mirror of
https://github.com/m1ngsama/automa.git
synced 2026-02-08 06:24:05 +00:00
m1ngsama
7bb3e05942
Add infrastructure layer with following components: **Reverse Proxy & SSL:** - Caddy: Auto HTTPS with Let's Encrypt, simple configuration - Caddyfile with reverse proxy rules for Nextcloud and Grafana **Monitoring Stack (Observability):** - Prometheus: Metrics collection and time-series database - Grafana: Visualization dashboards with datasource provisioning - Loki: Lightweight log aggregation - Promtail: Log collection agent for Docker containers - cAdvisor: Container resource monitoring **Automation:** - Watchtower: Automatic Docker image updates (label-based) - Duplicati: Remote backup with web UI and encryption support **Security:** - Fail2ban: Intrusion prevention and IP banning **Key Features:** - All services use official Alpine-based images (lightweight) - Network isolation (automa-proxy, automa-monitoring) - Resource limits and health checks configured - Read-only configs where applicable - Comprehensive README with setup instructions **Resource Usage:** - Total additional overhead: ~1.5GB RAM, ~16GB disk - Follows KISS principles and Unix philosophy - All services replaceable and independently scalable Refs: #3
23 lines
774 B
YAML
23 lines
774 B
YAML
services:
|
|
watchtower:
|
|
image: containrrr/watchtower:latest
|
|
container_name: automa-watchtower
|
|
restart: unless-stopped
|
|
|
|
environment:
|
|
- WATCHTOWER_CLEANUP=true # Remove old images
|
|
- WATCHTOWER_POLL_INTERVAL=86400 # Check every 24 hours
|
|
- WATCHTOWER_LABEL_ENABLE=true # Only update labeled containers
|
|
- WATCHTOWER_INCLUDE_STOPPED=false # Skip stopped containers
|
|
- TZ=${TZ:-Asia/Shanghai}
|
|
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
labels:
|
|
- "com.automa.service=watchtower"
|
|
- "com.centurylinklabs.watchtower.enable=false" # Don't update itself
|
|
|
|
# Add this label to containers you want to auto-update:
|
|
# labels:
|
|
# - "com.centurylinklabs.watchtower.enable=true"
|