-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcompose.yaml
130 lines (118 loc) · 3.36 KB
/
compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: mta-sts-exporter-examples
volumes:
mta-sts-reports: {}
configs:
mta-sts-exporter:
# this config contains all default values,
# you only need to set values you want to override
content: |
port: 8080
log:
json: true
policy:
enabled: true
path: /.well-known/mta-sts.txt
version: STSv1
mode: enforce
mx:
- mx1.example.com
- mx2.example.com
maxage: 86400
reports:
enabled: true
path: /report
max:
body: 1048576
json: 5242880
save:
enabled: false
path: /tmp/reports
metrics:
enabled: true
port: 8081
path: /metrics
collectors:
go: false
process: false
exporter: false
x-service: &service
restart: unless-stopped
logging:
driver: journald
options:
tag: "{{.Name}}/{{.ID}}"
x-healthcheck: &healthcheck
start_period: 15s
start_interval: 1s
interval: 15s
timeout: 3s
retries: 3
services:
mta-sts-exporter:
<<: *service
image: phiag/mta-sts-exporter:1.7.63@sha256:8fdcc641bd985a874d5ffba7f3d12c906e902fdd1804b37e841b950726276448
ports:
- 127.0.0.1:8080:8080
- 127.0.0.1:8081:8081
healthcheck:
<<: *healthcheck
test: [CMD, /ko-app/mta-sts-exporter, -health]
configs:
- source: mta-sts-exporter
target: /etc/mta-sts-exporter/config.yaml
mta-sts-exporter-env:
<<: *service
image: phiag/mta-sts-exporter:1.7.63@sha256:8fdcc641bd985a874d5ffba7f3d12c906e902fdd1804b37e841b950726276448
healthcheck:
<<: *healthcheck
test: [CMD, /ko-app/mta-sts-exporter, -health]
environment:
PORT: 8080
LOG_JSON: true
POLICY_ENABLED: true
POLICY_PATH: /.well-known/mta-sts.txt
POLICY_VERSION: STSv1
POLICY_MODE: enforce
POLICY_MX: mx1.example.com,mx2.example.com
POLICY_MAXAGE: 86400
REPORTS_ENABLED: true
REPORTS_PATH: /report
REPORTS_MAX_BODY: 1048576
REPORTS_MAX_JSON: 5242880
REPORTS_SAVE_ENABLED: false
REPORTS_SAVE_PATH: /tmp/reports
METRICS_ENABLED: true
METRICS_PORT: 8081
METRICS_PATH: /metrics
METRICS_COLLECTORS_GO: false
METRICS_COLLECTORS_PROCESS: false
METRICS_COLLECTORS_EXPORTER: false
mta-sts-exporter-save-reports:
<<: *service
image: phiag/mta-sts-exporter:1.7.63@sha256:8fdcc641bd985a874d5ffba7f3d12c906e902fdd1804b37e841b950726276448
# only required for rootless docker to write to volume
user: 0:0
healthcheck:
<<: *healthcheck
test: [CMD, /ko-app/mta-sts-exporter, -health]
environment:
REPORTS_SAVE_ENABLED: true
volumes:
- mta-sts-reports:/tmp/reports
mta-sts-exporter-traefik:
<<: *service
image: phiag/mta-sts-exporter:1.7.63@sha256:8fdcc641bd985a874d5ffba7f3d12c906e902fdd1804b37e841b950726276448
expose:
- 8080
- 8081
healthcheck:
<<: *healthcheck
test: [CMD, /ko-app/mta-sts-exporter, -health]
environment:
POLICY_MX: mx1.example.com,mx2.example.com
labels:
traefik.enable: true
traefik.http.routers.mta_sts.rule: Host(`mta-sts.example.com`)
traefik.http.routers.mta_sts.entrypoints: https
traefik.http.routers.mta_sts.tls: true
traefik.http.routers.mta_sts.tls.certresolver: letsencrypt