83 lines
1.9 KiB
YAML
83 lines
1.9 KiB
YAML
services:
|
|
# System Monitoring
|
|
netdata:
|
|
image: netdata/netdata:latest
|
|
container_name: netdata
|
|
ports:
|
|
- "7001:19999"
|
|
volumes:
|
|
- netdata_config:/etc/netdata
|
|
- netdata_lib:/var/lib/netdata
|
|
- netdata_cache:/var/cache/netdata
|
|
- /proc:/host/proc:ro
|
|
- /sys:/host/sys:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- /:/host/root:ro,rslave
|
|
- /etc/passwd:/host/etc/passwd:ro
|
|
- /etc/group:/host/etc/group:ro
|
|
- /etc/os-release:/host/etc/os-release:ro
|
|
cap_add:
|
|
- SYS_PTRACE
|
|
- SYS_ADMIN
|
|
security_opt:
|
|
- apparmor:unconfined
|
|
environment:
|
|
- NETDATA_CLAIM_TOKEN=${NETDATA_CLAIM_TOKEN:-}
|
|
- NETDATA_CLAIM_URL=https://app.netdata.cloud
|
|
networks:
|
|
- monitoring-net
|
|
restart: unless-stopped
|
|
|
|
# Container Management
|
|
portainer:
|
|
image: portainer/portainer-ce:latest
|
|
container_name: portainer
|
|
ports:
|
|
- "7002:9000"
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- portainer_data:/data
|
|
networks:
|
|
- monitoring-net
|
|
restart: unless-stopped
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
# Web-based SSH Terminal
|
|
webssh:
|
|
image: kuaifan/webssh:arm64
|
|
container_name: webssh
|
|
ports:
|
|
- "7003:5032"
|
|
environment:
|
|
- TZ=${TZ:-UTC}
|
|
# Restrict to internal network for security
|
|
- WEBSSH_ORIGIN_LIST=*
|
|
- WEBSSH_POLICY=reject
|
|
networks:
|
|
- monitoring-net
|
|
restart: unless-stopped
|
|
|
|
# Log Management (Optional but useful)
|
|
dozzle:
|
|
image: amir20/dozzle:latest
|
|
container_name: dozzle
|
|
ports:
|
|
- "7004:8080"
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
networks:
|
|
- monitoring-net
|
|
restart: unless-stopped
|
|
environment:
|
|
- DOZZLE_NO_ANALYTICS=true
|
|
|
|
volumes:
|
|
portainer_data:
|
|
netdata_config:
|
|
netdata_lib:
|
|
netdata_cache:
|
|
|
|
networks:
|
|
monitoring-net:
|
|
driver: bridge |