Initial commit

.drone.yml

@@ -0,0 +1,21 @@
+kind: pipeline
+name: compose
+type: docker
+
+steps:
+- name: deploy
+  image: docker/compose
+  volumes:
+    - name: docker_sock
+      path: /var/run/docker.sock
+  commands:
+    - docker-compose -p ${DRONE_REPO_NAME} up -d
+
+volumes:
+  - name: docker_sock
+    host:
+      path: /var/run/docker.sock
+
+trigger:
+  branch:
+    - master

README.org

@@ -0,0 +1,3 @@
+#+TITLE: Compose
+
+Refer to the [[https://bookstack.axpdsp.org/books/service-management/chapter/creating-a-new-compose-file][service management documentation]].

docker-compose.yml

@@ -0,0 +1,101 @@
+version: "3.8"
+
+services:
+  traefik:
+    image: "traefik:v2.9"
+    container_name: "traefik"
+    networks:
+      - proxy
+    command:
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--api.insecure=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      - "--certificatesresolvers.le.acme.httpchallenge=true"
+      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.le.acme.email=axpwpi@gmail.com"
+      - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "/traefik:/letsencrypt"
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.traefik.rule=Host(`traefik.axpdsp.org`)
+      - traefik.http.routers.traefik.tls.certresolver=le
+      - traefik.http.services.traefik.loadbalancer.server.port=8080
+    restart: always
+  certdumper:
+    image: humenius/traefik-certs-dumper:latest
+    volumes:
+      - /traefik:/traefik:ro
+      - /certs:/output:rw
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    environment:
+      - CERTIFICATE_FILE_NAME=fullchain
+      - PRIVATE_KEY_FILE_NAME=privkey
+  portainer:
+    image: portainer/portainer
+    container_name: portainer
+    restart: unless-stopped
+    networks:
+      - proxy
+    volumes:
+      - portainer:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.portainer.rule=Host(`portainer.axpdsp.org`)
+      - traefik.http.routers.portainer.tls.certresolver=le
+      - traefik.http.services.portainer.loadbalancer.server.port=9000
+  homepage:
+    image: ghcr.io/benphelps/homepage:latest
+    container_name: homepage
+    restart: unless-stopped
+    networks:
+      - proxy
+    volumes:
+      - homepage:/app/config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.homepage.rule=Host(`dashboard.axpdsp.org`)
+      - traefik.http.routers.homepage.tls.certresolver=le
+      - traefik.http.routers.homepage.entrypoints=websecure
+  uptime-kuma:
+    image: louislam/uptime-kuma:1
+    container_name: uptime-kuma
+    networks:
+      - proxy
+    volumes:
+      - uptime-kuma:/app/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    restart: always
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.uptime.rule=Host(`uptime.axpdsp.org`)
+      - traefik.http.routers.uptime.tls.certresolver=le
+      - traefik.http.routers.uptime.entrypoints=websecure
+      - traefik.http.services.uptime.loadbalancer.server.port=3001
+  watchtower:
+    image: containrrr/watchtower
+    restart: unless-stopped
+    environment:
+      - WATCHTOWER_POLL_INTERVAL=3600
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+networks:
+  proxy:
+    external: true
+    name: proxy
+
+volumes:
+  homepage:
+  portainer:
+  uptime-kuma: