version: '3' services: milvert-nginx: container_name: milvert-nginx image: nginx:latest restart: always networks: - backend labels: - "traefik.enable=true" #HTTPS - "traefik.http.routers.milvert-secure.entrypoints=web-secure" - "traefik.http.routers.milvert-secure.rule=Host(`www.${DOMAIN}`, `${DOMAIN}`)" - "traefik.http.routers.milvert-secure.priority=1" # SSL - "traefik.http.routers.milvert-secure.tls.certresolver=milvert" - "traefik.http.routers.milvert-secure.tls=true" volumes: - "${DIR}/milvert-nginx/conf:/etc/nginx/conf.d" - "${DIR}/milvert-nginx/html:/html" zigbee2mqtt: container_name: zigbee2mqtt networks: - backend image: koenkk/zigbee2mqtt:1.8.0 volumes: - ${DIR}/zigbee2matt:/app/data devices: - /dev/ttyACM-zigbee:/dev/ttyACM0 restart: always environment: - TZ=Europe/Stockholm grafana: image: grafana/grafana:6.4.2 container_name: grafana networks: - backend volumes: # Data persistency # sudo mkdir -p /srv/docker/grafana/data; chown 472:472 /srv/docker/grafana/data - "${DIR}/grafana:/var/lib/grafana" labels: - "traefik.enable=true" - "traefik.http.routers.grafana.rule=Host(`grafana.${DOMAIN}`)" - "traefik.http.routers.grafana.entrypoints=web" - "traefik.http.services.grafana-service.loadbalancer.server.port=3000" influx: image: influxdb:1.7 container_name: influxdb networks: - backend labels: - "traefik.http.routers.influx.entryPoints=port8086" - "traefik.http.routers.influx.rule=host(`influx.${DOMAIN}`)" - "traefik.http.services.influx-service.loadBalancer.server.port=8086" restart: always volumes: - ${DIR}/influx-data:/var/lib/influxdb environment: - INFLUXDB_DB=SOME_DB_NAME # set any other to create database on initialization - INFLUXDB_HTTP_ENABLED=true - INFLUXDB_HTTP_AUTH_ENABLED=true - INFLUXDB_ADMIN_USER=SECURE_USERNAME - INFLUXDB_ADMIN_PASSWORD=SECURE_PASS gitea: image: gitea/gitea:1.9.3 container_name: gitea networks: - backend restart: always environment: - USER_UID=1001 - USER_GID=1005 volumes: #- /var/lib/gitea:/data - ${DIR}/gitea:/data - /home/git/.ssh:/data/git/.ssh - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "127.0.0.1:2222:22" - "3000:3000" labels: - "traefik.enable=true" - "traefik.http.services.gitea-service.loadbalancer.server.port=3000" - "traefik.http.routers.gitea-secure.entrypoints=web-secure" - "traefik.http.routers.gitea-secure.rule=Host(`gitea.${DOMAIN}`)" - "traefik.http.routers.gitea-secure.tls.certresolver=milvert" whoami: # A container that exposes an API to show its IP address image: containous/whoami networks: - backend labels: - "traefik.enable=true" - "traefik.http.routers.whoami-secure.entrypoints=web-secure" - "traefik.http.routers.whoami-secure.rule=Host(`whoami.${DOMAIN}`)" - "traefik.http.routers.whoami-secure.tls.certresolver=milvert" mqtt: image: eclipse-mosquitto:1.6.8 container_name: mqtt networks: - frontend - backend restart: always ports: - "1883:1883" - "9001:9001" volumes: - ./mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf - ${DIR}/mosquitto/data:/mosquitto/data - ${DIR}/mosquitto/log:/mosquitto/log labels: - "traefik.http.routers.mqtt.rule=Host(`mqtt.${DOMAIN}`)" - "traefik.http.routers.mqtt.entrypoints=mqtt" - "traefik.http.services.mqtt-service.loadbalancer.server.port=9001" - "traefik.enable=true" node-red: image: nodered/node-red:latest container_name: "node-red" networks: - backend environment: - TZ=Europe/Stockholm ports: - "1881:1880" #devices: #- /dev/ttyAMA0 restart: unless-stopped user: ${UID} volumes: - ${DIR}/nodered:/data labels: - "traefik.http.routers.node-red.rule=Host(`nodered.${DOMAIN}`)" - "traefik.http.routers.node-red.entrypoints=web" - "traefik.http.services.node-red-service.loadbalancer.server.port=1880" - "traefik.http.routers.node-red-secure.entrypoints=web-secure" - "traefik.http.routers.node-red-secure.rule=Host(`nodered.${DOMAIN}`)" - "traefik.http.routers.node-red-secure.tls.certresolver=milvert" - "traefik.enable=true" domoticz: image: linuxserver/domoticz container_name: domoticz networks: - backend environment: - PUID=1000 - PGID=1000 - TZ=Europe/Stockholm #- WEBROOT=domoticz #optional volumes: - ${DIR}/domoticz:/config ports: - 8081:8080 #devices: #- path to device:path to device restart: unless-stopped labels: - "traefik.http.routers.domo.rule=Host(`domo.${DOMAIN}`)" - "traefik.http.routers.domo.entrypoints=web" - "traefik.http.services.domo-service.loadbalancer.server.port=8080" - "traefik.enable=true" reverse-proxy: # The official v2.0 Traefik docker image image: traefik:v2.1 container_name: "traefik" networks: - backend - frontend ports: # The HTTP port - "80:80" - "443:443" - "8080:8080" volumes: # So that Traefik can listen to the Docker events - /var/run/docker.sock:/var/run/docker.sock - ./traefik.yml:/etc/traefik/traefik.yml - ./static_config.yml:/etc/traefik/static_config.yml # - "./log.json:/etc/traefik/log.json" #- ./acme.json:/acme.json - ./letsencrypt:/letsencrypt dns: - 8.8.8.8 labels: - "traefik.enable=true" - "traefik.http.routers.traefik.rule=Host(`tra.${DOMAIN}`)" - "traefik.http.routers.traefik-secure.entrypoints=web-secure" - "traefik.http.routers.traefik-secure.rule=Host(`tra.${DOMAIN}`)" - "traefik.http.routers.traefik-secure.tls.certresolver=milvert" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.services.traefik-service.loadbalancer.server.port=8080" - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.middlewares.traefik-auth.basicauth.users=simon:$$apr1$$o3vIe.DX$$3XExiBMe8rUo3HujDSYEo0" networks: frontend: external: true backend: external: false