-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.yaml
75 lines (69 loc) · 1.61 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
services:
spoa:
image: crowdsecurity/crowdsec-spoa:latest
build:
context: .
dockerfile: Dockerfile
depends_on:
- crowdsec
volumes:
- sockets:/run/
- templates:/var/lib/crowdsec/lua/haproxy/templates/
- lua:/usr/local/crowdsec/lua/haproxy/
- geodb:/var/lib/crowdsec/data/
- ./config/crowdsec-spoa-bouncer.yaml.local:/etc/crowdsec/bouncers/crowdsec-spoa-bouncer.yaml.local
networks:
crowdsec:
ipv4_address: 10.5.5.254
deploy:
resources:
limits:
cpus: "4.0"
memory: 250M
whoami:
image: traefik/whoami:latest
networks:
- crowdsec
command:
- --port=2020
haproxy:
image: haproxy:2.9.7-alpine
volumes:
- ./config/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
- ./config/crowdsec.cfg:/usr/local/etc/haproxy/crowdsec.cfg
- sockets:/run/
- templates:/var/lib/crowdsec/lua/haproxy/templates/
- lua:/usr/local/crowdsec/lua/haproxy/
ports:
- "9090:9090"
depends_on:
- crowdsec
- spoa
- whoami
networks:
- crowdsec
crowdsec:
image: crowdsecurity/crowdsec:latest
environment:
- BOUNCER_KEY_SPOA=+4iYgItcalc9+0tWrvrj9R6Wded/W1IRwRtNmcWR9Ws
- DISABLE_ONLINE_API=true
volumes:
- geodb:/staging/var/lib/crowdsec/data/
networks:
- crowdsec
volumes:
lua:
driver: local
sockets:
driver: local
templates:
driver: local
geodb:
driver: local
networks:
crowdsec:
driver: bridge
ipam:
driver: default
config:
- subnet: "10.5.5.0/24"