version: '3' services: traefik: image: "traefik:v2.0" container_name: "traefik" command: - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--certificatesresolvers.mytlschallenge.acme.dnschallenge=true" - "--certificatesresolvers.mytlschallenge.acme.dnschallenge.delaybeforecheck=0" - "--certificatesresolvers.mytlschallenge.acme.dnschallenge.provider=cloudflare" - "--certificatesresolvers.mytlschallenge.acme.email=hanemile@protonmail.com" - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json" - "--metrics.prometheus=true" ports: - "80:80" - "443:443" - "8080:8080" volumes: - "./letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./traefik_users:/traefik_users" labels: - "traefik.enable=true" - "traefik.http.routers.traefik.entrypoints=web" - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)" - "traefik.http.middlewares.traefik-auth.basicauth.usersFile=/traefik_users" - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - "traefik.http.routers.traefik-secure.entrypoints=websecure" - "traefik.http.routers.traefik-secure.rule=Host(`traefik.${HOSTNAME}`)" - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.traefik-secure.service=api@internal" - "traefik.http.services.traefik.loadbalancer.server.port=8080" networks: - circus register: image: "registry.darknebu.la/circus/register:latest" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" ports: - "8081:8081" environment: - HOSTNAME=${HOSTNAME} labels: - "traefik.enable=true" - "traefik.http.routers.register.entrypoints=web" - "traefik.http.routers.register.rule=Host(`register.${HOSTNAME}`)" - "traefik.http.middlewares.register-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.register.middlewares=register-https-redirect" - "traefik.http.routers.register-secure.entrypoints=websecure" - "traefik.http.routers.register-secure.rule=Host(`register.${HOSTNAME}`)" - "traefik.http.routers.register-secure.tls=true" - "traefik.http.routers.register-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.register-secure.service=register" - "traefik.http.services.register.loadbalancer.server.port=8081" networks: - circus scoreboard: image: "registry.darknebu.la/circus/scoreboard:latest" container_name: "scoreboard" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" ports: - "8082:8080" environment: - HOSTNAME=${HOSTNAME} labels: - "traefik.enable=true" - "traefik.http.routers.scoreboard.entrypoints=web" - "traefik.http.routers.scoreboard.rule=Host(`scoreboard.${HOSTNAME}`)" - "traefik.http.middlewares.scoreboard-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.scoreboard.middlewares=scoreboard-https-redirect" - "traefik.http.routers.scoreboard-secure.entrypoints=websecure" - "traefik.http.routers.scoreboard-secure.rule=Host(`scoreboard.${HOSTNAME}`)" - "traefik.http.routers.scoreboard-secure.tls=true" - "traefik.http.routers.scoreboard-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.scoreboard-secure.service=scoreboard" - "traefik.http.services.scoreboard.loadbalancer.server.port=8080" networks: - circus prometheus: image: "prom/prometheus:latest" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" command: - "--config.file=/etc/prometheus/prometheus.yml" volumes: - "./prometheus.yml:/etc/prometheus/prometheus.yml:ro" - "prometheus_data:/prometheus" ports: - "9090:9090" labels: - "traefik.enable=true" - "traefik.http.routers.prometheus.entrypoints=web" - "traefik.http.routers.prometheus.rule=Host(`prometheus.${HOSTNAME}`)" - "traefik.http.middlewares.prometheus-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.prometheus.middlewares=prometheus-https-redirect" - "traefik.http.routers.prometheus-secure.entrypoints=websecure" - "traefik.http.routers.prometheus-secure.rule=Host(`prometheus.${HOSTNAME}`)" - "traefik.http.routers.prometheus-secure.tls=true" - "traefik.http.routers.prometheus-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.prometheus-secure.service=prometheus" - "traefik.http.services.prometheus.loadbalancer.server.port=9090" networks: - circus grafana: image: "grafana/grafana" container_name: "grafana" volumes: - "grafana_data:/var/lib/grafana" - "./grafana.ini:/etc/grafana/grafana.ini" env_file: # grafana.env: # GF_SERVER_ROOT_URL=http://grafana.docker.localhost:3000 # GF_SECURITY_ADMIN_PASSWORD= - "./grafana.env" ports: - "3000:3000" labels: - "traefik.enable=true" - "traefik.http.routers.grafana.entrypoints=web" - "traefik.http.routers.grafana.rule=Host(`grafana.${HOSTNAME}`)" - "traefik.http.middlewares.grafana-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.grafana.middlewares=grafana-https-redirect" - "traefik.http.routers.grafana-secure.entrypoints=websecure" - "traefik.http.routers.grafana-secure.rule=Host(`grafana.${HOSTNAME}`)" - "traefik.http.routers.grafana-secure.tls=true" - "traefik.http.routers.grafana-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.grafana-secure.service=grafana" - "traefik.http.services.grafana.loadbalancer.server.port=3000" networks: - circus landingpage: image: "registry.darknebu.la/circus/landingpage:latest" container_name: "landingpage" environment: - HOSTNAME=${HOSTNAME} - CTFNAME=${CTFNAME} labels: - "traefik.enable=true" - "traefik.http.routers.landingpage.entrypoints=web" - "traefik.http.routers.landingpage.rule=Host(`${HOSTNAME}`)" - "traefik.http.middlewares.landingpage-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.landingpage.middlewares=landingpage-https-redirect" - "traefik.http.routers.landingpage-secure.entrypoints=websecure" - "traefik.http.routers.landingpage-secure.rule=Host(`${HOSTNAME}`)" - "traefik.http.routers.landingpage-secure.tls=true" - "traefik.http.routers.landingpage-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.landingpage-secure.service=landingpage" - "traefik.http.services.landingpage.loadbalancer.server.port=8081" networks: - circus manager: image: "registry.darknebu.la/circus/manager:latest" container_name: "manager" labels: - "traefik.enable=true" - "traefik.http.routers.manager.entrypoints=web" - "traefik.http.routers.manager.rule=Host(`manager.${HOSTNAME}`)" - "traefik.http.middlewares.manager-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.manager.middlewares=manager-https-redirect" - "traefik.http.routers.manager-secure.entrypoints=websecure" - "traefik.http.routers.manager-secure.rule=Host(`manager.${HOSTNAME}`)" - "traefik.http.routers.manager-secure.tls=true" - "traefik.http.routers.manager-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.manager-secure.service=manager" - "traefik.http.services.manager.loadbalancer.server.port=8080" networks: - circus - circus_db postgresql: image: "postgres:12.0" container_name: "postgresql" volumes: - "circus_data:/var/lib/postgresql/data" networks: - circus_db networks: circus: external: name: circus circus_db: volumes: prometheus_data: {} grafana_data: {} circus_data: {}