Add resource quotas to all service docker configurations
This commit is contained in:
cspark
parent
dc4be1a677
commit
ffd3d8f262
|
|
@ -20,6 +20,10 @@ services:
|
||||||
- "222:22"
|
- "222:22"
|
||||||
networks:
|
networks:
|
||||||
forgejo:
|
forgejo:
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
forgejo:
|
forgejo:
|
||||||
image: codeberg.org/forgejo/forgejo:1.21
|
image: codeberg.org/forgejo/forgejo:1.21
|
||||||
|
|
@ -39,6 +43,10 @@ services:
|
||||||
- ./forgejo-data:/data
|
- ./forgejo-data:/data
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.25'
|
||||||
|
memory: 512M
|
||||||
depends_on:
|
depends_on:
|
||||||
- forgejo-db
|
- forgejo-db
|
||||||
|
|
||||||
|
|
@ -54,6 +62,10 @@ services:
|
||||||
networks:
|
networks:
|
||||||
forgejo:
|
forgejo:
|
||||||
ipv4_address: 11.1.0.22
|
ipv4_address: 11.1.0.22
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 128M
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
forgejo:
|
forgejo:
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,10 @@ services:
|
||||||
- "3000:3000"
|
- "3000:3000"
|
||||||
networks:
|
networks:
|
||||||
invidious:
|
invidious:
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
invidious:
|
invidious:
|
||||||
network_mode: "service:invidious-gluetun"
|
network_mode: "service:invidious-gluetun"
|
||||||
|
|
@ -61,6 +65,10 @@ services:
|
||||||
max-file: "4"
|
max-file: "4"
|
||||||
depends_on:
|
depends_on:
|
||||||
- invidious-db
|
- invidious-db
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.25'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
invidious-db:
|
invidious-db:
|
||||||
image: docker.io/library/postgres:14
|
image: docker.io/library/postgres:14
|
||||||
|
|
@ -80,6 +88,10 @@ services:
|
||||||
networks:
|
networks:
|
||||||
invidious:
|
invidious:
|
||||||
ipv4_address: 11.1.0.22
|
ipv4_address: 11.1.0.22
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 128M
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
invidious:
|
invidious:
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,11 @@ services:
|
||||||
- "587:587" # SMTP+STARTTLS Explicit TLS / Appears to be used
|
- "587:587" # SMTP+STARTTLS Explicit TLS / Appears to be used
|
||||||
- "993:993" # IMAPS Implicit TLS / Appears to not be used
|
- "993:993" # IMAPS Implicit TLS / Appears to not be used
|
||||||
- "143:143" # IMAPS IMAP+STARTTLS Explicit TLS / Appears to be used
|
- "143:143" # IMAPS IMAP+STARTTLS Explicit TLS / Appears to be used
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
mailserver:
|
mailserver:
|
||||||
network_mode: "service:mailserver-gluetun"
|
network_mode: "service:mailserver-gluetun"
|
||||||
image: ghcr.io/docker-mailserver/docker-mailserver:latest
|
image: ghcr.io/docker-mailserver/docker-mailserver:latest
|
||||||
|
|
@ -56,4 +61,8 @@ services:
|
||||||
- ENABLE_CLAMAV=0
|
- ENABLE_CLAMAV=0
|
||||||
cap_add:
|
cap_add:
|
||||||
- NET_ADMIN # For Fail2Ban to work
|
- NET_ADMIN # For Fail2Ban to work
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.25'
|
||||||
|
memory: 512M
|
||||||
restart: always
|
restart: always
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,10 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
# Custom IPTables forwarding rules to forward TCP(web) traffic from port 54376 to port 25565
|
# Custom IPTables forwarding rules to forward TCP(web) traffic from port 54376 to port 25565
|
||||||
- ./post-rules.txt:/iptables/post-rules.txt
|
- ./post-rules.txt:/iptables/post-rules.txt
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
mc:
|
mc:
|
||||||
image: itzg/minecraft-server
|
image: itzg/minecraft-server
|
||||||
|
|
@ -41,3 +45,7 @@ services:
|
||||||
# - ./data:/data
|
# - ./data:/data
|
||||||
#
|
#
|
||||||
- ./data:/data
|
- ./data:/data
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.50'
|
||||||
|
memory: 1500M
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,10 @@ services:
|
||||||
- ./post-rules.txt:/iptables/post-rules.txt
|
- ./post-rules.txt:/iptables/post-rules.txt
|
||||||
ports:
|
ports:
|
||||||
- "11000:11000"
|
- "11000:11000"
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
nextcloud-cache:
|
nextcloud-cache:
|
||||||
network_mode: "service:nextcloud-gluetun"
|
network_mode: "service:nextcloud-gluetun"
|
||||||
|
|
@ -32,6 +36,10 @@ services:
|
||||||
mem_limit: 2048m
|
mem_limit: 2048m
|
||||||
mem_reservation: 512m
|
mem_reservation: 512m
|
||||||
command: redis-server --requirepass {{ service_nextcloud_postgres_pass }}
|
command: redis-server --requirepass {{ service_nextcloud_postgres_pass }}
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 2048M
|
||||||
|
|
||||||
nextcloud-db:
|
nextcloud-db:
|
||||||
network_mode: "service:nextcloud-gluetun"
|
network_mode: "service:nextcloud-gluetun"
|
||||||
|
|
@ -44,6 +52,10 @@ services:
|
||||||
- POSTGRES_PASSWORD={{ service_nextcloud_postgres_pass }}
|
- POSTGRES_PASSWORD={{ service_nextcloud_postgres_pass }}
|
||||||
- POSTGRES_DB=nextcloud
|
- POSTGRES_DB=nextcloud
|
||||||
- POSTGRES_USER=nextcloud
|
- POSTGRES_USER=nextcloud
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 128M
|
||||||
|
|
||||||
nextcloud:
|
nextcloud:
|
||||||
network_mode: "service:nextcloud-gluetun"
|
network_mode: "service:nextcloud-gluetun"
|
||||||
|
|
@ -65,4 +77,8 @@ services:
|
||||||
- OVERWRITEHOST=nextcloud.{{ domain_name }}
|
- OVERWRITEHOST=nextcloud.{{ domain_name }}
|
||||||
- OVERWRITEPROTOCOL=https
|
- OVERWRITEPROTOCOL=https
|
||||||
- OVERWRITECLIURL=https://nextcloud.{{ domain_name }}
|
- OVERWRITECLIURL=https://nextcloud.{{ domain_name }}
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.25'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -20,6 +20,10 @@ services:
|
||||||
- FIREWALL_VPN_INPUT_PORTS=8080
|
- FIREWALL_VPN_INPUT_PORTS=8080
|
||||||
ports:
|
ports:
|
||||||
- "8080:8080"
|
- "8080:8080"
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 512M
|
||||||
|
|
||||||
searxng-redis:
|
searxng-redis:
|
||||||
network_mode: "service:searxng-gluetun"
|
network_mode: "service:searxng-gluetun"
|
||||||
|
|
@ -34,6 +38,10 @@ services:
|
||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
- DAC_OVERRIDE
|
- DAC_OVERRIDE
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.10'
|
||||||
|
memory: 128M
|
||||||
|
|
||||||
# If you want to change container listen port from default 8080 https://github.com/searxng/searxng-docker/issues/20
|
# If you want to change container listen port from default 8080 https://github.com/searxng/searxng-docker/issues/20
|
||||||
# Set environment variable BIND_ADDRESS, example:
|
# Set environment variable BIND_ADDRESS, example:
|
||||||
|
|
@ -63,3 +71,7 @@ services:
|
||||||
options:
|
options:
|
||||||
max-size: "1m"
|
max-size: "1m"
|
||||||
max-file: "1"
|
max-file: "1"
|
||||||
|
deploy:
|
||||||
|
limits:
|
||||||
|
cpus: '0.25'
|
||||||
|
memory: 512M
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue