version: "3.0" # master: {{ vm_mastering }} # edited: 2023-09-25 # updated: {{ ansible_date_time.date }} # # stack: x-vpn # services: x-vpn: logging: driver: loki options: loki-url: "http://${MASTER_HOST}:${VM_PORT_LOKI}/loki/api/v1/push" loki-retries: "2" loki-max-backoff: 800ms loki-timeout: 1s loki-batch-wait: 60s loki-batch-size: "2097152" no-file: "false" keep-file: "true" max-size: "512m" max-file: "8" restart: unless-stopped stop_grace_period: 5s stdin_open: true tty: true user: ${VM_USER}:${VM_GROUP} privileged: false security_opt: - no-new-privileges=true cap_drop: - ALL cap_add: - KILL ipc: "private" healthcheck: interval: 60s timeout: 10s retries: 5 start_period: 60s environment: TZ: "Europe/Paris" PUID: 1000 PGID: 1000 DOCKER_HOST: "tcp://${VM_HOST}:${VM_PORT_DOCKERPROXY}" labels: com.centurylinklabs.watchtower.enable: true logging: "promtail" com.vm.versionning: "${VM_VERSIONNING}" com.stack.owner: "Olivier Le Bris" com.stack.owner.email: "tech@zogg.fr" com.stack.owner.url: "https://zogg.fr" com.stack.name: "common" com.stack.service.name: "common" traefik.docker.network: traefik ulimits: nproc: 65535 nofile: soft: 20000 hard: 40000 deploy: resources: limits: cpus: "0.50" memory: 64M pids: 64 tmpfs: - /tmp:rw,noexec,nosuid,size=64M volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - /opt/docker/ssl:/ssl:ro - /proc/cgroups:/cgroup:rw