- "27019:27017"
version: "3"
services:
traefik:
image: "traefik:v2.10"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=MYEMAIL@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
# - "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
private_network:
ipv4_address: 10.2.0.120
unbound:
image: "mvance/unbound:1.17.0"
container_name: unbound
restart: unless-stopped
hostname: "unbound"
volumes:
- "./unbound:/opt/unbound/etc/unbound/"
networks:
private_network:
ipv4_address: 10.2.0.200
wg-easy:
depends_on: [unbound, adguardhome]
environment:
- WG_HOST=MYHOST_IP
- PASSWORD=openode
- WG_PORT=51820
- WG_DEFAULT_ADDRESS=10.10.10.x
- WG_DEFAULT_DNS=10.2.0.100
- WG_ALLOWED_IPS=10.2.0.0/24, 0.0.0.0/0, ::/0
- WG_PERSISTENT_KEEPALIVE=25
- WG_MTU=1280
#image: ditek/wg-easy
image: weejewel/wg-easy
container_name: wg-easy
volumes:
- .:/etc/wireguard
ports:
- "51820:51820/udp"
# - "51821:51821/tcp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
dns:
- 10.2.0.100
- 10.2.0.200
networks:
private_network:
ipv4_address: 10.2.0.3
labels:
- "traefik.enable=true"
- "traefik.http.routers.vpn.rule=Host(`vpn.site.com`)"
- "traefik.http.routers.vpn.entrypoints=websecure"
- 'traefik.http.routers.vpn.tls=true'
- "traefik.http.routers.vpn.tls.certresolver=myresolver"
- "traefik.http.services.vpn.loadbalancer.server.port=51821"
adguardhome:
depends_on: [unbound]
image: adguard/adguardhome
container_name: adguardhome
restart: unless-stopped
environment:
- TZ=America/Los_Angeles
volumes:
- ./work:/opt/adguardhome/work
- ./conf:/opt/adguardhome/conf
networks:
private_network:
ipv4_address: 10.2.0.100
networks:
private_network:
ipam:
driver: default
config:
- subnet: 10.2.0.0/24
Initialization scripts
If you would like to do additional initialization in an image derived from this one, add one or more *.sql, *.sql.gz, or *.sh scripts under /docker-entrypoint-initdb.d (creating the directory if necessary). After the entrypoint calls initdb to create the default postgres user and database, it will run any *.sql files, run any executable *.sh scripts, and source any non-executable *.sh scripts found in that directory to do further initialization before starting the service.
docker docker network create <имя сети>
docker network connect --alias nginx.local <имя сети> container-nginx
docker network connect --alias apache.local <имя сети> container-apache
docker network connect --alias mysite.local <имя сети> container-mysql
docker run --restart unless-stopped -p 5001:5050 -d --name api --network nginx-proxy-man projsharp-api:2023_04_02__19_52_17
Поправить nginx конфиг
location /api/ {
proxy_pass http://api:5050/api/;
}
app.run(host='0.0.0.0', port=8095, debug=False)
services:
app:
command: python wsgi_docker.py
nginx:
volumes:
- ./file_setting/fullchain.pem:/etc/nginx/fullchain.pem
- ./file_setting/privkey.pem:/etc/nginx/privkey.pem
build: ./nginx
container_name: t_nginx
restart: always
ports:
- 80:95
- 443:96
depends_on:
- app
server {
listen 95;
server_name my_domain.ru www.my_domain.ru;
return 301 https://$host$request_uri;
}
server {
listen 96 ssl;
server_name my_domain.ru www.my_domain.ru;
ssl_certificate fullchain.pem;
ssl_certificate_key privkey.pem;
location / {
proxy_pass "http://app:8095/";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}
services:
app1:
command: python wsgi_docker.py
app2:
command: python wsgi_docker.py
app3:
command: python wsgi_docker.py
nginx:
ports:
- 80:95
- 443:96
server {
listen 96 ssl;
server_name my_domain.ru www.my_domain.ru;
ssl_certificate fullchain.pem;
ssl_certificate_key privkey.pem;
location /app1 {
proxy_pass "http://app1:8095/";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
location /app2 {
proxy_pass "http://app2:8095/";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
location /app3 {
proxy_pass "http://app3:8095/";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}