-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
156 lines (146 loc) · 3.82 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
version: '3.3'
services:
# Local DNS server that resolves to nginx-server
dnsmasq:
image: andyshinn/dnsmasq
container_name: "dnsmasq"
cap_add:
- NET_ADMIN
restart: always
ports:
- "53:53/udp"
- "53:53/tcp"
volumes:
- ./dns-dev/dnsmasq.conf:/etc/dnsmasq.conf
command: --log-facility=-
networks:
- dns-proxy
# Network proxy solver to manage docker services and the pseudoTLD
traefik:
image: "traefik:v2.2"
container_name: "traefik"
restart: always
command:
# - "--log.level=ERROR"
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- dns-proxy
- comms-nginx
# Script for generating self-signed TLS certificates
cert-script:
image: ghcr.io/ferrazarthur/containerized-frp-client:certbot-script
build:
dockerfile: Dockerfile.certbot
labels:
- "traefik.enable=false"
container_name: cert-script
volumes:
- etc-ssl:/etc/ssl
- etc-nginx:/etc/nginx
# The basic frp server
frp-server:
image: ghcr.io/ferrazarthur/containerized-frp-client:frp-server
build:
context: .
dockerfile: Dockerfile.frps
labels:
- "traefik.enable=false"
container_name: frp-server
volumes:
- ./test-env-config/frps.toml:/frp/frps.toml:ro # This allow for quick configuration of the frp server
# environment:
# - FRPS_AUTH_TOKEN=${FRPS_AUTH_TOKEN}
ports:
- "7000:7000"
- "7500:7500"
- "30000-30900:30000-30900"
networks:
- comms-nginx
- comms-frp
# Nginx server for managing local traffic and TLS certifications
nginx-server:
image: nginx:alpine
labels:
- traefik.http.routers.nginx-server.rule=Host(`${CUSTOM_APP_URL}`)
- "traefik.http.routers.myrouter.tls=true"
container_name: nginx-server
volumes:
- etc-ssl:/etc/ssl
- etc-nginx:/etc/nginx
- ./test-env-config/nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "443:443"
networks:
- comms-nginx
- dns-proxy
depends_on:
cert-script:
condition: service_completed_successfully
frp-server:
condition: service_started
# My custom application for providing easy configuration for frp with docker
frp-client:
image: ghcr.io/ferrazarthur/containerized-frp-client:frp-client-test
build:
context: .
dockerfile: Dockerfile
labels:
- "traefik.enable=false"
volumes:
- ./server_config:/frp/server_config:ro
secrets:
- CREDENTIALS
environment:
# - FRPS_AUTH_TOKEN=${FRPS_AUTH_TOKEN}
- PROXY_NAME=${PROXY_NAME}
- PROXY_TYPE=${PROXY_TYPE}
- PROXY_LOCAL_IP=${PROXY_LOCAL_IP}
- PROXY_LOCAL_PORT=${PROXY_LOCAL_PORT}
- CUSTOM_APP_URL=${CUSTOM_APP_URL}
container_name: frp-client
tty: true
stdin_open: true
networks:
- comms-frp
- comms-local
depends_on:
- frp-server
# Server that provides some application via http
wagi-server:
# image: wagi
build:
context: .
dockerfile: application/Dockerfile
container_name: wagi-server
labels:
- "traefik.enable=false"
environment:
- LOCAL_WAGI_BIND_IP=${LOCAL_WAGI_BIND_IP}
- LOCAL_WAGI_BIND_PORT=${LOCAL_WAGI_BIND_PORT}
networks:
- comms-local
# File with user and password information of any given LDAP server, if any (file must exists)
secrets:
CREDENTIALS:
file: ./.credentials
networks:
comms-frp:
driver: bridge
comms-local:
driver: bridge
comms-nginx:
driver: bridge
dns-proxy:
driver: bridge
volumes:
etc-ssl:
etc-nginx: