version: "3.7"

#docker network create -d overlay --attachable client-net
networks:
  client-net:
    external: true

volumes:
  redis-data:

services:
  registrator:
    image: marcuslinke/registrator:2017-10-25
#    image: gliderlabs/registrator:latest
    hostname: "{{.Node.Hostname}}"
    deploy:
      mode: global
      endpoint_mode: dnsrr
      update_config:
        parallelism: 1
        failure_action: rollback
        delay: 30s
      restart_policy:
        condition: any
        delay: 5s
        window: 120s
    networks:
      - client-net
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock
    command:
      - -cleanup=true
      - -internal
      - -deregister=always
      - -swarm-replicas-aware=false
#      - -swarm-manager-servicename=swarm
      - -resync=15
      - -ttl=15
      - -ttl-refresh=10
      - -retry-interval=2000
      - consul://consul.server:8500
    logging:
      driver: "json-file"
      options:
        max-size: "12m"
        max-file: "5"

  vault:
    image: vault:latest
    hostname: "{{.Node.Hostname}}"
    deploy:
      mode: global
      endpoint_mode: dnsrr
      update_config:
        parallelism: 1
        failure_action: rollback
        delay: 30s
      restart_policy:
        condition: any
        delay: 5s
        window: 120s
    networks:
      - client-net
#    ports:
#      - target: 8200
#        published: 8200
#        mode: host
#    volumes:
#      - ./configs/vault/policies:/vault/policies
#      - ./configs/vault/secrets:/vault/secrets
    command: server
    environment:
      - 'VAULT_LOCAL_CONFIG=
          {
            "backend": {
              "consul": {
                "address":"consul:8500",
                "disable_registration": "true"
              }
            },
            "listener":{
              "tcp": {
                "address": "0.0.0.0:8200",
                "tls_disable": 1
              }
            },
            "disable_mlock": "true"
          }'
      - SKIP_SETCAP=1
      - VAULT_UI=1
      - VAULT_ADDR=http://127.0.0.1:8200
      - VAULT_CLUSTER_INTERFACE=eth0
      - VAULT_API_ADDR=http://vault
      # params for registrator
      - SERVICE_8200_NAME=vault
      - SERVICE_8200_TAGS=production
      - SERVICE_8200_CHECK_TCP=true
      - SERVICE_8200_CHECK_INTERVAL=15s
      - SERVICE_8200_CHECK_TIMEOUT=3s
      - SERVICE_CHECK_DEREGISTER_AFTER=1m
    logging:
      driver: "json-file"
      options:
        max-size: "12m"
        max-file: "5"

  redis:
    image: redis:alpine
    hostname: "{{.Node.Hostname}}"
    deploy:
      mode: global
      endpoint_mode: dnsrr
      update_config:
        parallelism: 1
        failure_action: rollback
        delay: 30s
      restart_policy:
        condition: any
        delay: 5s
        window: 120s
    networks:
      - client-net
#    ports:
#      - target: 6379
#        published: 6379
#        mode: host
    volumes:
      - redis-data:/data
    labels:
      - "SERVICE_NAME=redis"
    env_file:
      - .env
    environment:
      # params for registrator
      - SERVICE_6379_CHECK_TCP=true
      - SERVICE_6379_CHECK_INTERVAL=15s
      - SERVICE_6379_CHECK_TIMEOUT=3s
      - SERVICE_CHECK_DEREGISTER_AFTER=1m
    logging:
      driver: "json-file"
      options:
        max-size: "12m"
        max-file: "5"