If your administrator account is different to your user account, you must add the user to the docker-users group:
Run Computer Management as an administrator.
Navigate to Local Users and Groups > Groups > docker-users.
Right-click to add the user to the group.
Sign out and sign back in for the changes to take effect.
sudo iptables -I DOCKER-USER -i ens3 ! -s IP/24 -j DROPsudo iptables -I DOCKER-USER -i ens3 ! -s IP/24 -p tcp -m tcp --dport 80 -j DROPmain_queue:
build:
context: .
dockerfile: Dockerfile
command: 'php artisan queue:work'
depends_on:
- main_db
networks:
- mm-network
environment:
- DB_CONNECTION=${DB_CONNECTION}
- DB_HOST=${DB_HOST}
- DB_PORT=${DB_PORT}
- DB_DATABASE=${DB_DATABASE}
- DB_USERNAME=${DB_USERNAME}
- DB_PASSWORD=${DB_PASSWORD}main_queue:
build:
context: .
dockerfile: Dockerfile
command: 'php artisan queue:work'
depends_on:
- main_db
networks:
- mm-network
env_file:
- .envversion: '3.7'
networks:
zabbix-net:
driver: bridge
ipam:
config:
- subnet: 172.20.0.0/16
ip_range: 172.20.240.0/20
services:
postgres-server:
image: postgres:latest
container_name: postgres-server
environment:
POSTGRES_USER: "zabbix"
POSTGRES_PASSWORD: "zabbix_pwd"
POSTGRES_DB: "zabbix"
networks:
zabbix-net:
restart: unless-stopped
zabbix-snmptraps:
image: zabbix/zabbix-snmptraps:alpine-7.0-latest
container_name: zabbix-snmptraps
volumes:
- /zbx_instance/snmptraps:/var/lib/zabbix/snmptraps:rw
- /var/lib/zabbix/mibs:/usr/share/snmp/mibs:ro
networks:
zabbix-net:
ports:
- "162:1162/udp"
restart: unless-stopped
zabbix-server-pgsql:
image: zabbix/zabbix-server-pgsql:alpine-7.0-latest
container_name: zabbix-server-pgsql
environment:
DB_SERVER_HOST: "postgres-server"
POSTGRES_USER: "zabbix"
POSTGRES_PASSWORD: "zabbix_pwd"
POSTGRES_DB: "zabbix"
ZBX_ENABLE_SNMP_TRAPS: "true"
networks:
zabbix-net:
ports:
- "10051:10051"
volumes:
- zabbix-snmptraps:/var/lib/zabbix/snmptraps:rw
restart: unless-stopped
zabbix-web-nginx-pgsql:
image: zabbix/zabbix-web-nginx-pgsql:alpine-7.0-latest
container_name: zabbix-web-nginx-pgsql
environment:
ZBX_SERVER_HOST: "zabbix-server-pgsql"
DB_SERVER_HOST: "postgres-server"
POSTGRES_USER: "zabbix"
POSTGRES_PASSWORD: "zabbix_pwd"
POSTGRES_DB: "zabbix"
networks:
zabbix-net:
ports:
- "443:8443"
- "80:8080"
volumes:
- /etc/ssl/nginx:/etc/ssl/nginx:ro
restart: unless-stopped
pgadmin:
image: dpage/pgadmin4
container_name: pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: "user@domain.com"
PGADMIN_DEFAULT_PASSWORD: "SuperSecret"
networks:
zabbix-net:
ports:
- "8083:80"
restart: unless-stopped
volumes:
zabbix-snmptraps:version: '3.6'
services:
smtp:
image: exim4:v1
container_name: smtp
ports:
- 2025:25
volumes:
- exim4_config:/etc/exim4
- exim4_mail:/var/mail
- exim4_logs:/var/log/exim
restart: unless-stopped
networks:
- localnet
volumes:
exim4_config:
exim4_mail:
exim4_logs:docker run -it --rm \
-v /opt/exim4/smtpsender04/config:/etc/exim4 \
-v /opt/exim4/smtpsender04/mail:/var/mail ʼ
exim4:v1 /bin/bash -c "exim -bP >/etc/exim4/exim.conf"volumes:
- .:/var/www/html/git
Нужно, чтобы при регистрации на главном сайте создавался новый контейнер
docker create network net-privateversion: '3.8'
services:
pgadmin:
image: dpage/pgadmin4
restart: unless-stopped
environment:
PGADMIN_DEFAULT_EMAIL: "admin@example.com" # замініть на свою email-адресу
PGADMIN_DEFAULT_PASSWORD: "qwerty12345" # замініть на свій пароль
ports:
- "5050:80"
networks:
- net-private
networks:
net-private:
external: trueversion: '3.8'
services:
web:
image: my/app
restart: unless-stopped
ports:
- "80:80"
volumes:
- ./data:/mnt/data
database:
image: db/psql
restart: unless-stopped
networks:
- net-private
networks:
net-private:
external: truenginx:
container_name: nginx_container
image: nginx
ports:
- 80:80
- 443:443
networks:
- private
- public
restart: always
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/conf.d/:/etc/nginx/conf.d/:ro
- ./certbot/www:/var/www/certbot/:ro
- ./certbot/conf/:/etc/nginx/ssl/:ro
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
volumes:
- ./certbot/www/:/var/www/certbot/:rw
- ./certbot/conf/:/etc/letsencrypt/:rw
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"- "27019:27017"
version: "3"
services:
traefik:
image: "traefik:v2.10"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=MYEMAIL@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
# - "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
private_network:
ipv4_address: 10.2.0.120
unbound:
image: "mvance/unbound:1.17.0"
container_name: unbound
restart: unless-stopped
hostname: "unbound"
volumes:
- "./unbound:/opt/unbound/etc/unbound/"
networks:
private_network:
ipv4_address: 10.2.0.200
wg-easy:
depends_on: [unbound, adguardhome]
environment:
- WG_HOST=MYHOST_IP
- PASSWORD=openode
- WG_PORT=51820
- WG_DEFAULT_ADDRESS=10.10.10.x
- WG_DEFAULT_DNS=10.2.0.100
- WG_ALLOWED_IPS=10.2.0.0/24, 0.0.0.0/0, ::/0
- WG_PERSISTENT_KEEPALIVE=25
- WG_MTU=1280
#image: ditek/wg-easy
image: weejewel/wg-easy
container_name: wg-easy
volumes:
- .:/etc/wireguard
ports:
- "51820:51820/udp"
# - "51821:51821/tcp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
dns:
- 10.2.0.100
- 10.2.0.200
networks:
private_network:
ipv4_address: 10.2.0.3
labels:
- "traefik.enable=true"
- "traefik.http.routers.vpn.rule=Host(`vpn.site.com`)"
- "traefik.http.routers.vpn.entrypoints=websecure"
- 'traefik.http.routers.vpn.tls=true'
- "traefik.http.routers.vpn.tls.certresolver=myresolver"
- "traefik.http.services.vpn.loadbalancer.server.port=51821"
adguardhome:
depends_on: [unbound]
image: adguard/adguardhome
container_name: adguardhome
restart: unless-stopped
environment:
- TZ=America/Los_Angeles
volumes:
- ./work:/opt/adguardhome/work
- ./conf:/opt/adguardhome/conf
networks:
private_network:
ipv4_address: 10.2.0.100
networks:
private_network:
ipam:
driver: default
config:
- subnet: 10.2.0.0/24
Initialization scripts
If you would like to do additional initialization in an image derived from this one, add one or more *.sql, *.sql.gz, or *.sh scripts under /docker-entrypoint-initdb.d (creating the directory if necessary). After the entrypoint calls initdb to create the default postgres user and database, it will run any *.sql files, run any executable *.sh scripts, and source any non-executable *.sh scripts found in that directory to do further initialization before starting the service.
docker docker network create <имя сети>
docker network connect --alias nginx.local <имя сети> container-nginx
docker network connect --alias apache.local <имя сети> container-apache
docker network connect --alias mysite.local <имя сети> container-mysql