#version: "3.8" services: prometheus: profiles: ["monitoring","all","prometheus"] image: prom/prometheus:latest env_file: - ${PROJECT_ROOT}/secrets/stack-secrets.env container_name: prometheus depends_on: # - alertmanager - telegraf - influxdb - node-exporter - docker-update-exporter - pihole-exporter command: - "--config.file=/etc/prometheus/prometheus.yml" - "--storage.tsdb.path=/prometheus" - "--storage.tsdb.retention.time=15d" # build: # context: ${PROJECT_ROOT}/monitoring/prometheus volumes: - ${PROJECT_ROOT}/monitoring/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro - ${PROJECT_ROOT}/monitoring/prometheus/data:/prometheus - ${PROJECT_ROOT}/monitoring/prometheus/rules:/etc/prometheus/rules:ro - ${PROJECT_ROOT}/secrets/prometheus_kuma_basic_auth_password.txt:/run/secrets/prometheus_kuma_basic_auth_password:ro restart: unless-stopped labels: - "traefik.http.routers.prometheus.rule=Host(`prometheus.lan.ddnsgeek.com`)" - "traefik.enable=true" - "traefik.http.routers.prometheus.entrypoints=websecure" - "traefik.http.routers.prometheus.tls.certresolver=myresolver" - "io.portainer.accesscontrol.public" - "traefik.http.services.prometheus.loadbalancer.server.port=9090" - "traefik.http.routers.prometheus.middlewares=authelia" - "traefik.docker.network=core_traefik" networks: # - edge # - traefik_reverse_proxy - traefik - monitor healthcheck: test: ["CMD", "wget", "--spider", "-q", "http://localhost:9090/-/healthy"] interval: 30s timeout: 10s retries: 3 start_period: 30s # alertmanager: # image: prom/alertmanager:latest # container_name: alertmanager # command: # - "--config.file=/etc/alertmanager/alertmanager.yml" # volumes: # - ./alertmanager/alertmanager.yml:/etc/alertmanager/alertmanager.yml:ro # restart: unless-stopped # secrets: # - edge # - traefik_reverse_proxy # healthcheck: # test: ["CMD", "wget", "--spider", "-q", "http://localhost:9093/-/healthy"] # interval: 30s # timeout: 10s # retries: 3 # start_period: 20s # labels: # - "traefik.http.routers.alertmanager.rule=Host(`alertmanager.lan.ddnsgeek.com`)" # - "traefik.enable=true" # - "traefik.http.routers.alertmanager.entrypoints=websecure" # - "traefik.http.routers.alertmanager.tls.certresolver=myresolver" # - "io.portainer.accesscontrol.public" # - "traefik.http.services.alertmanager.loadbalancer.server.port=9093" # - "traefik.http.routers.alertmanager.middlewares=authelia" # - "traefik.docker.network=traefik_reverse_proxy" node-exporter: profiles: ["monitoring","all","prometheus-exporters"] image: prom/node-exporter:latest container_name: node-exporter pid: host volumes: - /proc:/host/proc:ro - /sys:/host/sys:ro - /:/rootfs:ro command: - "--path.procfs=/host/proc" - "--path.sysfs=/host/sys" - "--path.rootfs=/rootfs" restart: unless-stopped networks: # - edge - monitor healthcheck: test: ["CMD", "wget", "--spider", "-q", "http://localhost:9100/metrics"] interval: 30s timeout: 10s retries: 3 influxdb: profiles: ["monitoring","all","prometheus"] image: influxdb:2.7 container_name: influxdb restart: unless-stopped env_file: - ${PROJECT_ROOT}/secrets/stack-secrets.env volumes: - ${PROJECT_ROOT}/monitoring/influxdb:/var/lib/influxdb2 environment: DOCKER_INFLUXDB_INIT_MODE: setup DOCKER_INFLUXDB_INIT_USERNAME: ${INFLUXDB_INIT_USERNAME} DOCKER_INFLUXDB_INIT_PASSWORD_FILE: /run/secrets/influxdb_init_password DOCKER_INFLUXDB_INIT_ORG: ${INFLUXDB_INIT_ORG} DOCKER_INFLUXDB_INIT_BUCKET: ${INFLUXDB_INIT_BUCKET} secrets: - influxdb_init_password networks: # - edge # - traefik_reverse_proxy - traefik - monitor labels: - "traefik.http.routers.influxdb.rule=Host(`influxdb.lan.ddnsgeek.com`)" - "traefik.enable=true" - "traefik.http.routers.influxdb.entrypoints=websecure" - "traefik.http.routers.influxdb.tls.certresolver=myresolver" - "io.portainer.accesscontrol.public" - "traefik.http.services.influxdb.loadbalancer.server.port=8086" - "traefik.http.routers.influxdb.middlewares=authelia" - "traefik.docker.network=core_traefik" healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8086/health || exit 1"] interval: 30s timeout: 5s retries: 3 start_period: 10s telegraf: profiles: ["monitoring","all","prometheus"] image: telegraf:latest group_add: - "131" privileged: true container_name: telegraf restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ${PROJECT_ROOT}/monitoring/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro networks: # - edge - monitor healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:9273/metrics || exit 1"] interval: 30s timeout: 5s retries: 3 start_period: 10s docker-update-exporter: profiles: ["monitoring","all","prometheus-exporters"] build: context: ${PROJECT_ROOT}/monitoring/docker-exporter container_name: docker-update-exporter # volumes: # - /var/run/docker.sock:/var/run/docker.sock # - ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw # - ${PROJECT_ROOT}/services-up.sh:/app/services-up.sh:ro environment: LOG_LEVEL: DEBUG volumes: - ~/.docker/config.json:/root/.docker/config.json:ro - /var/run/docker.sock:/var/run/docker.sock - ${PROJECT_ROOT}/monitoring/docker-exporter/data:/data:rw - ${PROJECT_ROOT}:/compose - ${PROJECT_ROOT}/default-environment.env:/compose/default-environment.env:ro - ${PROJECT_ROOT}/default-network.yml:/compose/default-network.yml:ro - ${PROJECT_ROOT}/core/docker-compose.yml:/compose/core/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/prometheus/docker-compose.yml:/compose/monitoring/prometheus/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/gotify/docker-compose.yml:/compose/monitoring/gotify/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/grafana/docker-compose.yml:/compose/monitoring/grafana/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/portainer/docker-compose.yml:/compose/monitoring/portainer/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/uptime-kuma/docker-compose.yml:/compose/monitoring/uptime-kuma/docker-compose.yml:> - ${PROJECT_ROOT}/apps/gitea/docker-compose.yml:/compose/apps/gitea/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/gramps/docker-compose.yml:/compose/apps/gramps/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/nextcloud/docker-compose.yml:/compose/apps/nextcloud/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/passbolt/docker-compose.yml:/compose/apps/passbolt/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/searxng/docker-compose.yml:/compose/apps/searxng/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/shift-recorder/docker-compose.yml:/compose/apps/shift-recorder/docker-compose.yml:ro - ${PROJECT_ROOT}/apps/stockfill/docker-compose.yml:/compose/apps/stockfill/docker-compose.yml:ro - ${PROJECT_ROOT}/monitoring/node-red/docker-compose.yml:/compose/monitoring/node-red/docker-compose.yml:ro - ${PROJECT_ROOT}/core/test/docker-compose.yml:/compose/core/test/docker-compose.yml:ro # ports: # - "9105:9105" restart: unless-stopped networks: # - edge - monitor healthcheck: test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:9105/metrics')"] interval: 30s timeout: 5s retries: 3 start_period: 10s pihole-exporter: profiles: ["monitoring","all","prometheus-exporters"] image: ekofr/pihole-exporter:latest container_name: pihole-exporter env_file: - ${PROJECT_ROOT}/secrets/stack-secrets.env environment: PIHOLE_HOSTNAME: ${PIHOLE_HOSTNAME} PIHOLE_PASSWORD: ${PIHOLE_PASSWORD} PORT: 9617 ports: - "9617:9617" restart: unless-stopped networks: # - edge - monitor #networks: # internal: # internal: true # edge: # internal: false # traefik_reverse_proxy: # external: true secrets: influxdb_init_password: file: ${PROJECT_ROOT}/secrets/influxdb_init_password.txt