jpallison0625/frostlabs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a20b9809c592f835b5053cd7bf4b3b276bc0f24
frostlabs/core/stack.yml
John 5a20b9809c disabled service: Crowdsec
2025-11-24 18:47:32 +00:00

110 lines
3.0 KiB
YAML
Raw Blame History

services:
traefik:
image: traefik:v3.6.1
ports:
- 80:80
- 443:443
- 8082:8080
environment:
- CF_DNS_API_TOKEN_FILE=/run/secrets/cloudflare_api_token
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./static.yml:/etc/traefik/traefik.yml:ro
- ./dynamic.yml:/etc/traefik/dynamic/dynamic.yml:ro
- /home/doc/projects/swarm-data/traefik/certificates:/certificates
- /home/doc/projects/swarm-data/traefik/logs:/var/log/traefik
secrets:
- cloudflare_api_token
networks:
- frostlabs
healthcheck:
test: [ "CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/ping" ]
interval: 30s
timeout: 5s
retries: 3
start_period: 30s
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.labels.task == control
# crowdsec:
# image: crowdsecurity/crowdsec:latest
# environment:
# # Disable online API enrollment (use for local setup)
# - DISABLE_ONLINE_API=false
# # Set collections to install
# - COLLECTIONS=crowdsecurity/traefik crowdsecurity/http-cve
# # Enable Prometheus metrics
# - METRICS_PORT=6060
# volumes:
# # Persistent CrowdSec configuration and data
# - /home/doc/projects/swarm-data/crowdsec/config:/etc/crowdsec
# - /home/doc/projects/swarm-data/crowdsec/data:/var/lib/crowdsec/data
# # Traefik access logs (read-only)
# - /home/doc/projects/swarm-data/traefik/logs:/var/log/traefik:ro
# # Acquis configuration
# - ./acquis.yaml:/etc/crowdsec/acquis.yaml:ro
# networks:
# - frostlabs
# deploy:
# mode: replicated
# replicas: 1
# placement:
# constraints:
# - node.labels.task == control
# restart_policy:
# condition: on-failure
# delay: 5s
# max_attempts: 3
# healthcheck:
# test: [ "CMD", "cscli", "version" ]
# interval: 30s
# timeout: 10s
# retries: 3
# start_period: 60s
portainer:
image: portainer/portainer-ce:latest
command: -H tcp://tasks.agent:9001 --tlsskipverify
volumes:
- /home/doc/projects/swarm-data/portainer:/data
networks:
- frostlabs
ports:
- 9000:9000
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.labels.task == control
labels:
- "traefik.enable=true"
- "traefik.swarm.network=frostlabs"
- "traefik.http.routers.portainer.rule=Host(`portainer.frostlabs.me`)"
- "traefik.http.routers.portainer.entrypoints=websecure"
- "traefik.http.routers.portainer.tls=true"
- "traefik.http.routers.portainer.tls.certresolver=cloudflare"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
agent:
image: portainer/agent:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
networks:
- frostlabs
deploy:
mode: global
networks:
frostlabs:
external: true
secrets:
cloudflare_api_token:
external: true
Reference in New Issue View Git Blame Copy Permalink