selfhost/monitoring/docker-compose.yaml

services:

  grafana:
    image: grafana/grafana:${GRAFANA_VERSION}
    restart: unless-stopped
    networks:
      - web
      - grafana
      - monitoring
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.grafana.rule=Host(`monitoring.${DOMAIN}`)"
      - "traefik.http.routers.grafana.entrypoints=websecure"
      - "traefik.http.routers.grafana.tls.certresolver=netcup"
      - "traefik.http.routers.grafana.tls.options=intermediate@file"
      - "traefik.http.services.grafana.loadbalancer.server.port=3000"
      - "traefik.docker.network=web"
      - "docker.group=monitoring"
    environment:
      - GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN}
      - GF_SERVER_ROOT_URL=http://monitoring.${DOMAIN}
      - GF_SERVER_DOMAIN=monitoring.${DOMAIN}
      - GF_SERVER_SERVE_FROM_SUB_PATH=true
      - GF_SECURITY_DISABLE_GRAVATAR=true
      - GF_AUTH_ANONYMOUS_ENABLED=false
      - GF_AUTH_ANONYMOUS_ORG_ROLE=Viewer
      - GF_DATABASE_TYPE=postgres
      - GF_DATABASE_HOST=grafanadb:5432
      - GF_DATABASE_SSL_MODE=disable
      - GF_DATABASE_NAME=grafana
      - GF_DATABASE_USER=${POSTGRES_USER}
      - GF_DATABASE_PASSWORD=${POSTGRES_PASSWORD}
      - GF_INSTALL_PLUGINS=flant-statusmap-panel,redis-datasource
    depends_on:
      - influxdb
      - grafanadb


  grafanadb:
    image: postgres:${POSTGRES_VERSION}
    volumes:
      - ${VOLUMES_PATH}/monitoring/grafanadb:/var/lib/postgresql/data
    networks:
      - grafana
    restart: unless-stopped
    environment:
      - POSTGRES_DB=grafana
      - POSTGRES_USER=${POSTGRES_USER}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
      interval: 10s
      timeout: 5s
    labels:
      - "docker.group=monitoring"


  influxdb:
    image: influxdb:${INFLUXDB_VERSION}
    restart: unless-stopped
    networks:
      - web
      - monitoring
      - grafana
    environment:
      - INFLUXDB_MONITOR_STORE_ENABLED=false
    volumes:
      - ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb
      - ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)"
      - "traefik.http.routers.influxdb.entrypoints=websecure"
      - "traefik.http.routers.influxdb.tls.certresolver=netcup"
      - "traefik.http.routers.influxdb.tls.options=intermediate@file"
      - "traefik.http.services.influxdb.loadbalancer.server.port=8086"
      - "traefik.http.routers.influxdb.middlewares=influxauth"
      - "traefik.http.middlewares.influxauth.basicauth.users=${INFLUXDB_HTPASSWD}"
      - "docker.group=monitoring"


  prometheus:
    image: prom/prometheus
    restart: unless-stopped
    networks:
      - grafana
      - monitoring
      - web # also used to get traefik metrics
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - ${VOLUMES_PATH}/monitoring/prometheus:/prometheus
    labels:
      - "docker.group=monitoring"

  # https://github.com/xperimental/nextcloud-exporter
  nextcloud-exporter:
    image: ghcr.io/xperimental/nextcloud-exporter
    networks:
      - monitoring
    environment:
     - NEXTCLOUD_SERVER=${NEXTCLOUD_URL}
     - NEXTCLOUD_AUTH_TOKEN=${NEXTCLOUD_MONITORING_AUTH_TOKEN}
     - NEXTCLOUD_LISTEN_ADDRESS=:9205
    labels:
      - "docker.group=monitoring"


  diun:
    image: crazymax/diun:latest
    command: serve
    volumes:
      - "${VOLUMES_PATH}/monitoring/diun/data:/data"
    networks:
      - dockersocket
    hostname: ${HOSTNAME}
    environment:
      - "TZ=Europe/Berlin"
      - "DIUN_WATCH_WORKERS=10"
      - "DIUN_WATCH_SCHEDULE=0 */6 * * *"
      - "DIUN_WATCH_JITTER=30s"
      - "DIUN_PROVIDERS_DOCKER_ENDPOINT=tcp://docker-socket-proxy:2375"
      - "DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true"
      - "DIUN_NOTIF_NTFY_ENDPOINT=${NTFY_SERVER}"
      - "DIUN_NOTIF_NTFY_TOPIC=${NTFY_TOPIC}"
      - "DIUN_NOTIF_NTFY_TOKEN=${NTFY_TOKEN}"
    restart: always


  ##################################################################
  # here starts data collection of local host

  telegraf_host:
    image: telegraf:${TELEGRAF_VERSION}
    restart: unless-stopped
    environment:
      - HOST_MOUNT_PREFIX=/hostfs
      - HOST_PROC=/hostfs/proc
      - HOST_SYS=/hostfs/sys
      - HOST_ETC=/hostfs/etc
      - HOST_VAR=/hostfs/var
      - HOST_RUN=/hostfs/run
    env_file:
      - ./.env # set environments into container
    volumes:
     - ./telegraf_host.conf:/etc/telegraf/telegraf.conf:ro
     - /var/run/utmp:/var/run/utmp:ro
     - /:/hostfs:ro
    network_mode: "host"
    labels:
      - "docker.group=monitoring"
    depends_on:
      - influxdb


  telegraf_net:
    image: telegraf:${TELEGRAF_VERSION}
    restart: unless-stopped
    volumes:
     - ./telegraf_net.conf:/etc/telegraf/telegraf.conf:ro
    networks:
      - monitoring
      - dockersocket
    labels:
      - "docker.group=monitoring"
    depends_on:
      - influxdb


networks:
  grafana:
  monitoring:
    external: true
  web:
    external: true
  dockersocket:
    external: true