version: "3.0" # # updated: 2023-05-24 # stack: loki (light only for other VMs) # x-logging: &x-logging logging: driver: loki options: loki-url: "http://loki:3100/loki/api/v1/push" loki-retries: "5" loki-batch-size: "400" x-common: &x-common <<: *x-logging restart: "no" stop_grace_period: 5s stdin_open: true tty: true privileged: false security_opt: - no-new-privileges=true cap_drop: - ALL cap_add: - KILL dns: - 1.1.1.1 - 8.8.8.8 - 1.0.0.1 - 8.8.4.4 ipc: "shareable" extra_hosts: - "template.home:192.168.0.0" environment: TZ: "Europe/Paris" PUID: 1000 PGID: 1000 user: 1000:1000 labels: com.centurylinklabs.watchtower.enable: true logging: "promtail" com.stack.name: "common" com.stack.service.name: "common" devices: - /dev/kmsg:/dev/kmsg deploy: resources: limits: cpus: "0.50" memory: 256M ulimits: nproc: 65535 nofile: soft: 20000 hard: 40000 tmpfs: - /tmp:rw,noexec,nosuid,size=64k sysctls: net.core.somaxconn: 1024 net.ipv4.tcp_syncookies: 0 x-volume-timezone: &x-volume-timezone "/etc/timezone:/etc/timezone:ro" x-volume-localtime: &x-volume-localtime "/etc/localtime:/etc/localtime:ro" x-volume-docker-socket: &x-volume-docker-socket "/var/run/docker.sock:/var/run/docker.sock:rw" x-volume-cgroups: &x-volume-cgroups "/proc/cgroups:/cgroup:rw" x-volume-ssl: &x-volume-ssl "/opt/docker/ssl:/ssl:ro" services: promtail: <<: *x-common user: 0:0 cap_add: - DAC_OVERRIDE container_name: promtail hostname: promtail image: grafana/promtail:latest restart: always ports: - "1514:1514" expose: - "1514" command: -config.file=/etc/promtail/promtail.yml labels: com.stack.name: "loki" com.stack.service.name: "promtail" tmpfs: - /tmp:rw,noexec,nosuid,size=512M volumes: - *x-volume-timezone - *x-volume-localtime - *x-volume-docker-socket - *x-volume-cgroups - /var/log:/var/log:ro - /opt/docker/loki/conf:/etc/promtail - /opt/docker/loki/datas/promtail:/datas