-
Notifications
You must be signed in to change notification settings - Fork 27
/
docker-compose.yml
82 lines (77 loc) · 1.94 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
version: '3'
services:
app:
image: 'lepresidente/nginxproxymanager:latest'
restart: unless-stopped
networks:
crowdsec:
npm:
ports:
# These ports are in format :
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: ${DATABASE_PASSWORD}
DB_MYSQL_NAME: "npm"
CROWDSEC_OPENRESTY_BOUNCER: |
ENABLED=true
API_URL=http://crowdsec:8080
API_KEY=${CROWDSEC_BOUNCER_APIKEY}
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
depends_on:
db:
condition: service_healthy
security_opt:
- no-new-privileges=true
db:
image: 'mariadb:lts'
restart: unless-stopped
networks:
npm:
environment:
MYSQL_ROOT_PASSWORD: ${ROOT_DATABASE_PASSWORD}
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: ${DATABASE_PASSWORD}
volumes:
- mariadb-data:/var/lib/mysql
security_opt:
- no-new-privileges=true
healthcheck:
test: ['CMD', '/usr/local/bin/healthcheck.sh', '--innodb_initialized']
start_period: 5s
timeout: 5s
interval: 5s
retries: 5
crowdsec:
image: docker.io/crowdsecurity/crowdsec:latest
container_name: crowdsec
environment:
- COLLECTIONS=crowdsecurity/nginx-proxy-manager
volumes:
- crowdsec-db:/var/lib/crowdsec/data/
- crowdsec-config:/etc/crowdsec/
- ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
- ./data/logs/:/var/log/npm:ro
networks:
crowdsec:
restart: unless-stopped
security_opt:
- no-new-privileges=true
volumes:
crowdsec-db:
crowdsec-config:
mariadb-data:
networks:
crowdsec:
driver: bridge
npm:
driver: bridge