version: "3.7" x-traefik-command-le: &traefik-command-le command: - "--log.level=${TRAEFIK_LOGLEVEL}" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:${TRAEFIK_HTTP_PORT}" - "--entrypoints.web.http.redirections.entryPoint.to=websecure" - "--entrypoints.web.http.redirections.entryPoint.scheme=https" - "--entrypoints.web.http.redirections.entrypoint.permanent=true" - "--entrypoints.websecure.address=:${TRAEFIK_TLS_PORT}" - "--certificatesresolvers.le.acme.httpchallenge=true" - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web" - "--certificatesresolvers.le.acme.email=${TRAEFIK_ACME_EMAIL}" - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json" x-traefik-command-nole: &traefik-command-nole command: - "--log.level=${TRAEFIK_LOGLEVEL}" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:${TRAEFIK_HTTP_PORT}" - "--entrypoints.web.http.redirections.entryPoint.to=websecure" - "--entrypoints.web.http.redirections.entryPoint.scheme=https" - "--entrypoints.web.http.redirections.entrypoint.permanent=true" - "--entrypoints.websecure.address=:${TRAEFIK_TLS_PORT}" x-monerod-command: &monerod-command command: >- --public-node --no-igd --no-zmq --enable-dns-blocklist --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=${MONEROD_RESTRICTED_RPC_PORT} --confirm-external-bind --rpc-bind-port=${MONEROD_RPC_PORT} --rpc-bind-ip=0.0.0.0 ${MONEROD_EXTRA_PARAMS} x-tor-service: &tor-service tor: container_name: tor image: vdo1138/tor-hidden-service:${TOR_TAG} links: - monerod environment: MONEROD_TOR_SERVICE_HOSTS: "${TOR_HTTP_PORT}:monerod:${MONEROD_RESTRICTED_RPC_PORT}" volumes: - ./data/tor:/var/lib/tor/hidden_service/ x-explorer-service: &explorer-service explorer: image: vdo1138/xmrblocks:${EXPLORER_TAG} container_name: explorer restart: unless-stopped volumes: - ./data/monero:/home/monero/.bitmonero ports: - ${EXPLORER_PORT} depends_on: - monerod labels: - "traefik.enable=true" - "traefik.http.routers.explorer.rule=(PathPrefix(`/explorer`) )" #!nole # - "traefik.http.routers.explorer.rule=(Host(`${DOMAIN}`) && PathPrefix(`/explorer`) )" #!le # - "traefik.http.routers.explorer.tls.certresolver=le" #!le - "traefik.http.middlewares.stripprefix-explorer.stripprefix.prefixes=/explorer" - "traefik.http.routers.explorer.middlewares=stripprefix-explorer" - "traefik.http.routers.explorer.entrypoints=websecure" - "traefik.http.routers.explorer.tls" - "traefik.http.routers.explorer.service=explorer" - "traefik.http.services.explorer.loadbalancer.server.port=${EXPLORER_PORT}" x-monero-exporter-service: &monero-exporter-service monero-exporter: command: - --monero-addr=http://monerod:${MONEROD_RPC_PORT} container_name: monero-exporter image: utxobr/monero-exporter@sha256:737413b1054583535e835e1417b61a8d59a4c08723e4a15c61c4249c2a7d69a4 x-grafana-service: &grafana-service grafana: user: "1000" command: - -config=/etc/grafana/grafana.ini container_name: grafana image: grafana/grafana:${GRAFANA_TAG} ports: - 3000 volumes: - ./data/grafana:/var/lib/grafana - ./config/grafana/grafana.ini:/etc/grafana/grafana.ini:ro - ./config/grafana/provisioning:/etc/grafana/provisioning:ro - ./config/grafana/dashboards:/var/lib/grafana/dashboards:ro environment: GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD} labels: - "traefik.enable=true" - "traefik.http.routers.grafana.rule=(PathPrefix(`/grafana`) )" #!nole # - "traefik.http.routers.grafana.rule=(Host(`${DOMAIN}`) && PathPrefix(`/grafana`) )" #!le # - "traefik.http.routers.grafana.tls.certresolver=le" #!le - "traefik.http.middlewares.stripprefix-grafana.stripprefix.prefixes=/grafana" - "traefik.http.routers.grafana.middlewares=stripprefix-grafana" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.routers.grafana.tls" - "traefik.http.routers.grafana.service=grafana" - "traefik.http.services.grafana.loadbalancer.server.port=3000" x-prometheus-service: &prometheus-service prometheus: user: "1000" command: - --config.file=/etc/prometheus/config.yaml - --storage.tsdb.path=/data - --storage.tsdb.retention.time=30d container_name: prometheus image: bitnami/prometheus:${PROMETHEUS_TAG} volumes: - ./data/prometheus:/data - ./config/prometheus/config.yaml:/etc/prometheus/config.yaml:ro x-watchtower-service: &watchtower-service watchtower: container_name: watchtower image: containrrr/watchtower:latest volumes: - /var/run/docker.sock:/var/run/docker.sock labels: - com.centurylinklabs.watchtower.enable="false" command: --interval 360 --include-stopped services: traefik: image: traefik:${TRAEFIK_TAG} container_name: traefik ports: - ${TRAEFIK_HTTP_PORT}:${TRAEFIK_HTTP_PORT} - ${TRAEFIK_TLS_PORT}:${TRAEFIK_TLS_PORT} volumes: - "./data/letsencrypt:/letsencrypt" #!le - "/var/run/docker.sock:/var/run/docker.sock:ro" <<: *traefik-command-nole #!traefik-command restart: always monerod: container_name: monerod image: sethsimmons/simple-monerod:${MONEROD_TAG} <<: *monerod-command ports: - "${MONEROD_P2P_PORT}:${MONEROD_P2P_PORT}" # Exposes P2P port volumes: - "./data/monero:/home/monero/.bitmonero" labels: - "traefik.enable=true" # - "traefik.http.routers.monerod.rule=(Host(`${DOMAIN}`) && PathPrefix(`/`))" #!le # - "traefik.http.routers.monerod.tls.certresolver=le" #!le - "traefik.http.routers.monerod.rule=(PathPrefix(`/`))" #!nole - "traefik.http.routers.monerod.entrypoints=websecure" - "traefik.http.routers.monerod.tls" - "traefik.http.routers.monerod.service=monerod" - "traefik.http.services.monerod.loadbalancer.server.port=${MONEROD_RESTRICTED_RPC_PORT}" # - "traefik.http.middlewares.corsheader.headers.accessControlAllowOriginList=${MONEROD_accessControlAllowOriginList}" #!cors # - "traefik.http.routers.monerod.middlewares=corsheader" #!cors restart: unless-stopped # <<: *tor-service #!tor # <<: *explorer-service #!explorer # <<: *monero-exporter-service #!monero-exporter # <<: *grafana-service #!grafana # <<: *prometheus-service #!prometheus # <<: *watchtower-service #!watchtower