version: "3.4" services: prometheus: image: prom/prometheus:latest restart: unless-stopped command: - '--config.file=/etc/prometheus/prometheus.yml' - '--web.external-url=https://prometheus.tobiasmanske.de' volumes: - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro,Z - prom_data:/prometheus - label_discovery:/label_discovery:ro - ./rules:/rules:ro,Z labels: - "traefik.enable=true" - "traefik.http.routers.prometheus.rule=Host(`prometheus.tobiasmanske.de`)" - "traefik.http.routers.prometheus.entryPoints=websecure" - "traefik.http.services.prometheus.loadbalancer.server.port=9090" - "traefik.http.routers.prometheus.middlewares=oauth@file" depends_on: - prometheus-docker-sd - cadvisor - node-exporter networks: - gateway - backend - alertmanager prometheus-docker-sd: image: registry.tobiasmanske.de/prometheus-docker-sd:latest restart: unless-stopped privileged: true networks: - backend volumes: - /var/run/docker.sock:/var/run/docker.sock:ro,Z - label_discovery:/prometheus-docker-sd:rw logging: # this service generates a HUGE amout of logs. driver: "none" alertmanager: image: prom/alertmanager:latest labels: - "traefik.enable=true" - "traefik.http.routers.alertmanager.rule=Host(`alertmanager.tobiasmanske.de`)" - "traefik.http.routers.alertmanager.entryPoints=websecure" - "traefik.http.services.alertmanager.loadbalancer.server.port=9093" - "traefik.http.routers.alertmanager.middlewares=oauth@file" volumes: - ./alertmanager.yml:/etc/alertmanager/config.yml:ro,Z - alertmanager_data:/data networks: - alertmanager - gateway restart: unless-stopped command: - '--config.file=/etc/alertmanager/config.yml' - '--web.external-url=https://alertmanager.tobiasmanske.de' - '--storage.path=/data' alertmanager-matrix: image: jaywink/matrix-alertmanager:latest restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.alertmanager-matrix.rule=Host(`alertmanager.tobiasmanske.de`) && PathPrefix(`/matrix/`)" - "traefik.http.routers.alertmanager-matrix.middlewares=matrix-strip" - "traefik.http.middlewares.matrix-strip.stripprefix.prefixes=/matrix" - "traefik.http.middlewares.matrix-strip.stripprefix.forceslash=false" - "traefik.http.routers.alertmanager-matrix.entryPoints=websecure" - "traefik.http.services.alertmanager-matrix.loadbalancer.server.port=3000" environment: - APP_PORT=3000 - APP_ALERTMANAGER_SECRET={{ prometheus.alertmanager.matrix.alertmanager_token }} - MATRIX_HOMESERVER_URL=http://pantalaimon:8008 - MATRIX_ROOMS={{ prometheus.alertmanager.matrix.rooms | join('|') }} - MATRIX_TOKEN={{ prometheus.alertmanager.matrix.matrix_token }} - MATRIX_USER=@alertmanager:{{ matrix.baseurl }} - MENTION_ROOM=1 networks: - alertmanager - pantalaimon - gateway grafana: image: grafana/grafana:latest restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.grafana.rule=Host(`grafana.tobiasmanske.de`)" - "traefik.http.routers.grafana.entryPoints=websecure" - "traefik.http.services.grafana.loadbalancer.server.port=3000" - "traefik.http.routers.grafana.middlewares=oauth@file" networks: - gateway - backend environment: - "GF_SECURITY_ADMIN_USER={{ grafana.admin.user }}" - "GF_SECURITY_ADMIN_PASSWORD={{ grafana.admin.password }}" volumes: - grafana_data:/var/lib/grafana - ./grafana-ds.yml:/etc/grafana/provisioning/datasources/datasource.yml:ro,Z node-exporter: image: quay.io/prometheus/node-exporter:latest container_name: host-nc-chaoswg-org-node-exporter privileged: true labels: - "prometheus-scrape.enabled=true" - "prometheus-scrape.port=9100" volumes: - /proc:/host/proc:ro - /sys:/host/sys:ro - /:/rootfs:ro - /:/host:ro,rslave - /run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:ro command: - '--path.rootfs=/host' - '--path.procfs=/host/proc' - '--path.sysfs=/host/sys' - '--collector.filesystem.ignored-mount-points' - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" - '--collector.systemd' networks: - backend restart: unless-stopped cadvisor: image: gcr.io/cadvisor/cadvisor:latest privileged: true labels: - "prometheus-scrape.enabled=true" - "prometheus-scrape.port=8080" command: - "-docker_only=true" - "-housekeeping_interval=10s" volumes: - /:/rootfs:ro - /var/run:/var/run:rw - /sys:/sys:ro - /var/lib/docker/:/var/lib/docker:ro networks: - backend restart: unless-stopped volumes: prom_data: grafana_data: label_discovery: alertmanager_data: networks: gateway: external: true pantalaimon: external: true backend: internal: true alertmanager: internal: true