88 lines
2.3 KiB
YAML
88 lines
2.3 KiB
YAML
version: "3"
|
|
|
|
services:
|
|
mybunker:
|
|
image: bunkerity/bunkerweb:1.5.3
|
|
ports:
|
|
- 80:8080
|
|
- 443:8443
|
|
environment:
|
|
- SERVER_NAME=www.example.com # replace with your domain
|
|
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
|
- SERVE_FILES=no
|
|
- DISABLE_DEFAULT_SERVER=yes
|
|
- AUTO_LETS_ENCRYPT=yes
|
|
- USE_CLIENT_CACHE=yes
|
|
- USE_GZIP=yes
|
|
- USE_REVERSE_PROXY=yes
|
|
- REVERSE_PROXY_URL=/
|
|
- REVERSE_PROXY_HOST=http://mongo-ui:8081
|
|
- |
|
|
CUSTOM_CONF_MODSEC_mongo-express=
|
|
SecRule REQUEST_FILENAME "@rx ^/db" "id:1,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"
|
|
labels:
|
|
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
|
networks:
|
|
- bw-universe
|
|
- bw-services
|
|
|
|
bw-scheduler:
|
|
image: bunkerity/bunkerweb-scheduler:1.5.3
|
|
depends_on:
|
|
- mybunker
|
|
environment:
|
|
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
|
volumes:
|
|
- bw-data:/data
|
|
networks:
|
|
- bw-universe
|
|
- bw-docker
|
|
|
|
bw-docker-proxy:
|
|
image: tecnativa/docker-socket-proxy:nightly
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
environment:
|
|
- CONTAINERS=1
|
|
- LOG_LEVEL=warning
|
|
networks:
|
|
- bw-docker
|
|
|
|
mongo:
|
|
image: mongo:5.0.14
|
|
volumes:
|
|
- db-data:/data/db
|
|
environment:
|
|
- MONGO_INITDB_ROOT_USERNAME=root # replace with a less obvious username
|
|
- MONGO_INITDB_ROOT_PASSWORD=toor # replace with a better password
|
|
- MONGO_INITDB_DATABASE=mongo # replace with the database name of your choice
|
|
networks:
|
|
- bw-services
|
|
|
|
mongo-ui:
|
|
image: mongo-express:0.54.0
|
|
environment:
|
|
- ME_CONFIG_MONGODB_SERVER=mongo
|
|
- ME_CONFIG_MONGODB_ADMINUSERNAME=root # replace with a less obvious username
|
|
- ME_CONFIG_MONGODB_ADMINPASSWORD=toor # replace with a better password
|
|
- ME_CONFIG_BASICAUTH_USERNAME=changeme # replace with a better username
|
|
- ME_CONFIG_BASICAUTH_PASSWORD=changeme # replace with a better password
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- mongo
|
|
networks:
|
|
- bw-services
|
|
|
|
volumes:
|
|
bw-data:
|
|
db-data:
|
|
|
|
networks:
|
|
bw-universe:
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: 10.20.30.0/24
|
|
bw-services:
|
|
bw-docker:
|