# ============================================================================= # CUSTOMER STACK TEMPLATE # ============================================================================= # This is the Docker Swarm stack that gets deployed for each paying customer. # It defines what product/service they receive when they subscribe. # # REPLACE the `web` service image (currently traefik/whoami as a placeholder) # with the actual application you are selling. # # Template variables (injected at deploy time by swarm/client.go): # {{.ID}} - customer's username (used for unique resource naming) # {{.Subdomain}} - customer's subdomain (same as ID by default) # {{.Domain}} - base domain (e.g. bc.a250.ca) # {{.TraefikNetwork}} - Traefik overlay network name # # Each customer gets their stack at: https://{{.Subdomain}}.{{.Domain}} # Access is restricted to the owning user via Authelia forward-auth. # ============================================================================= version: "3.8" services: web: image: traefik/whoami:latest environment: WHOAMI_NAME: "{{.Subdomain}}" networks: - traefik_net deploy: replicas: 1 labels: traefik.enable: "true" traefik.docker.network: "atlas_{{.TraefikNetwork}}" traefik.http.routers.customer-{{.ID}}-web.rule: "Host(`{{.Subdomain}}.{{.Domain}}`)" traefik.http.routers.customer-{{.ID}}-web.entrypoints: "websecure" traefik.http.routers.customer-{{.ID}}-web.tls: "true" traefik.http.routers.customer-{{.ID}}-web.middlewares: "authelia-auth@swarm" traefik.http.services.customer-{{.ID}}-web.loadbalancer.server.port: "80" restart_policy: condition: on-failure redis: image: redis:7-alpine command: redis-server --appendonly yes volumes: - redis_data:/data networks: - backend deploy: replicas: 1 restart_policy: condition: on-failure networks: traefik_net: external: true name: "atlas_{{.TraefikNetwork}}" backend: driver: overlay volumes: redis_data: driver: local