Added a view healthchecks
This commit is contained in:
parent
063ff194e2
commit
0520815da1
8 changed files with 75 additions and 16 deletions
|
@ -40,6 +40,10 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ${VOLUMES_PATH}/firefoxsync/db:/var/lib/postgresql/data
|
- ${VOLUMES_PATH}/firefoxsync/db:/var/lib/postgresql/data
|
||||||
user: ${UID}:${GID}
|
user: ${UID}:${GID}
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=firefoxsync"
|
- "docker.group=firefoxsync"
|
||||||
|
|
||||||
|
|
|
@ -11,18 +11,6 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- web
|
- web
|
||||||
- git
|
- git
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
- "traefik.http.routers.forgejo.rule=Host(`gitea.${DOMAIN}`, `git.${DOMAIN}`)"
|
|
||||||
- "traefik.http.routers.forgejo.entrypoints=websecure"
|
|
||||||
- "traefik.http.routers.forgejo.tls.certresolver=netcup"
|
|
||||||
- "traefik.http.routers.forgejo.tls.options=intermediate@file"
|
|
||||||
- "traefik.http.routers.forgejo.middlewares=gitearedir"
|
|
||||||
- "traefik.http.middlewares.gitearedir.redirectregex.regex=^https://gitea.${DOMAIN}/(.*)"
|
|
||||||
- "traefik.http.middlewares.gitearedir.redirectregex.replacement=https://git.${DOMAIN}/$${1}"
|
|
||||||
- "traefik.http.middlewares.gitearedir.redirectregex.permanent=true"
|
|
||||||
- "traefik.http.services.forgejo.loadbalancer.server.port=3000"
|
|
||||||
- "docker.group=git"
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
@ -35,6 +23,22 @@ services:
|
||||||
- DB_NAME=${POSTGRES_DB}
|
- DB_NAME=${POSTGRES_DB}
|
||||||
- DB_USER=${POSTGRES_USER}
|
- DB_USER=${POSTGRES_USER}
|
||||||
- DB_PASSWD=${POSTGRES_PASSWORD}
|
- DB_PASSWD=${POSTGRES_PASSWORD}
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "curl" ,"--fail", "localhost:3000/api/healthz"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.forgejo.rule=Host(`gitea.${DOMAIN}`, `git.${DOMAIN}`)"
|
||||||
|
- "traefik.http.routers.forgejo.entrypoints=websecure"
|
||||||
|
- "traefik.http.routers.forgejo.tls.certresolver=netcup"
|
||||||
|
- "traefik.http.routers.forgejo.tls.options=intermediate@file"
|
||||||
|
- "traefik.http.routers.forgejo.middlewares=gitearedir"
|
||||||
|
- "traefik.http.middlewares.gitearedir.redirectregex.regex=^https://gitea.${DOMAIN}/(.*)"
|
||||||
|
- "traefik.http.middlewares.gitearedir.redirectregex.replacement=https://git.${DOMAIN}/$${1}"
|
||||||
|
- "traefik.http.middlewares.gitearedir.redirectregex.permanent=true"
|
||||||
|
- "traefik.http.services.forgejo.loadbalancer.server.port=3000"
|
||||||
|
- "docker.group=git"
|
||||||
|
|
||||||
|
|
||||||
db:
|
db:
|
||||||
|
@ -48,6 +52,10 @@ services:
|
||||||
- git
|
- git
|
||||||
volumes:
|
volumes:
|
||||||
- ${VOLUMES_PATH}/git/forgejo_db:/var/lib/postgresql/data
|
- ${VOLUMES_PATH}/git/forgejo_db:/var/lib/postgresql/data
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=git"
|
- "docker.group=git"
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,10 @@ services:
|
||||||
- POSTGRES_DB=grafana
|
- POSTGRES_DB=grafana
|
||||||
- POSTGRES_USER=${POSTGRES_USER}
|
- POSTGRES_USER=${POSTGRES_USER}
|
||||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=monitoring"
|
- "docker.group=monitoring"
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,10 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- web
|
- web
|
||||||
- nextcloud
|
- nextcloud
|
||||||
|
healthcheck:
|
||||||
|
test: curl -sSf 'http://localhost/status.php' | grep '"installed":true' | grep '"maintenance":false' | grep '"needsDbUpgrade":false' || exit 1
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.nextcloud.rule=Host(`cloud.${DOMAIN}`)"
|
- "traefik.http.routers.nextcloud.rule=Host(`cloud.${DOMAIN}`)"
|
||||||
|
@ -123,6 +127,7 @@ services:
|
||||||
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
|
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
|
||||||
- MYSQL_DATABASE=${MYSQL_DATABASE}
|
- MYSQL_DATABASE=${MYSQL_DATABASE}
|
||||||
- MYSQL_USER=${MYSQL_USER}
|
- MYSQL_USER=${MYSQL_USER}
|
||||||
|
- MARIADB_AUTO_UPGRADE=1
|
||||||
logging:
|
logging:
|
||||||
driver: "json-file"
|
driver: "json-file"
|
||||||
options:
|
options:
|
||||||
|
@ -131,6 +136,10 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- nextcloud
|
- nextcloud
|
||||||
- mariadb
|
- mariadb
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
|
||||||
|
interval: 20s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=netxtcloud"
|
- "docker.group=netxtcloud"
|
||||||
|
|
||||||
|
@ -166,6 +175,10 @@ services:
|
||||||
- monitoring
|
- monitoring
|
||||||
volumes:
|
volumes:
|
||||||
- ${VOLUMES_PATH}/nextcloud/redis:/data
|
- ${VOLUMES_PATH}/nextcloud/redis:/data
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "redis-cli", "ping"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=netxtcloud"
|
- "docker.group=netxtcloud"
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,9 @@ http {
|
||||||
sendfile on;
|
sendfile on;
|
||||||
#tcp_nopush on;
|
#tcp_nopush on;
|
||||||
|
|
||||||
|
# Prevent nginx HTTP Server Detection
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
keepalive_timeout 65;
|
keepalive_timeout 65;
|
||||||
|
|
||||||
#gzip on;
|
#gzip on;
|
||||||
|
@ -48,7 +51,7 @@ http {
|
||||||
add_header X-Download-Options "noopen" always;
|
add_header X-Download-Options "noopen" always;
|
||||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
add_header X-Robots-Tag "none" always;
|
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||||
add_header X-XSS-Protection "1; mode=block" always;
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
|
||||||
# Remove X-Powered-By, which is an information leak
|
# Remove X-Powered-By, which is an information leak
|
||||||
|
|
|
@ -18,6 +18,7 @@ services:
|
||||||
#- "--log.level=DEBUG"
|
#- "--log.level=DEBUG"
|
||||||
- "--log.level=INFO"
|
- "--log.level=INFO"
|
||||||
#- "--accesslog=true"
|
#- "--accesslog=true"
|
||||||
|
- "--ping=true"
|
||||||
- "--entrypoints.web.address=:80"
|
- "--entrypoints.web.address=:80"
|
||||||
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
|
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
|
||||||
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
|
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
|
||||||
|
@ -42,6 +43,10 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ${VOLUMES_PATH}/proxy/letsencrypt:/letsencrypt
|
- ${VOLUMES_PATH}/proxy/letsencrypt:/letsencrypt
|
||||||
- $PWD/tls.toml:/etc/traefik/tls.toml
|
- $PWD/tls.toml:/etc/traefik/tls.toml
|
||||||
|
healthcheck:
|
||||||
|
test: traefik healthcheck --ping
|
||||||
|
interval: 3s
|
||||||
|
timeout: 1s
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.dashboard.rule=Host(`traefik.${DOMAIN}`)"
|
- "traefik.http.routers.dashboard.rule=Host(`traefik.${DOMAIN}`)"
|
||||||
|
@ -63,14 +68,18 @@ services:
|
||||||
environment:
|
environment:
|
||||||
# grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections
|
# grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections
|
||||||
- CONTAINERS=1
|
- CONTAINERS=1
|
||||||
- INFO=1
|
- INFO=1
|
||||||
networks:
|
networks:
|
||||||
- dockersocket
|
- dockersocket
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:2375/version"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 3s
|
||||||
privileged: true
|
privileged: true
|
||||||
|
|
||||||
|
|
||||||
whoami:
|
whoami:
|
||||||
image: containous/whoami
|
image: traefik/whoami
|
||||||
networks:
|
networks:
|
||||||
- web
|
- web
|
||||||
labels:
|
labels:
|
||||||
|
|
|
@ -21,6 +21,10 @@ services:
|
||||||
- wallabag
|
- wallabag
|
||||||
volumes:
|
volumes:
|
||||||
- /var/dockervolumes/wallabag/images:/var/www/wallabag/web/assets/images
|
- /var/dockervolumes/wallabag/images:/var/www/wallabag/web/assets/images
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.wallabag.rule=Host(`wallabag.${DOMAIN}`)"
|
- "traefik.http.routers.wallabag.rule=Host(`wallabag.${DOMAIN}`)"
|
||||||
|
@ -41,14 +45,24 @@ services:
|
||||||
- wallabag
|
- wallabag
|
||||||
volumes:
|
volumes:
|
||||||
- /var/dockervolumes/wallabag/db:/var/lib/mysql
|
- /var/dockervolumes/wallabag/db:/var/lib/mysql
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "docker.group=wallabag"
|
- "docker.group=wallabag"
|
||||||
|
|
||||||
redis:
|
redis:
|
||||||
image: redis:alpine
|
image: redis
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
networks:
|
networks:
|
||||||
- wallabag
|
- wallabag
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "redis-cli", "ping"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
|
labels:
|
||||||
|
- "docker.group=wallabag"
|
||||||
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
|
|
|
@ -7,6 +7,10 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- web
|
- web
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "curl" ,"--fail", "localhost"]
|
||||||
|
interval: 5s
|
||||||
|
timeout: 3s
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.webroot.entrypoints=websecure" # All HTTP requests are globally redirected to HTTPS
|
- "traefik.http.routers.webroot.entrypoints=websecure" # All HTTP requests are globally redirected to HTTPS
|
||||||
|
|
Loading…
Reference in a new issue