services: # Gluetun is used to connect container to VPN kimai-gluetun: image: qmcgaw/gluetun cap_add: - NET_ADMIN environment: - VPN_SERVICE_PROVIDER=custom - VPN_TYPE=wireguard - VPN_ENDPOINT_IP={{ proxy_server_ip }} - VPN_ENDPOINT_PORT={{ proxy_server_vpn_port }} - WIREGUARD_PUBLIC_KEY={{ vpn_server_pubkey }} - WIREGUARD_PRIVATE_KEY={{ kimai_service_privkey }} - WIREGUARD_ADDRESSES=10.0.0.8/32 - FIREWALL_VPN_INPUT_PORTS=8001,3306 ports: - "8001:8001" # networks: # kimai: deploy: resources: limits: cpus: '0.10' memory: 512M kimai: image: kimai/kimai2:apache network_mode: "service:kimai-gluetun" environment: - ADMINMAIL=admin@{{ domain_name }} - ADMINPASS={{ service_kimai_admin_password }} - "DATABASE_URL=mysql://kimaiuser:{{ service_kimai_mysql_password }}@127.0.0.1/kimai?charset=utf8mb4&serverVersion=8.3.0" - TRUSTED_HOSTS=nginx,localhost,127.0.0.1 restart: always volumes: - ./kimai-data:/opt/kimai/var/data deploy: resources: limits: cpus: '0.25' memory: 512M depends_on: - kimai-db kimai-db: image: mysql:8.4.0 network_mode: "service:kimai-gluetun" environment: - MYSQL_DATABASE=kimai - MYSQL_USER=kimaiuser - MYSQL_PASSWORD={{ service_kimai_mysql_password }} - MYSQL_ROOT_PASSWORD={{ service_kimai_mysql_root_password }} command: --default-storage-engine innodb restart: unless-stopped healthcheck: test: mysqladmin -p$$MYSQL_ROOT_PASSWORD ping -h localhost interval: 20s start_period: 10s timeout: 10s retries: 3 volumes: - ./mysql-data:/var/lib/mysql # networks: # kimai: # ipv4_address: 12.1.0.22 deploy: resources: limits: cpus: '0.10' memory: 512M #networks: # kimai: # driver: bridge # driver_opts: # com.docker.network.bridge.name: kimai # # com.docker.network.driver.enable_ip_masquerade: 0 # ipam: # config: # - subnet: 12.1.0.0/16 # # gateway: 11.5.0.1