H tcp://tasks.agent:9001 --tlsskipverify"
|
portainer_data:
|
||||||
volumes:
|
|
||||||
- "portainer_data:/data"
|
|
||||||
networks:
|
|
||||||
- agent_network
|
|
||||||
- proxy
|
|
||||||
deploy:
|
|
||||||
mode: replicated
|
|
||||||
replicas: 1
|
|
||||||
update_config:
|
|
||||||
failure_action: rollback
|
|
||||||
placement:
|
|
||||||
constraints:
|
|
||||||
- node.role == manager
|
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
|
|
||||||
- "traefik.http.routers.portainer.rule=Host(`portainer.swarm.autonomic.zone`)"
|
|
||||||
- "traefik.http.routers.portainer.entrypoints=web-secure"
|
|
||||||
- "traefik.http.routers.portainer.tls.certresolver=staging"
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
|
proxy:
|
||||||
|
external: true
|
||||||
agent_network:
|
agent_network:
|
||||||
driver: overlay
|
driver: overlay
|
||||||
attachable: true
|
attachable: true
|
||||||
proxy:
|
|
||||||
external: true
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
portainer_data:
|
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
version: "3.7"
|
|
||||||
|
|
||||||
services:
|
|
||||||
portainer:
|
|
||||||
volumes:
|
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
version: "3.7"
|
|
||||||
|
|
||||||
services:
|
|
||||||
portainer:
|
|
||||||
image: portainer/portainer
|
|
||||||
ports:
|
|
||||||
- "9000:9000"
|
|
||||||
- "8000:8000"
|
|
Loading…
Reference in New Issue