Grafana-Prometheus/docker-compose.yml

---
volumes:
  grafana-data:
    driver: local
  prometheus-data:
    driver: local
  data_loki:
    driver: local
networks:
  grafana-prometheus:
    external: true
services:
  grafana:
    image: docker.io/grafana/grafana-oss:12.0.0
    container_name: grafana
    environment:
      GF_PATHS_PROVISIONING: /var/lib/grafana/provisioning/
      GF_SECURITY_ADMIN_PASSWORD: admin
      # - GF_SERVER_DOMAIN=%(protocol)s://%(domain)s:%(http_port)s/
      # - GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s/
      GF_SERVER_DOMAIN: grafana.phx-erp.de
      GF_SERVER_PROTOCOL: https
      # - GF_SERVER_HTTP_PORT=3000
      GF_LOG_LEVEL: debug
      GF_SMTP_ENABLED: true
      GF_SMTP_FROM_ADDRESS: admin@phx-erp.de
      GF_SMTP_FROM_NAME: Grafana
      GF_SMTP_HOST: mail.phx-erp.de:465
      GF_SMTP_PASSWORD: 0rB0@et68
      GF_SMTP_USER: yuri.lima@phx-erp.de
      GF_SMTP_STARTTLS_POLICY: false
      GF_SMTP_SKIP_VERIFY: true
      GF_SMTP_ENABLE_TRACING: false
    volumes:
      - grafana-data:/var/lib/grafana
      - ./config/provisioning:/var/lib/grafana/provisioning/
    restart: unless-stopped
    networks:
      - grafana-prometheus
    depends_on:
      - prometheus
  prometheus:
    image: docker.io/prom/prometheus:v3.1.0
    container_name: prometheus
    user: "65534:65534"
    # ports:
    #   - "9090:9090"
    command:
      - "--config.file=/etc/prometheus/prometheus.yaml"
      - "--web.config.file=/etc/prometheus/web-config.yaml"
      - "--web.external-url=https://prometheus.phx-erp.de"
      - "--web.enable-lifecycle"  # 🔹 Enable dynamic config reload
    volumes:
      # - '--web.enable-lifecycle' # Enable reload of configuration automatically without restart !!!
      - ./config/prometheus.yaml:/etc/prometheus/prometheus.yaml:ro # RO Read-only
      - ./config/web-config.yaml:/etc/prometheus/web-config.yaml:ro # RO Read-only
      - ./https_portal/data/prometheus.phx-erp.de/production:/etc/prometheus/certs
      - ./config:/opt/phx/main/config  # 🔹 Add this to mount the config folder
      - prometheus-data:/prometheus
      - ./https_portal/data/prometheus.phx-erp.de/production/signed.crt:/etc/prometheus/certs/signed.crt:ro
      - ./https_portal/data/prometheus.phx-erp.de/production/domain.key:/etc/prometheus/certs/domain.key:ro
    restart: unless-stopped
    networks:
      - grafana-prometheus
  loki:
    container_name: loki
    image: docker.io/grafana/loki:3.5.0
    command: 
      - "-config.file=/etc/loki/config.yaml" # Tells Grafana Loki to start with the config file.
      - "-config.expand-env=true"
    ports:
      - "3100:3100"
    volumes:
      - ./config/loki-config.yaml:/etc/loki/config.yaml:ro
      - data_loki:/loki:rw
    networks:
      - grafana-prometheus
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "http://loki:3100/ready"]
      interval: 10s     # check every 10 seconds
      timeout: 5s       # wait max 5 seconds per check
      retries: 5        # mark as unhealthy after 5 failures
      start_period: 20s # wait 20s after container starts before first check
  https_portal:
    container_name: https_portal
    image: "steveltn/https-portal:1.21"
    restart: always
    networks:
      - grafana-prometheus
    ports:
      - "80:80"
      - "443:443"
    environment:
      STAGE: "production" # Use Let's Encrypt production server
      WEBSOCKET: "true" # Enable websocket support
      DEBUG: "true"
      RENEW_MARGIN_DAYS: 30
      CLIENT_MAX_BODY_SIZE: 0
      # FORCE_RENEW: 'true'
      DOMAINS: 'grafana.phx-erp.de -> https://grafana:3000, prometheus.phx-erp.de -> https://prometheus:9090'
      # loki-logs.phx-erp.de -> http://localhost:3100
    volumes:
      - ./https_portal/data:/var/lib/https-portal # ssl_certs, vhost.d, htdocs
      - ./https_portal/log:/var/log/nginx # nginx logs
    depends_on:
      - prometheus
      - grafana
      - loki
    deploy:
      resources:
        limits:
          cpus: '0.50'
          memory: 512M