Last active
June 15, 2021 14:46
-
-
Save pierreavizou/b5a01e220df74433efb775a109427d3f to your computer and use it in GitHub Desktop.
Revisions
-
pierreavizou revised this gist
Apr 29, 2020 . No changes.There are no files selected for viewing
-
Apr 29, 2020 .There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,113 @@ version: '3.7' networks: traefik: rudderstack: services: traefik: image: traefik:2.2 ports: - target: 80 published: 80 protocol: tcp mode: host - target: 443 published: 443 protocol: tcp mode: host networks: - traefik deploy: placement: constraints: # Define labels on your nodes using, e.g. `docker node update --label-add type=load-balancer <node-id>` - node.labels.type == load-balancer command: - "--accesslog=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" # Adapt network below to the name of your stack, or use an external network - "--providers.docker.network=<YOUR_STACK_NAME>_traefik" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--entrypoints.web.http.redirections.entrypoint.to=websecure" - "--entrypoints.web.http.redirections.entrypoint.scheme=https" - "--providers.docker.swarmMode=true" - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" - "--certificatesresolvers.mytlschallenge.acme.email=YOUR@EMAIL.COM" - "--certificatesresolvers.mytlschallenge.acme.storage=/acme/acme.json" volumes: - /opt/traefik/:/acme/ - /var/run/docker.sock:/var/run/docker.sock:ro # Adjust according to the logging method you're using logging: driver: journald rudderdb: image: postgres:11-alpine networks: - rudderstack deploy: placement: constraints: # Define labels on your nodes using, e.g. `docker node update --label-add type=database <node-id>` - node.labels.type == database environment: - POSTGRES_USER=rudder - POSTGRES_PASSWORD=<YOUR_DB_PASSWORD> - POSTGRES_DB=jobsdb volumes: - /mnt/rudderstack_data/rudderdb:/var/lib/postgresql/data logging: driver: journald rudderbackend: image: rudderlabs/rudder-server:saas-25042020.043927 deploy: placement: constraints: - node.labels.type != load-balancer labels: - traefik.enable=true # Point your domain's DNS to your loadbalancer's IP prior to running Traefik - traefik.http.routers.rudderbackend.rule=Host(`YOUR.DOMAIN.TLD`) - traefik.http.services.rudderbackend.loadbalancer.server.port=8080 - traefik.http.routers.rudderbackend.tls=true - traefik.http.routers.rudderbackend.entrypoints=websecure - traefik.http.routers.rudderbackend.tls.certresolver=mytlschallenge - traefik.http.middlewares.rudderbackend.headers.SSLRedirect=true - traefik.http.middlewares.rudderbackend.headers.STSSeconds=315360000 - traefik.http.middlewares.rudderbackend.headers.browserXSSFilter=true - traefik.http.middlewares.rudderbackend.headers.contentTypeNosniff=true - traefik.http.middlewares.rudderbackend.headers.forceSTSHeader=true - traefik.http.middlewares.rudderbackend.headers.SSLHost=${DOMAIN.TLD} - traefik.http.middlewares.rudderbackend.headers.STSIncludeSubdomains=true - traefik.http.middlewares.rudderbackend.headers.STSPreload=true networks: - rudderstack - traefik environment: - INSTANCE_ID={{.Task.Slot}} - JOBS_DB_HOST=rudderdb - JOBS_DB_USER=rudder - JOBS_DB_PORT=5432 - JOBS_DB_DB_NAME=jobsdb - JOBS_DB_PASSWORD=<YOUR_DB_PASSWORD> - DEST_TRANSFORM_URL=http://d-transformer:9090 - CONFIG_BACKEND_URL=https://api.rudderlabs.com - WORKSPACE_TOKEN=<YOUR_RUDDER_WORKSPACE_TOKEN> - CONFIG_PATH=/app/config/config.toml entrypoint: sh -c '/wait-for rudderdb:5432 -- /rudder-server' logging: driver: journald d-transformer: image: rudderlabs/rudder-transformer:saas-25042020.204857 deploy: placement: constraints: - node.labels.type != load-balancer networks: - rudderstack logging: driver: journald