version: '3.9' networks: web_network_1: driver: overlay ipam: config: - subnet: 172.17.0.0/24 services: web: image: git.send.nrw/sendnrw/security_in_depth_web_web:latest volumes: - nginx:/etc/nginx - web1:/usr/share/nginx/html deploy: replicas: 3 update_config: parallelism: 1 delay: 10s restart_policy: condition: on-failure labels: - "traefik.enable=true" - "traefik.http.routers.web1.rule=Host(`web1.localdomain`)" - "traefik.http.services.web1.loadbalancer.server.port=80" - "traefik.http.routers.web1.entrypoints=websecure" - "traefik.http.routers.web1.tls=true" placement: constraints: - node.role != manager networks: - web_network_1 ports: - "8080:80" php83: image: git.send.nrw/sendnrw/security_in_depth_web_php83:latest volumes: - php83:/etc/php83 - web1:/usr/share/nginx/html deploy: replicas: 1 update_config: parallelism: 1 delay: 10s restart_policy: condition: on-failure placement: constraints: - node.role != manager networks: web_network_1: ipv4_address: 172.17.0.83 php84: image: git.send.nrw/sendnrw/security_in_depth_web_php84:latest volumes: - php84:/etc/php84 - web1:/usr/share/nginx/html deploy: replicas: 1 update_config: parallelism: 1 delay: 10s restart_policy: condition: on-failure placement: constraints: - node.role != manager networks: web_network_1: ipv4_address: 172.17.0.84 redis: image: git.send.nrw/sendnrw/security_in_depth_web_redis:latest volumes: - redis:/etc deploy: replicas: 1 update_config: parallelism: 1 delay: 10s restart_policy: condition: on-failure placement: constraints: - node.role != manager networks: web_network_1: ipv4_address: 172.17.0.100 ports: - "6379:6379" volumes: web1: php83: php84: nginx: redis: