initial commit

2025-10-24 20:49:26 +02:00
commit fa4b2698bb
4 changed files with 84 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
+
+letsencrypt/
--- a/Readme.md
+++ b/Readme.md
--- a/rma-metrics/docker-compose.yml
+++ b/rma-metrics/docker-compose.yml
@@ -0,0 +1,48 @@
+services:
+  prometheus:
+    image: docker.io/prom/prometheus:v3.2.1
+    container_name: prometheus
+    command: "--config.file=/etc/prometheus/prometheus.yaml"
+    volumes:
+      - ./prometheus-config:/etc/prometheus
+      - prometheus-data:/prometheus
+    restart: unless-stopped
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.prometheus.entrypoints=websecure"
+      - "traefik.http.routers.prometheus.rule=Host(`prometheus.manager.remote-master.cloud`)"
+      - "traefik.http.services.prometheus.loadbalancer.server.port=9090"
+      - "traefik.http.routers.prometheus.service=prometheus"
+      - "traefik.http.routers.prometheus.tls.certresolver=myresolver"
+
+  grafana:
+    image: docker.io/grafana/grafana-oss:11.6.0
+    container_name: grafana
+    volumes:
+      - grafana-data:/var/lib/grafana
+    restart: unless-stopped
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.grafana.entrypoints=websecure"
+      - "traefik.http.routers.grafana.rule=Host(`metrics.manager.remote-master.cloud`)"
+      - "traefik.http.services.grafana.loadbalancer.server.port=3000"
+      - "traefik.http.routers.grafana.service=grafana"
+      - "traefik.http.routers.grafana.tls.certresolver=myresolver"
+
+networks:
+  proxy:
+    external: true
+
+volumes:
+  prometheus-data:
+    name: prometheus-data
+    external: true
+  grafana-data:
+    name: grafana-data
+    external: true
--- a/traefik/docker-compose.yml
+++ b/traefik/docker-compose.yml
@@ -0,0 +1,34 @@
+services:
+  traefik:
+    image: traefik:v3.2.1 # Use the latest stable version
+    restart: unless-stopped
+    command:
+      # Enable Docker Provider (listens to labels on other containers)
+      - --providers.docker=true
+      - --providers.docker.exposedbydefault=false
+      # Entrypoints for web traffic (HTTP and HTTPS)
+      - --entrypoints.web.address=:80
+      - --entrypoints.websecure.address=:443
+
+      - --entrypoints.websecure.http.tls.certresolver=myresolver
+      - --certificatesresolvers.myresolver.acme.email=development@safetytest.eu
+      - --certificatesresolvers.myresolver.acme.tlschallenge=true
+      - --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
+
+      # Optional: Redirect HTTP to HTTPS
+      - --entrypoints.web.http.redirections.entrypoint.to=websecure
+      - --entrypoints.web.http.redirections.entrypoint.scheme=https
+    ports:
+      - "80:80"
+      - "443:443"
+      # Optionally, a separate port for non-HTTP/S TCP traffic if needed
+      # - "444:444"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./letsencrypt:/letsencrypt # Volume to store certificates
+    networks:
+      - proxy # Use a common network
+
+networks:
+  proxy:
+    external: true # Assumes you created this network beforehand