##// END OF EJS Templates
rhodecode-enterprise-docker
RSS
stack: enable auth for loki as it needs public exposure...
super-admin -
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,5 b''
1 # basic auth for traefik middleware.
2 # format here is <user>:<bcrypt_password>
3 # to generate bcrypt password one can use
4 # curl --verbose --request POST --data "password=XlokiAuth101&cost=10" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
5 loki-auth:$2b$10$U8Cui8cO9ZXehYV.7atv8uPuA6rBVrA.Mxzvt8EsdheztkyXZagv6
Show file before | Show file after | Hide comments
@@ -10,6 +10,9 b' entryPoints:'
10 10 ssh:
11 11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
12 12
13 loki:
14 address: ":3100"
15
13 16 traefik:
14 17 address: ":7000"
15 18
Show file before | Show file after | Hide comments
@@ -14,6 +14,10 b' http:'
14 14 average: 100
15 15 burst: 50
16 16
17 basic-auth:
18 basicAuth:
19 usersfile: /etc/traefik/.htpasswd
20
17 21 # Dynamic configuration for standard file based SSL cert
18 22 # create a custom copy of the traefik into .custom/ and remount this
19 23 # to enable custom certificates
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 5 # NOTE: loki logging driver ONLY works for host type networks...
6 6 driver: loki
7 7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 10 loki-retries: "5"
11 11 loki-timeout: "1s"
12 12 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -11,8 +11,8 b' x-logging: &custom-logging'
11 11 # debug: sudo journalctl -u docker.service | grep loki
12 12 driver: loki
13 13 options:
14 #loki-url: "http://loki:3100/loki/api/v1/push"
15 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
14 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
15 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
16 16 loki-retries: "5"
17 17 loki-timeout: "1s"
18 18 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -103,10 +103,8 b' services:'
103 103 loki:
104 104 image: grafana/loki:2.7.1
105 105 restart: always
106 ports:
107 # Loki port is the only one that needs explicitly
108 # be exposed because of logging driver host-only woking mode
109 - "3100:3100"
106 # ports:
107 # - "3100:3100"
110 108 # - "9095:9095"
111 109 command: [
112 110 "-config.file=/etc/loki/loki-config.yaml"
@@ -115,6 +113,17 b' services:'
115 113 - rhodecode_network
116 114 volumes:
117 115 - ./config/loki:/etc/loki
116 # optionally mount host container to scrape docker logs...
117 # - /var/lib/docker/containers:/var/lib/docker/containers:ro
118 labels:
119 # Loki port is the only one that needs explicitly
120 # be exposed because of logging driver host-only working mode
121 - "traefik.enable=true"
122 - "traefik.http.routers.loki.entrypoints=loki"
123 - "traefik.http.routers.loki.rule=PathPrefix(`/`)"
124 - "traefik.http.routers.loki.middlewares=basic-auth@file"
125 - "traefik.http.routers.loki.service=loki-http"
126 - "traefik.http.services.loki-http.loadbalancer.server.port=3100"
118 127
119 128 promtail:
120 129 image: grafana/promtail:2.7.1
@@ -127,5 +136,3 b' services:'
127 136 - /var/log:/var/log
128 137 - logvolume:/var/log_volume
129 138 - ./config/promtail:/etc/promtail
130 labels:
131 - "traefik.enable=false"
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 5 # NOTE: loki logging driver ONLY works for host type networks...
6 6 driver: loki
7 7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 10 loki-retries: "5"
11 11 loki-timeout: "1s"
12 12 loki-max-backoff: "800ms"
@@ -23,6 +23,8 b' services:'
23 23 - "80:80"
24 24 # The HTTPS port, exposed as https entrypoint
25 25 - "443:443"
26 # The loki port, exposed as http entrypoint behind auth
27 - "3100:3100"
26 28 # The SSH port
27 29 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
28 30 volumes:
Show file before | Show file after | Hide comments
@@ -5,8 +5,8 b' x-logging: &custom-logging'
5 5 # NOTE: loki logging driver ONLY works for host type networks...
6 6 driver: loki
7 7 options:
8 #loki-url: "http://loki:3100/loki/api/v1/push"
9 loki-url: "http://127.0.0.1:3100/loki/api/v1/push"
8 #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push"
9 loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push"
10 10 loki-retries: "5"
11 11 loki-timeout: "1s"
12 12 loki-max-backoff: "800ms"
Show file before | Show file after | Hide comments
@@ -3,12 +3,17 b" version: '3.9'"
3 3 services:
4 4
5 5 rhodecode:
6 ports:
7 - "10020:10020"
6 #ports:
7 # # expose port for optional direct port connection
8 # - "10020:10020"
8 9 environment:
9 10 DB_UPGRADE: 0 # run the DB upgrade
10 11 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11 12
13 #healthcheck:
14 # # disable the healthcheck
15 # test: ['CMD','true']
16
12 17 deploy:
13 18 replicas: 1
14 19
@@ -20,6 +25,10 b' services:'
20 25 deploy:
21 26 replicas: 1
22 27
28 #healthcheck:
29 # # disable the healthcheck
30 # test: ['CMD','true']
31
23 32 sshd:
24 33 {}
25 34
General Comments 0
You need to be logged in to leave comments. Login now