version: "3" services: mybunker: image: bunkerity/bunkerweb:1.5.0 ports: - 80:8080 - 443:8443 environment: - SERVER_NAME=www.example.com # replace with your domain - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 - SERVE_FILES=no - DISABLE_DEFAULT_SERVER=yes - AUTO_LETS_ENCRYPT=yes - USE_CLIENT_CACHE=yes - USE_GZIP=yes - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - REVERSE_PROXY_HOST=http://mongo-ui:8081 - | CUSTOM_CONF_MODSEC_mongo-express= SecRule REQUEST_FILENAME "@rx ^/db" "id:1,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog" labels: - "bunkerweb.INSTANCE" # required for the scheduler to recognize the container networks: - bw-universe - bw-services bw-scheduler: image: bunkerity/bunkerweb-scheduler:1.5.0 depends_on: - mybunker environment: - DOCKER_HOST=tcp://bw-docker-proxy:2375 volumes: - bw-data:/data networks: - bw-universe - bw-docker bw-docker-proxy: image: tecnativa/docker-socket-proxy:0.1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: - CONTAINERS=1 networks: - bw-docker mongo: image: mongo:5.0.14 volumes: - db-data:/data/db environment: - MONGO_INITDB_ROOT_USERNAME=root # replace with a less obvious username - MONGO_INITDB_ROOT_PASSWORD=toor # replace with a better password - MONGO_INITDB_DATABASE=mongo # replace with the database name of your choice networks: - bw-services mongo-ui: image: mongo-express:0.54.0 environment: - ME_CONFIG_MONGODB_SERVER=mongo - ME_CONFIG_MONGODB_ADMINUSERNAME=root # replace with a less obvious username - ME_CONFIG_MONGODB_ADMINPASSWORD=toor # replace with a better password - ME_CONFIG_BASICAUTH_USERNAME=changeme # replace with a better username - ME_CONFIG_BASICAUTH_PASSWORD=changeme # replace with a better password restart: unless-stopped depends_on: - mongo networks: - bw-services volumes: bw-data: db-data: networks: bw-universe: ipam: driver: default config: - subnet: 10.20.30.0/24 bw-services: bw-docker: