version: "3.7" ########################### NETWORKS # There is no need to create any networks outside this docker-compose file. # You may customize the network subnets (192.168.90.0/24 and 91.0/24) below as you please. # Docker Compose version 3.5 or higher required to define networks this way. networks: proxy: name: proxy driver: bridge ipam: config: - subnet: $PROXY_SUBNET gateway: $PROXY_GATEWAY # default: # driver: bridge # socket_proxy: # name: socket_proxy # driver: bridge # ipam: # config: # - subnet: $SOCKET_PROXY_SUBNET # gateway: $SOCKET_PROXY_GATEWAY ########################### SERVICES volumes: portainer-data: driver: local services: # Portainer - WebUI for Containers portainer: container_name: mgmt-portainer image: portainer/portainer-ce:latest restart: unless-stopped # command: -H $DOCKER_ENDPOINT # Use Docker Socket Proxy instead for improved security networks: proxy: # ipv4_address: $PORTAINER_IP0 # socket_proxy: # ipv4_address: $PORTAINER_IP1 security_opt: - no-new-privileges:true volumes: - /var/run/docker.sock:/var/run/docker.sock - portainer-data:/data ports: # - '9000:9000' - '9001:9000' # - '9443:9443' # - '8000:8000' volumes: - /var/run/docker.sock:/var/run/docker.sock - portainer-data:/data #- $DOCKERDIR/appdata/portainer/data:/data # Change to local directory if you want to save/transfer config locally environment: - TZ=$TZ # labels: # - "traefik.enable=true" ## HTTP Routers # - "traefik.http.routers.portainer-rtr.entrypoints=https" # - "traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME0`)" ## Middlewares # - "traefik.http.routers.portainer-rtr.middlewares=chain-authelia@file" ## HTTP Services # - "traefik.http.routers.portainer-rtr.service=portainer-svc" # - "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"