networks: app-network: driver: bridge volumes: dbdata: uploads: vue_dist: uptime_kuma_data: searxng_data: services: vue: build: context: ./vue dockerfile: Dockerfile container_name: vue volumes: - vue_dist:/output networks: - app-network nginx: build: context: ./nginx dockerfile: Dockerfile container_name: nginx env_file: ./.env restart: always depends_on: - vue - backend - icecast2 - gitea - hasura - quartz - uptime-kuma - searxng - wallabag networks: - app-network ports: - 80:80 - 443:443 volumes: - ./certbot/conf:/etc/letsencrypt - ./certbot/www:/var/www/certbot - uploads:/uploads - vue_dist:/etc/nginx/html certbot: image: certbot/certbot:v3.1.0 container_name: certbot volumes: - ./certbot/entrypoint.sh:/entrypoint.sh - ./certbot/conf:/etc/letsencrypt - ./certbot/www:/var/www/certbot entrypoint: ["/entrypoint.sh"] env_file: - .env networks: - app-network backend: build: context: ./backend dockerfile: Dockerfile container_name: "${BACKEND_HOST}" restart: always depends_on: - db networks: - app-network env_file: - ./.env volumes: - ./backend/token/:/backend/token - ${OBSIDIAN_DIR}:/backend/notes - ./logs:/backend/logs - uploads:/backend/uploads - ./icecast2/fallback_music:/backend/fallback_music db: image: postgres:16 container_name: "${POSTGRES_HOST}" restart: always env_file: - ./.env networks: - app-network volumes: - dbdata:/var/lib/postgresql/data hasura: image: hasura/graphql-engine:v2.44.0 container_name: "${HASURA_HOST}" restart: always depends_on: - db networks: - app-network environment: HASURA_GRAPHQL_DATABASE_URL: "postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}" HASURA_GRAPHQL_ADMIN_SECRET: "${HASURA_GRAPHQL_ADMIN_SECRET}" HASURA_GRAPHQL_ENABLE_CONSOLE: "false" HASURA_GRAPHQL_DEV_MODE: "false" HASURA_GRAPHQL_ENABLED_LOG_TYPES: "startup, http-log, webhook-log, websocket-log, query-log" icecast2: build: context: ./icecast2 dockerfile: Dockerfile container_name: "${ICECAST_HOST}" restart: always networks: - app-network env_file: - ./.env volumes: - ./icecast2/fallback_music:/music:ro ports: - "${LIQUIDSOAP_HARBOR_PORT:-8001}:${LIQUIDSOAP_HARBOR_PORT:-8001}" quartz: build: context: ./quartz dockerfile: Dockerfile container_name: "${QUARTZ_HOST}" restart: always networks: - app-network env_file: - ./.env volumes: - ${OBSIDIAN_DIR}:/quartz/content:ro uptime-kuma: image: louislam/uptime-kuma:1 container_name: "${UPTIMEKUMA_HOST}" restart: unless-stopped networks: - app-network environment: - UPTIME_KUMA_BASE_PATH=/uptime-kuma volumes: - uptime_kuma_data:/app/data searxng: build: context: ./searxng dockerfile: Dockerfile container_name: "${SEARXNG_HOST}" restart: unless-stopped networks: - app-network environment: - BASE_URL=https://www.${DOMAIN}/searxng/ - INSTANCE_NAME=searxng - SEARXNG_SECRET_KEY=${SEARXNG_SECRET_KEY} volumes: - searxng_data:/etc/searxng wallabag: image: wallabag/wallabag:latest container_name: "${WALLABAG_HOST}" restart: unless-stopped networks: - app-network depends_on: - db environment: - SYMFONY__ENV__DOMAIN_NAME=https://www.${DOMAIN}/wallabag - SYMFONY__ENV__DATABASE_DRIVER=pdo_pgsql - SYMFONY__ENV__DATABASE_HOST=${POSTGRES_HOST} - SYMFONY__ENV__DATABASE_PORT=${POSTGRES_PORT} - SYMFONY__ENV__DATABASE_NAME=wallabag - SYMFONY__ENV__DATABASE_USER=${POSTGRES_USER} - SYMFONY__ENV__DATABASE_PASSWORD=${POSTGRES_PASSWORD} gitea-runner: image: gitea/act_runner:latest container_name: "${GITEA_RUNNER_HOST}" environment: GITEA_RUNNER_NAME: ${GITEA_RUNNER_NAME} CONFIG_FILE: /config.yaml GITEA_RUNNER_REGISTRATION_TOKEN: ${GITEA_RUNNER_REGISTRATION_TOKEN} GITEA_INSTANCE_URL: "http://${GITEA_HOST}:3000" GITEA_RUNNER_LABELS: "self-hosted:host" volumes: - ./gitea-runner/config.yaml:/config.yaml - ./gitea-runner/data:/data - /var/run/docker.sock:/var/run/docker.sock # WARNING: Docker socket mount gives container host-level access. Runner is in 'disabled' profile to mitigate risk. - /usr/bin/docker:/usr/bin/docker:ro - /usr/lib/docker/cli-plugins:/usr/lib/docker/cli-plugins:ro - /home/adamf/deploy/web_server:/home/adamf/deploy/web_server # Same path on host and container so docker compose bind mounts resolve correctly restart: unless-stopped networks: - app-network gitea: image: docker.gitea.com/gitea:1.25.4-rootless container_name: "${GITEA_HOST}" networks: - app-network environment: - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=${POSTGRES_HOST} - GITEA__database__NAME=${POSTGRES_GITEA_DB} - GITEA__database__USER=${POSTGRES_USER} - GITEA__database__PASSWD=${POSTGRES_PASSWORD} - GITEA__server__LFS_JWT_SECRET=${GITEA_LFS_JWT_SECRET} - GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN} - GITEA__oauth2__JWT_SECRET=${GITEA_OAUTH2_JWT_SECRET} - USER_UID=1000 - USER_GID=1000 restart: always volumes: - ./gitea/data:/var/lib/gitea - ./gitea/config:/etc/gitea - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "2222:2222" - "3000:3000" depends_on: - db