furyhawk/cloudy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor traefik.yml to enable MQTT support and update routing rules

Browse Source
This commit is contained in:
Teck Meng
2024-06-01 22:28:16 +08:00
parent 374d07f979
commit 8da24cf80a
4 changed files with 209 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files
swarm/apps.yml
+69 -74
View File
@@ -7,8 +7,10 @@ x-environment: &app-environment
volumes:
bai_cache: {}
pgadmin: {}
privatebin_data: {}
thelounge_data: {}
networks:
traefik-public:
external: true
services:
@@ -26,26 +28,18 @@ services:
restart: unless-stopped
depends_on:
- postgres
expose:
- 8080
networks:
- traefik-public
deploy:
labels:
- "traefik.enable=true"
- "traefik.http.routers.adminer.entrypoints=web-secure"
- "traefik.http.routers.adminer.rule=Host(`adminer.${DOMAIN}`) || Host(`dbadmin.${DOMAIN}`)"
- "traefik.http.routers.adminer.tls.certresolver=letsencrypt"
- "traefik.http.routers.adminer.service=adminer_app"
- "traefik.http.services.adminer_app.loadbalancer.server.port=8080"
labels:
- "traefik.enable=true"
- "traefik.http.routers.adminer.entrypoints=web-secure"
- "traefik.http.routers.adminer.rule=Host(`adminer.${DOMAIN}`) || Host(`dbadmin.${DOMAIN}`)"
- "traefik.http.routers.adminer.middlewares=csrf@file"
- "traefik.http.routers.adminer.tls.certresolver=letsencrypt"
- "traefik.http.routers.adminer.service=adminer_app"
- "traefik.http.services.adminer_app.loadbalancer.server.port=8080"
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.adminer.entrypoints=https
- traefik.http.routers.adminer.rule=Host(`adminer.${DOMAIN}`) || Host(`dbadmin.${DOMAIN}`)
- traefik.http.routers.adminer.tls.certresolver=le
- traefik.http.routers.adminer.service=adminer_app
- traefik.http.services.adminer_app.loadbalancer.server.port=8080
heynote_app:
image: furyhawk/heynote:${HEYNOTETAG:-latest}
@@ -53,18 +47,18 @@ services:
environment:
NODE_ENV: production
DOMAIN: ${DOMAIN}
expose:
- 5173
networks:
- net
labels:
- "traefik.enable=true"
- "traefik.http.routers.heynote.entrypoints=web-secure"
- "traefik.http.routers.heynote.rule=HostRegexp(`note[0-9]{0,2}.${DOMAIN}`) || Host(`pad.${DOMAIN}`)"
- "traefik.http.routers.heynote.middlewares=csrf@file"
- "traefik.http.routers.heynote.tls.certresolver=letsencrypt"
- "traefik.http.routers.heynote.service=heynote_app"
- "traefik.http.services.heynote_app.loadbalancer.server.port=5173"
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- "traefik.http.routers.heynote.entrypoints=https"
- "traefik.http.routers.heynote.rule=HostRegexp(`note[0-9]{0,2}.${DOMAIN}`) || Host(`pad.${DOMAIN}`)"
- "traefik.http.routers.heynote.tls.certresolver=le"
- "traefik.http.routers.heynote.service=heynote_app"
- "traefik.http.services.heynote_app.loadbalancer.server.port=5173"
streamlit-bai:
environment:
@@ -74,63 +68,64 @@ services:
command: streamlit run --server.port=$STREAMLIT_BAI_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$BAI_LOCATION src/app.py
volumes:
- bai_cache:/app/cache
expose:
- ${STREAMLIT_BAI_SERVER_PORT}
networks:
- net
labels:
- "traefik.enable=true"
- "traefik.http.routers.streamlit-bai.entrypoints=web-secure"
- "traefik.http.routers.streamlit-bai.rule=Host(`bai.${DOMAIN}`)"
- "traefik.http.routers.streamlit-bai.middlewares=csrf@file"
- "traefik.http.routers.streamlit-bai.tls.certresolver=letsencrypt"
- "traefik.http.routers.streamlit-bai.service=streamlit_bai_app"
- "traefik.http.services.streamlit_bai_app.loadbalancer.server.port=${STREAMLIT_BAI_SERVER_PORT}"
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.streamlit-bai.entrypoints=https
- traefik.http.routers.streamlit-bai.rule=Host(`bai.${DOMAIN}`)
- traefik.http.routers.streamlit-bai.tls.certresolver=le
- traefik.http.routers.streamlit-bai.service=streamlit_bai_app
- traefik.http.services.streamlit_bai_app.loadbalancer.server.port=${STREAMLIT_BAI_SERVER_PORT}
streamlit-fin:
environment:
<<: *app-environment
image: furyhawk/llama3toolsfin:main
restart: unless-stopped
expose:
- ${STREAMLIT_FIN_SERVER_PORT}
networks:
- net
labels:
- "traefik.enable=true"
- "traefik.http.routers.streamlit-fin.entrypoints=web-secure"
- "traefik.http.routers.streamlit-fin.rule=Host(`fin.${DOMAIN}`)"
- "traefik.http.routers.streamlit-fin.middlewares=csrf@file"
- "traefik.http.routers.streamlit-fin.tls.certresolver=letsencrypt"
- "traefik.http.routers.streamlit-fin.service=streamlit_fin_app"
- "traefik.http.services.streamlit_fin_app.loadbalancer.server.port=${STREAMLIT_FIN_SERVER_PORT}"
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.streamlit-fin.entrypoints=https
- traefik.http.routers.streamlit-fin.rule=Host(`fin.${DOMAIN}`)
- traefik.http.routers.streamlit-fin.tls.certresolver=le
- traefik.http.routers.streamlit-fin.service=streamlit_fin_app
- traefik.http.services.streamlit_fin_app.loadbalancer.server.port=${STREAMLIT_FIN_SERVER_PORT}
site_server:
image: nginx:alpine
restart: unless-stopped
volumes:
- ~/site:/usr/share/nginx/html:ro
expose:
- 80
networks:
- net
labels:
- "traefik.enable=true"
- "traefik.http.routers.site_server.entrypoints=web-secure"
- "traefik.http.routers.site_server.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`) || Host(`info.${DOMAIN}`) || Host(`124c41.${DOMAIN}`)"
- "traefik.http.routers.site_server.middlewares=csrf@file, no-www@file"
- "traefik.http.routers.site_server.tls.certresolver=letsencrypt"
- "traefik.http.routers.site_server.service=site_server_app"
- "traefik.http.services.site_server_app.loadbalancer.server.port=80"
- "traefik.http.routers.resume_router.entrypoints=web-secure"
- "traefik.http.routers.resume_router.rule=Host(`resume.${DOMAIN}`)"
- "traefik.http.routers.resume_router.middlewares=csrf@file, redirect-resume@file"
- "traefik.http.routers.resume_router.tls.certresolver=letsencrypt"
- "traefik.http.routers.resume_router.service=resume_server"
- "traefik.http.services.resume_server.loadbalancer.server.port=80"
- "traefik.http.routers.blog_router.entrypoints=web-secure"
- "traefik.http.routers.blog_router.rule=Host(`blog.${DOMAIN}`)"
- "traefik.http.routers.blog_router.middlewares=redirect-blog@file"
- "traefik.http.routers.blog_router.tls.certresolver=letsencrypt"
- "traefik.http.routers.blog_router.service=blog_server"
- "traefik.http.services.blog_server.loadbalancer.server.port=80"
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.site_server.entrypoints=https
- traefik.http.routers.site_server.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`) || Host(`info.${DOMAIN}`) || Host(`124c41.${DOMAIN}`)
- traefik.http.routers.site_server.middlewares=no-www
- traefik.http.routers.site_server.tls.certresolver=le
- traefik.http.routers.site_server.service=site_server_app
- traefik.http.services.site_server_app.loadbalancer.server.port=80
- "traefik.http.routers.resume_router.entrypoints=https"
- "traefik.http.routers.resume_router.rule=Host(`resume.${DOMAIN}`)"
- "traefik.http.routers.resume_router.middlewares=redirect-resume"
- "traefik.http.routers.resume_router.tls.certresolver=le"
- "traefik.http.routers.resume_router.service=resume_server"
- "traefik.http.services.resume_server.loadbalancer.server.port=80"
- "traefik.http.routers.blog_router.entrypoints=https"
- "traefik.http.routers.blog_router.rule=Host(`blog.${DOMAIN}`)"
- "traefik.http.routers.blog_router.middlewares=redirect-blog"
- "traefik.http.routers.blog_router.tls.certresolver=le"
- "traefik.http.routers.blog_router.service=blog_server"
- "traefik.http.services.blog_server.loadbalancer.server.port=80"
swarm/core.yml
+16 -5
View File
@@ -10,11 +10,22 @@ services:
- target: 443
published: 443
mode: host
- target: 5432
published: 5432
mode: host
- target: 8083
published: 8083
mode: host
- target: 8084
published: 8084
mode: host
# - target: 8883
# published: 8883
# mode: host
# - "8083:8083"
# - "8084:8084"
# - "5432:5432"
# - "7687:7687"
- "8083:8083"
- "8084:8084"
- "8883:8883"
- "5432:5432"
deploy:
placement:
constraints:
@@ -88,7 +99,7 @@ services:
# Create an entrypoint "postgres-socket" listening on port 5432
- --entrypoints.postgres-socket.address=:5432
# Others entrypoints can be created, like a TCP entrypoint
# - --entrypoints.mqtt.address=:1883
- --entrypoints.mqtt.address=:1883
- --entrypoints.web-socket.address=:8083
- --entrypoints.web-socket-secure.address=:8084
- --entrypoints.bolt-socket.address=:7687
swarm/emqx.yml
+9 -2
View File
@@ -8,8 +8,11 @@ services:
retries: 5
networks:
- traefik-public
ports:
- "1883:1883"
# ports:
# - target: 1883
# published: 1883
# mode: host
# - "1883:1883"
# - 8083:8083
# - 8084:8084
# - 8883:8883
@@ -21,6 +24,10 @@ services:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.tcp.routers.emqx1-tcp-mqtt.entrypoints=mqtt
- traefik.tcp.routers.emqx1-tcp-mqtt.rule=HostSNI(`*`)
- traefik.tcp.routers.emqx1-tcp-mqtt.service=emqx1-tcp-mqtt
- traefik.tcp.services.emqx1-tcp-mqtt.loadbalancer.server.port=1883
- traefik.tcp.routers.emqx1-tcp-ws.entrypoints=web-socket
- traefik.tcp.routers.emqx1-tcp-ws.rule=HostSNI(`*`)
- traefik.tcp.routers.emqx1-tcp-ws.service=emqx1-tcp-ws
swarm/librechat.yml
+115
View File
@@ -0,0 +1,115 @@
# Do not edit this file directly. Use a docker-compose.override.yaml file if you can.
# Refer to `docker-compose.override.yaml.example for some sample configurations.
volumes:
mongodb-data-node:
pgdata2:
libre-images:
libre-logs:
meili_data:
networks:
net:
driver: overlay
attachable: true
traefik-public:
external: true
services:
librechat_api:
depends_on:
- mongodb
- rag_api
image: ghcr.io/danny-avila/librechat-dev:latest
restart: always
user: "${UID}:${GID}"
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
- HOST=0.0.0.0
- MONGO_URI=mongodb://mongodb:27017/LibreChat
- MEILI_HOST=http://meilisearch:7700
- RAG_PORT=${RAG_PORT:-8000}
- RAG_API_URL=http://rag_api:${RAG_PORT:-8000}
- DOMAIN=${DOMAIN}
volumes:
- type: bind
source: ~/config/.env
target: /app/.env
- libre-images:/app/client/public/images
- libre-logs:/app/api/logs
- type: bind
source: ~/config/librechat.yaml
target: /app/librechat.yaml
networks:
- net
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.librechat.entrypoints=https
- traefik.http.routers.librechat.rule=Host(`chat.${DOMAIN}`) || Host(`bot.${DOMAIN}`)
- traefik.http.routers.librechat.tls.certresolver=le
- traefik.http.routers.librechat.service=librechat_app
- traefik.http.services.librechat_app.loadbalancer.server.port=${PORT}
mongodb:
image: mongo
restart: always
user: "${UID}:${GID}"
command: mongod --noauth
volumes:
- mongodb-data-node:/data/db
networks:
- net
deploy:
placement:
constraints:
- node.labels.librechat.mongodb-data-node == true
meilisearch:
image: getmeili/meilisearch:v1.7.3
restart: always
user: "${UID}:${GID}"
environment:
- MEILI_HOST=http://meilisearch:7700
- MEILI_NO_ANALYTICS=true
volumes:
- meili_data:/meili_data
networks:
- net
deploy:
placement:
constraints:
- node.labels.librechat.meili_data == true
vectordb:
image: ankane/pgvector:latest
environment:
POSTGRES_DB: mydatabase
POSTGRES_USER: myuser
POSTGRES_PASSWORD: mypassword
restart: always
volumes:
- pgdata2:/var/lib/postgresql/data
networks:
- net
deploy:
placement:
constraints:
- node.labels.librechat.pgdata2 == true
rag_api:
image: ghcr.io/danny-avila/librechat-rag-api-dev:latest
environment:
POSTGRES_DB: mydatabase
POSTGRES_USER: myuser
POSTGRES_PASSWORD: mypassword
DB_HOST: vectordb
RAG_PORT: ${RAG_PORT:-8000}
restart: always
depends_on:
- vectordb
env_file:
- ~/config/.env
networks:
- net