-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathdocker-compose.yml
98 lines (89 loc) · 3.23 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
version: '3'
# See https://docs.docker.com/compose/overview/ for more information.
# If you make changes to this file or any related files, apply them by
# navigating to the directory that holds this file and run this as root:
# docker-compose down; docker-compose up -d
# Create two networks: one for front-end containers that we'll make
# publicly accessible to the internet, and one for private back-end.
networks:
frontend:
backend:
# Create persistent Docker volumes to preserve important data.
# We don't want our data to be lost when restarting containers.
volumes:
vol-jenkins-content:
# Create our containers.
services:
# Traefik is a reverse proxy. It handles SSL and passes traffic to
# Docker containers via rules you define in docker-compose labels.
# Its dashboard is at http://example.com/traefik/ (behind a login).
traefik:
# https://hub.docker.com/_/traefik/
image: traefik:latest
command: --api --docker --acme.email="${ACME_EMAIL}"
restart: always
networks:
- backend
- frontend
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Access to Docker
- ./traefik.toml:/traefik.toml # Traefik configuration
- ./acme.json:/acme.json # SSL certificates
ports:
# Map port 80 and 443 on the host to this container.
- "80:80"
- "443:443"
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${TRAEFIK_DOMAINS}; PathPrefixStrip:/traefik"
- "traefik.port=8080"
- "traefik.protocol=http"
# Remove next line to disable login prompt for the dashboard.
- "traefik.frontend.auth.basic=${BASIC_AUTH}"
# Watchtower detects if any linked containers have an new image
# available, automatically updating & restarting them if needed.
watchtower:
# https://hub.docker.com/r/centurylink/watchtower/
image: v2tec/watchtower:latest
# https://github.com/v2tec/watchtower#options
# This schedule applies updates (if available) at midnight.
command: --cleanup --schedule "0 0 0 * * *"
restart: always
networks:
- backend
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# The main front-end application.
jenkins:
# https://hub.docker.com/r/jenkins/jenkins/
image: jenkinsci/blueocean:latest
restart: always
networks:
- backend
- frontend
expose:
- "80"
# remove the '#' below only if you want access from remote JNLP agents
#- "50000"
volumes:
# Ensure Jenkins content persist between restarts.
- vol-jenkins-content:/var/jenkins_home
# remove the '#' if you want to run blueocean docker agents (advanced only)
#- /var/run/docker.sock:/var/run/docker.sock
environment:
- http_port=80
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${JENKINS_DOMAINS}"
- "traefik.port=80"
- "traefik.protocol=http"
# This allows Jenkins to send email without having
# to rely on an external provider like SendGrid or MailGun.
# It makes an SMTP host available at the hostname "mail".
mail:
image: bytemark/smtp
restart: always
networks:
- frontend