haproxy-protection/docker-compose.yml

version: "3.9"

services:

  haproxy:
    network_mode: host
    build:
      # no_cache: true
      context: ./
      dockerfile: haproxy/Dockerfile
    volumes:
      - shared-socket:/shared-sockets
      - ./haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg
      #- ./haproxy/dataplaneapi.yml:/etc/haproxy/dataplaneapi.yml
      - ./haproxy/errors/:/etc/haproxy/errors/
      - ./haproxy/map/:/etc/haproxy/map/
      - ./haproxy/template/:/etc/haproxy/template/
      - ./src/lua/scripts/:/etc/haproxy/scripts/
      - ./src/lua/libs/:/etc/haproxy/libs/
      - ./src/js/:/etc/haproxy/js/
      - ./src/locales/:/etc/haproxy/locales/
      - ../../Documents/dataplaneapi/build/dataplaneapi:/usr/local/bin/dataplaneapi
    environment:
      # These are the hcaptcha and recaptcha test keys, not leaking any dont worry :^)
      - HAPROXY_MAXCONN=5000
      - HAPROXY_CACHE_MB=500
      - HAPROXY_CONTINENT=OC
      - HCAPTCHA_SITEKEY=20000000-ffff-ffff-ffff-000000000002
      - HCAPTCHA_SECRET=0x0000000000000000000000000000000000000000
      - VERIFY_BACKEND_SSL_VERIFYNONE=1
      - VERIFY_BACKEND_SSL=1
      #- RECAPTCHA_SECRET=6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe
      #- RECAPTCHA_SITEKEY=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
      - CAPTCHA_COOKIE_SECRET=changeme
      - POW_COOKIE_SECRET=changeme
      - HMAC_COOKIE_SECRET=changeme
      - RAY_ID=docker
      - CHALLENGE_EXPIRY=43200
      - BACKEND_NAME=servers
      - SERVER_PREFIX=websrv
      - CHALLENGE_INCLUDES_IP=true
      - ARGON_TIME=2
      - ARGON_KB=512
      - POW_DIFFICULTY=20
      - POW_TYPE=argon2
      - TOR_CONTROL_PORT_PASSWORD=changeme
      - USE_INTER_FONT=1

  nginx:
    ports:
      - 1081:80
    image: "nginx:latest"
    volumes:
      - ./nginx:/usr/share/nginx/html

  nginx2:
    build:
      context: ./nginx2
      dockerfile: Dockerfile
    ports:
      - 1082:443
    image: "nginx:latest"
    volumes:
      - ./nginx2:/usr/share/nginx/html
      - ./nginx2/nginx.conf:/etc/nginx/conf.d/default.conf
      - ./nginx2/nginx-certs:/etc/nginx/certs

  nginx3:
    build:
      context: ./nginx2
      dockerfile: Dockerfile
    ports:
      - 1083:443
    image: "nginx:latest"
    volumes:
      - ./nginx3:/usr/share/nginx/html
      - ./nginx3/nginx.conf:/etc/nginx/conf.d/default.conf
      - ./nginx3/nginx-certs:/etc/nginx/certs

  varnish:
    network_mode: host
    image: varnish:latest
    environment:
      - VARNISH_SIZE=256M
      - VARNISH_PORT=8083
    volumes:
      - shared-socket:/shared-sockets
      - ./varnish/default.vcl:/etc/varnish/default.vcl
    command: varnishd -F -a /shared-sockets/haproxy-to-varnish-cache.sock -f /etc/varnish/default.vcl -s malloc,$VARNISH_SIZE
    user: root

#   tor:
#     build:
#       context: ./
#       dockerfile: tor/Dockerfile
#     volumes:
#       - ./tor/hidden_service:/var/lib/tor/hidden_service  # persists hs keys

volumes:
  shared-socket: