##// END OF EJS Templates
rhodecode-enterprise-docker
RSS
stack: enable auth for loki as it needs public exposure...
super-admin -
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,5 b''
1 # basic auth for traefik middleware.
2 # format here is <user>:<bcrypt_password>
3 # to generate bcrypt password one can use
4 # curl --verbose --request POST --data "password=XlokiAuth101&cost=10" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
5 loki-auth:$2b$10$U8Cui8cO9ZXehYV.7atv8uPuA6rBVrA.Mxzvt8EsdheztkyXZagv6
Show file before | Show file after | Hide comments
@@ -10,6 +10,9 b' entryPoints:'
10 ssh:
10 ssh:
11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
12
12
13 loki:
14 address: ":3100"
15
13 traefik:
16 traefik:
14 address: ":7000"
17 address: ":7000"
15
18
Show file before | Show file after | Hide comments
@@ -14,6 +14,10 b' http:'
14 average: 100
14 average: 100
15 burst: 50
15 burst: 50
16
16
17 basic-auth:
18 basicAuth:
19 usersfile: /etc/traefik/.htpasswd
20
17 # Dynamic configuration for standard file based SSL cert
21 # Dynamic configuration for standard file based SSL cert
18 # create a custom copy of the traefik into .custom/ and remount this
22 # create a custom copy of the traefik into .custom/ and remount this
19 # to enable custom certificates
23 # to enable custom certificates
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -11,8 +11,8 b' x-logging: &custom-logging'
11 # debug: sudo journalctl -u docker.service | grep loki
11 # debug: sudo journalctl -u docker.service | grep loki
12 driver: loki
12 driver: loki
13 options:
13 options:
14 #loki-url: "http://loki:3100/loki/api/v1/push"
14 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
15 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
15 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
16 loki-retries: "5"
16 loki-retries: "5"
17 loki-timeout: "1s"
17 loki-timeout: "1s"
18 loki-max-backoff: "800ms"
18 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -103,10 +103,8 b' services:'
103 loki:
103 loki:
104 image: grafana/loki:2.7.1
104 image: grafana/loki:2.7.1
105 restart: always
105 restart: always
106 ports:
106 # ports:
107 # Loki port is the only one that needs explicitly
107 # - "3100:3100"
108 # be exposed because of logging driver host-only woking mode
109 - "3100:3100"
110 # - "9095:9095"
108 # - "9095:9095"
111 command: [
109 command: [
112 "-config.file=/etc/loki/loki-config.yaml"
110 "-config.file=/etc/loki/loki-config.yaml"
@@ -115,6 +113,17 b' services:'
115 - rhodecode_network
113 - rhodecode_network
116 volumes:
114 volumes:
117 - ./config/loki:/etc/loki
115 - ./config/loki:/etc/loki
116 # optionally mount host container to scrape docker logs...
117 # - /var/lib/docker/containers:/var/lib/docker/containers:ro
118 labels:
119 # Loki port is the only one that needs explicitly
120 # be exposed because of logging driver host-only working mode
121 - "traefik.enable=true"
122 - "traefik.http.routers.loki.entrypoints=loki"
123 - "traefik.http.routers.loki.rule=PathPrefix(`/`)"
124 - "traefik.http.routers.loki.middlewares=basic-auth@file"
125 - "traefik.http.routers.loki.service=loki-http"
126 - "traefik.http.services.loki-http.loadbalancer.server.port=3100"
118
127
119 promtail:
128 promtail:
120 image: grafana/promtail:2.7.1
129 image: grafana/promtail:2.7.1
@@ -127,5 +136,3 b' services:'
127 - /var/log:/var/log
136 - /var/log:/var/log
128 - logvolume:/var/log_volume
137 - logvolume:/var/log_volume
129 - ./config/promtail:/etc/promtail
138 - ./config/promtail:/etc/promtail
130 labels:
131 - "traefik.enable=false"
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
@@ -23,6 +23,8 b' services:'
23 - "80:80"
23 - "80:80"
24 # The HTTPS port, exposed as https entrypoint
24 # The HTTPS port, exposed as https entrypoint
25 - "443:443"
25 - "443:443"
26 # The loki port, exposed as http entrypoint behind auth
27 - "3100:3100"
26 # The SSH port
28 # The SSH port
27 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
29 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
28 volumes:
30 volumes:
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 # NOTE: loki logging driver ONLY works for host type networks...
5 # NOTE: loki logging driver ONLY works for host type networks...
6 driver: loki
6 driver: loki
7 options:
7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 loki-retries: "5"
10 loki-retries: "5"
11 loki-timeout: "1s"
11 loki-timeout: "1s"
12 loki-max-backoff: "800ms"
12 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -3,12 +3,17 b" version: '3.9'"
3 services:
3 services:
4
4
5 rhodecode:
5 rhodecode:
6 ports:
6 #ports:
7 - "10020:10020"
7 # # expose port for optional direct port connection
8 # - "10020:10020"
8 environment:
9 environment:
9 DB_UPGRADE: 0 # run the DB upgrade
10 DB_UPGRADE: 0 # run the DB upgrade
10 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11
12
13 #healthcheck:
14 # # disable the healthcheck
15 # test: ['CMD','true']
16
12 deploy:
17 deploy:
13 replicas: 1
18 replicas: 1
14
19
@@ -20,6 +25,10 b' services:'
20 deploy:
25 deploy:
21 replicas: 1
26 replicas: 1
22
27
28 #healthcheck:
29 # # disable the healthcheck
30 # test: ['CMD','true']
31
23 sshd:
32 sshd:
24 {}
33 {}
25
34
General Comments 0
You need to be logged in to leave comments. Login now