version: "3.0" # master: {{ vm_mastering }} # edited: 2023-09-25 # updated: {{ ansible_date_time.date }} # # stack: x-host # services: x-host: logging: driver: loki options: loki-url: "http://${MASTER_HOST}:${VM_PORT_LOKI}/loki/api/v1/push" loki-retries: "2" loki-max-backoff: 800ms loki-timeout: 1s loki-batch-wait: 60s loki-batch-size: "2097152" no-file: "false" keep-file: "true" max-size: "512m" max-file: "8" restart: unless-stopped stop_grace_period: 5s stdin_open: true tty: true user: ${VM_USER}:${VM_GROUP} privileged: false security_opt: - no-new-privileges=true cap_drop: - ALL cap_add: - KILL ipc: "private" dns: - 1.1.1.1 - 8.8.8.8 - 1.0.0.1 - 8.8.4.4 extra_hosts: {% include 'yaml_hosts_extra.j2' %} healthcheck: interval: 60s timeout: 10s retries: 5 start_period: 60s environment: TZ: "{{ vm_timezone }}" PUID: {{ vm_puid }} PGID: {{ vm_pgid }} DOCKER_HOST: "tcp://${VM_HOST}:${VM_PORT_DOCKERPROXY}" labels: com.centurylinklabs.watchtower.enable: true logging: "promtail" com.vm.versionning: "${VM_VERSIONNING}" com.stack.owner: "{{ vm_stack_owner }}" com.stack.owner.email: "{{ vm_stack_email }}" com.stack.owner.url: "{{ vm_stack_website }}" com.stack.name: "common" com.stack.service.name: "common" traefik.docker.network: {{ vm_docker_traefik_network }} ulimits: nproc: 65535 nofile: soft: 20000 hard: 40000 deploy: resources: limits: cpus: "{{ vm_resources_cpu }}" memory: {{ vm_resources_memory }} pids: {{ vm_resources_pid }} tmpfs: - /tmp:rw,noexec,nosuid,size={{ vm_resources_tmpfs }} volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - /opt/docker/ssl:/ssl:ro - /proc/cgroups:/cgroup:rw