docker_yoba_task/docker-compose.yml

version: "3"

services:
# ----------------------------------------------
# Reference image (for fast building)
  ngx-template:
    container_name: ngx-template
    image: ngx-template
    command: /bin/true
    build: 
      context: .
      dockerfile: Dockerfile_Ngx_Template

# ----------------------------------------------
  ngx1-net1:
    container_name: ngx1_net1
    build: 
      context: .
      dockerfile: Dockerfile
      args:
        NET_NAME: net_1
        CONTAINER_NAME: container_1
    # for visible containers in net_3
    environment:
      - KNOCKING_STATUS=true
    ports:
      - "8081:80"
    networks:
      - net_1
      - net_3
    # for iptables working
    cap_add:
      - NET_ADMIN

  ngx2-net1:
    container_name: ngx2_net1
    build: 
      context: .
      dockerfile: Dockerfile
      args:
        NET_NAME: net_1
        CONTAINER_NAME: container_2
    networks:
      - net_1
    cap_add:
      - NET_ADMIN

# ----------------------------------------------
  ngx1-net2:
    container_name: ngx1_net2
    build:
      context: .
      dockerfile: Dockerfile
      args:
        NET_NAME: net_2
        CONTAINER_NAME: container_1
    environment:
      - KNOCKING_STATUS=true
    ports:
      - "8082:80"
    networks:
      - net_2
      - net_3
    cap_add:
      - NET_ADMIN

  ngx2-net2:
    container_name: ngx2_net2
    build:
      context: .
      dockerfile: Dockerfile
      args:
        NET_NAME: net_2
        CONTAINER_NAME: container_2
    networks:
      - net_2
    cap_add:
      - NET_ADMIN

# ----------------------------------------------
# visor - container for watching 
# availability nginx servers ngx1_net1 and ngx1_net2

  visor:
    container_name: visor
    image: ubuntu:latest
    command: >
      bash -c "apt update
      && apt install iproute2 vim curl nmap knockd -y
      && sleep infinity"
    networks:
      - net_3

# ----------------------------------------------
networks:
  net_1:
  net_2:
  net_3:
    # custom subnet for setup port knocking via script
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: "172.28.0.0/16"
          gateway: "172.28.0.1"