This repository has been archived on 2020-05-25. You can view files and clone it, but cannot push or open issues or pull requests.
frontend-docker/base.yml

71 lines
1.3 KiB
YAML

version: '3.7'
networks:
frontend:
driver: overlay
attachable: true
cache:
driver: overlay
secrets:
cf_op:
file: certificates/cloudflare-op.crt
ssl_master:
file: certificates/master.pem
volumes:
haproxysock:
x-logging: &json-log
driver: 'json-file'
options:
max-size: 20m
max-file: '5'
x-global-stop-2: &gt2
mode: global
restart_policy:
condition: any
update_config:
parallelism: 2
delay: 5s
order: stop-first
failure_action: rollback
services:
haproxy:
image: localhost:5000/haproxy-rx
deploy: *gt2 ## HAProxy really dislikes if it's overlapped
logging: *json-log
secrets:
- ssl_master
- cf_op
volumes:
- 'haproxysock:/haproxy:rw' ## Telegraf monitoring
networks:
- frontend
- cache
varnish:
image: localhost:5000/varnish
deploy: *gt2
logging: *json-log
tmpfs: /usr/local/var/varnish
networks:
- cache
hitch:
image: zazukoians/hitch
deploy: *gt2
logging: *json-log
secrets:
- source: ssl_master
environment:
HITCH_PEM: '/run/secrets/ssl_master'
HITCH_PARAMS: '--backend=[varnish]:80 --frontend=[*]:443'
HITCH_CIPHER: 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
ports:
- '443:443'
networks:
- cache