Необходимо развернуть сервер rocketchat в контейнере docker
Стек ПО следующий: Traefik, MongoDB7 и RocketChat latest. Необходимо заменить только имя домена rocketchat.datastore.center и адрес email
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
services: db: image: docker.io/bitnami/mongodb:7.0.15 container_name: rocketchat-db hostname: rocketchat-db security_opt: - no-new-privileges:true healthcheck: test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"] interval: 10s timeout: 10s retries: 5 start_period: 20s environment: MONGODB_REPLICA_SET_MODE: primary MONGODB_REPLICA_SET_NAME: rs0 ALLOW_EMPTY_PASSWORD: 1 MONGODB_SYSTEM_LOG_VERBOSITY: 3 volumes: - /volume1/docker/rocketchat/db:/bitnami/mongodb:rw restart: on-failure:5 rocketchat: image: rocketchat/rocket.chat:latest container_name: rocketchat hostname: rocketchat healthcheck: test: ["CMD-SHELL", "nc -z 127.0.0.1 3000 || exit 1"] interval: 10s timeout: 5s retries: 3 start_period: 90s hostname: rocketchat security_opt: - no-new-privileges:true environment: MONGO_URL: mongodb://rocketchat-db:27017/rocketchat?replicaSet=rs0 MONGO_OPLOG_URL: mongodb://rocketchat-db:27017/local?replicaSet=rs0 ROOT_URL: https://rocketchat.datastore.center URL: https://rocketchat.datastore.center PORT: 3000 DEPLOY_METHOD: docker volumes: - /volume1/docker/rocketchat/data:/app/uploads:rw ports: - 3000:3000 restart: on-failure:5 depends_on: db: condition: service_started |
Все тоже самое, но с использованием traefik в качестве WEB-сервера и автоматического продления сертификата Let’s Encrypt
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
services: db: image: docker.io/bitnami/mongodb:7.0.15 container_name: rocketchat-db hostname: rocketchat-db security_opt: - no-new-privileges:true healthcheck: test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"] interval: 10s timeout: 10s retries: 5 start_period: 20s environment: MONGODB_REPLICA_SET_MODE: primary MONGODB_REPLICA_SET_NAME: rs0 ALLOW_EMPTY_PASSWORD: 1 MONGODB_SYSTEM_LOG_VERBOSITY: 3 volumes: - /volume1/docker/rocketchat/db:/bitnami/mongodb:rw restart: on-failure:5 rocketchat: image: rocketchat/rocket.chat:latest container_name: rocketchat hostname: rocketchat healthcheck: test: ["CMD-SHELL", "nc -z 127.0.0.1 3000 || exit 1"] interval: 10s timeout: 5s retries: 3 start_period: 90s security_opt: - no-new-privileges:true labels: traefik.enable: true traefik.http.routers.rocketchat.rule: Host(`rocketchat.datastore.center`) traefik.http.routers.rocketchat.entrypoints: http traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https traefik.http.routers.rocketchat.middlewares: redirect-to-https@docker traefik.http.routers.rocketchat-secured.rule: Host(`rocketchat.datastore.center`) traefik.http.routers.rocketchat-secured.entrypoints: https traefik.http.routers.rocketchat-secured.tls: true traefik.http.routers.rocketchat-secured.tls.certresolver: le environment: MONGO_URL: mongodb://rocketchat-db:27017/rocketchat?replicaSet=rs0 MONGO_OPLOG_URL: mongodb://rocketchat-db:27017/local?replicaSet=rs0 ROOT_URL: https://rocketchat.datastore.center URL: https://rocketchat.datastore.center PORT: 3000 DEPLOY_METHOD: docker volumes: - /volume1/docker/rocketchat/data:/app/uploads:rw ports: - 3000:3000 restart: on-failure:5 depends_on: db: condition: service_started traefik: image: docker.io/traefik:latest hostname: rocketchat-web container_name: rocketchat-web restart: always command: - --api.insecure=true - --providers.docker=true - --providers.docker.exposedbydefault=false - --entrypoints.http.address=:80 - --entrypoints.https.address=:443 - --certificatesresolvers.le.acme.tlschallenge=true - --certificatesresolvers.le.acme.email=spiridonov.konstantin@gmail.com - --certificatesresolvers.le.acme.storage=/letsencrypt/acme.json # This line below is to get a testing SSL cert, just uncomment it and thats it. #- --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory ports: - 80:80 - 443:443 - 8080:8080 volumes: - ./letsencrypt:/letsencrypt:rw - /var/run/docker.sock:/var/run/docker.sock:ro |
В portainer stack выглядит вот так
Загрузка...