mirror of
https://github.com/MizuchiLabs/mantrae.git
synced 2025-12-16 11:54:51 -06:00
76 lines
2.9 KiB
YAML
76 lines
2.9 KiB
YAML
# Example docker-compose.yml file for mantrae
|
|
# Check the mantrae logs after first start for the admin password
|
|
services:
|
|
mantrae:
|
|
image: ghcr.io/mizuchilabs/mantrae:latest
|
|
container_name: mantrae
|
|
environment:
|
|
- ADMIN_PASSWORD=<super secret password>
|
|
- SECRET=<secret> # generate a secret with openssl rand -hex 16
|
|
volumes:
|
|
- ./mantrae:/data # base directory used
|
|
ports:
|
|
- 3000:3000 # remove this if you want to use traefik
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.mantrae.rule=Host(`mantrae.example.com`)
|
|
networks:
|
|
- proxy
|
|
restart: unless-stopped
|
|
|
|
mantrae-agent: # agent for running on other machines
|
|
image: ghcr.io/mizuchilabs/mantrae-agent:latest
|
|
container_name: mantrae-agent
|
|
network_mode: host # for detecting the hostname of the machine
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock # needed if running as container
|
|
environment:
|
|
- TOKEN=<token> # token from mantrae server
|
|
- HOST=https://mantrae.example.com # where to reach your mantrae server
|
|
restart: unless-stopped
|
|
|
|
traefik:
|
|
image: docker.io/traefik:latest
|
|
container_name: traefik
|
|
ports:
|
|
- 80:80
|
|
- 443:443
|
|
- 8080:8080
|
|
volumes:
|
|
- ./traefik:/etc/traefik
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
environment:
|
|
- CF_DNS_API_TOKEN=xxx # Set cloudflare token
|
|
networks:
|
|
- proxy
|
|
command:
|
|
- --log.level=INFO
|
|
- --api.dashboard=true
|
|
- --api.insecure=true # remove this if you have a domain
|
|
- --entrypoints.web.address=:80
|
|
- --entrypoints.web.http.redirections.entryPoint.to=websecure
|
|
- --entrypoints.web.http.redirections.entryPoint.scheme=https
|
|
- --entrypoints.websecure.address=:443
|
|
- --entrypoints.websecure.asDefault=true
|
|
- --entrypoints.websecure.http.tls.certresolver=letsencrypt # Set the default cert resolver
|
|
- --serversTransport.insecureSkipVerify=true
|
|
- --providers.docker=true
|
|
- --providers.docker.exposedByDefault=false
|
|
- --providers.docker.watch=true
|
|
- --providers.http.endpoint=http://mantrae:3000/api/<profile-name>?token=<token> # use the correct profile name
|
|
- --providers.http.headers.Traefik-Instance-Name=my_cool_instance
|
|
- --providers.http.headers.Traefik-Instance-Url=http://127.0.0.1:8080
|
|
- --certificatesresolvers.letsencrypt.acme.email=your@email.com
|
|
- --certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme.json
|
|
- --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare
|
|
- --certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=0
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.dashboard.rule=Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
|
|
- traefik.http.routers.dashboard.service=api@internal
|
|
- traefik.http.routers.dashboard.entrypoints=websecure
|
|
restart: always
|
|
|
|
networks:
|
|
proxy:
|