-
Notifications
You must be signed in to change notification settings - Fork 2
/
docker-compose.yml
156 lines (141 loc) · 4.37 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
version: '3.4'
# See https://docs.docker.com/compose/overview/ for more information.
# If you make changes to this file or any related files, apply them by
# navigating to the directory that holds this file and run this as root:
# docker-compose down; docker-compose up -d
x-defaults: &defaults
image: 'sentry:latest'
restart: unless-stopped
depends_on:
- redis
- postgres
- memcached
- mail
environment:
SENTRY_SECRET_KEY: ${SENTRY_SECRET_KEY}
SENTRY_REDIS_HOST: redis
SENTRY_POSTGRES_HOST: postgres
SENTRY_MEMCACHED_HOST: memcached
SENTRY_EMAIL_HOST: mail
SENTRY_SERVER_EMAIL: ${SENTRY_SERVER_EMAIL}
SENTRY_DB_USERNAME: ${SENTRY_DB_USERNAME}
SENTRY_DB_PASSWORD: ${SENTRY_DB_PASSWORD}
volumes:
- sentry-data:/var/lib/sentry/files
services:
# Traefik is a reverse proxy. It handles SSL and passes traffic to
# Docker containers via rules you define in docker-compose labels.
# Its dashboard is at http://example.com/traefik/ (behind a login).
traefik:
# https://hub.docker.com/_/traefik/
image: traefik:latest
command: --api --docker --acme.email="${ACME_EMAIL}"
restart: always
networks:
- frontend
- backend
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Access to Docker
- ./traefik.toml:/traefik.toml # Traefik configuration
- ./acme.json:/acme.json # SSL certificates
ports:
# Map port 80 and 443 on the host to this container.
- "80:80"
- "443:443"
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${TRAEFIK_DOMAINS}; PathPrefixStrip:/traefik"
- "traefik.port=8080"
- "traefik.protocol=http"
# Remove next line to disable login prompt for the dashboard.
- "traefik.frontend.auth.basic=${BASIC_AUTH}"
# Watchtower detects if any linked containers have an new image
# available, automatically updating & restarting them if needed.
watchtower:
# https://hub.docker.com/r/centurylink/watchtower/
image: v2tec/watchtower:latest
# https://github.com/v2tec/watchtower#options
# This schedule applies updates (if available) at midnight.
command: --cleanup --schedule "0 0 0 * * *"
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# This allows Sentry to send email straight out of the box without
# having to rely on an external provider like SendGrid or MailGun.
# It makes an SMTP host available at the hostname "mail".
mail:
image: bytemark/smtp
restart: always
networks:
- frontend
- backend
labels:
- "traefik.enable=false"
memcached:
image: memcached:1.4
restart: always
networks:
- backend
labels:
- "traefik.enable=false"
redis:
image: redis:3.2-alpine
restart: always
networks:
- backend
labels:
- "traefik.enable=false"
postgres:
# https://hub.docker.com/_/postgres/
# Specify 9.5 as we only want watchtower to apply minor updates
# (eg, 9.5.1) and not major updates (eg, 9.6).
image: postgres:9.5
restart: always
networks:
- backend
environment:
POSTGRESS_USERNAME: ${SENTRY_DB_USERNAME}
POSTGRES_PASSWORD: ${SENTRY_DB_PASSWORD}
volumes:
# Ensure the database persists between restarts.
- sentry-postgres:/var/lib/postgresql/data
labels:
- "traefik.enable=false"
web:
<<: *defaults
networks:
- frontend
- backend
labels:
- "traefik.docker.network=frontend"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:${SENTRY_DOMAINS}"
- "traefik.port=9000"
- "traefik.protocol=http"
# Uncomment the next line to enable HSTS header.
#- "traefik.frontend.headers.STSSeconds=15768000"
cron:
<<: *defaults
command: run cron
networks:
- backend
labels:
- "traefik.enable=false"
worker:
<<: *defaults
command: run worker
networks:
- backend
labels:
- "traefik.enable=false"
# Create two networks: one for front-end containers that we'll make
# publicly accessible to the internet, and one for private back-end.
networks:
frontend:
backend:
# Create persistent Docker volumes to preserve important data.
# We don't want our data to be lost when restarting containers.
volumes:
sentry-data:
sentry-postgres: