#Secure enough?

3 messages · Page 1 of 1 (latest)

whole otter
#

Is the following compose-file secure enough for privat usage?

# 
version: "3.8"

x-common:
  database: &db-environment
    MYSQL_PASSWORD: &db-password "___"
    MYSQL_ROOT_PASSWORD: "___"
  panel: &panel-environment
    APP_URL: "_" # lokale IP + Port
    APP_TIMEZONE: "Europe/Berlin"
    APP_SERVICE_AUTHOR: "_"

services:
  # Wings Service (Game Server Management)
  wings:
    image: ghcr.io/pterodactyl/wings:latest
    restart: always
    networks:
      - ptero0
    ports:
      - "8443:8443"
      - "2022:2022"
    tty: true
    environment:
      TZ: "Europe/Berlin"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/var/lib/docker/containers:/var/lib/docker/containers"
      - "/opt/pterodactyl/wings/config:/etc/pterodactyl"
      - "/var/lib/pterodactyl:/var/lib/pterodactyl"
      - "/var/log/pterodactyl:/var/log/pterodactyl"
      - "/tmp/pterodactyl/:/tmp/pterodactyl/"
    labels:
      - "com.centurylinklabs.watchtower.enable=true"

  # Main Database
  database:
    image: mariadb:10.5
    restart: always
    command: --default-authentication-plugin=mysql_native_password
    volumes:
      - "/opt/pterodactyl/panel/database:/var/lib/mysql"
    labels:
      - "com.centurylinklabs.watchtower.enable=true"

    environment:
      <<: *db-environment
      MYSQL_DATABASE: "panel"
      MYSQL_USER: "pterodactyl"

  # Redis Cache
  cache:
    image: redis:alpine
    restart: always
    labels:
      - "com.centurylinklabs.watchtower.enable=true"

  # Panel
  panel:
    image: ghcr.io/pterodactyl/panel:latest
    restart: always
    ports:
      - "802:80" # HTTP direkt erreichbar im LAN
      - "4432:443" # HTTPS optional
    links:
      - database
      - cache
    volumes:
      - "/opt/pterodactyl/panel/appvar/:/app/var/"
      - "/opt/pterodactyl/panel/nginx/:/etc/nginx/http.d/"
      - "/opt/pterodactyl/panel/logs/:/app/storage/logs"
    environment:
      <<: [*panel-environment]
      DB_PASSWORD: *db-password
      APP_ENV: "production"
      APP_ENVIRONMENT_ONLY: "false"
      CACHE_DRIVER: "redis"
      SESSION_DRIVER: "redis"
      QUEUE_DRIVER: "redis"
      REDIS_HOST: "cache"
      DB_HOST: "database"
      DB_PORT: "3306"

networks:
  ptero0:
    name: ptero0
    driver: bridge
    ipam:
      config:
        - subnet: "192.55.0.0/16"
    driver_opts:
      com.docker.network.bridge.name: ptero0
tepid raftBOT
#

@whole otter: It looks like Docker probably is not running on your machine. Use systemctl status docker to check the status of it, and systemctl restart docker to get it operational again.