guezoloic/serverconfig
1
0
Fork 0
mirror of https://github.com/guezoloic/serverconfig.git synced 2026-03-28 18:03:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(docker-compose.yml): add a few new adjustment

Browse Source
This commit is contained in:
Loïc GUEZO
2026-03-01 15:58:00 +01:00
parent a8907ae408
commit f40eeff6be
2 changed files with 46 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
docker-compose.yml
View File

@@ -1,5 +1,4 @@
volumes:
ssl-data: { name: ssl }
wireguard-data: { name: wireguard }
portainer-data: { name: portainer }
gitea-mirror-data: { name: gitea_mirror }
@@ -9,6 +8,11 @@ networks:
# Docker socket access
socket-ro-bridge: { name: socket_ro_bridge, internal: true }
socket-rw-bridge: { name: socket_rw_bridge, internal: true }
matrix-internal:
internal: true
name: matrix_internal
# Public-facing network for Nginx Proxy and web services
web-network:
name: web_network
@@ -69,9 +73,7 @@ services:
DOCKER_HOST: tcp://socket-rw:2375 # Uses RW proxy to pause containers during backup
volumes:
- wireguard-data:/backup/wireguard:ro
- ./data/synapse:/backup/synapse:ro
- ssl-data:/backup/ssl:ro
- ./data/backup:/archive
- ./data/:/backup/data
networks:
- socket-rw-bridge
- web-network
@@ -88,7 +90,7 @@ services:
- DOCKER_HOST=tcp://socket-ro:2375 # Discovers containers via RO proxy
- ENABLE_IPV6=true
volumes:
- ssl-data:/etc/nginx/certs:ro
- ./data/nginx/certs:/etc/nginx/certs:ro
- ./data/nginx/default_html:/usr/share/nginx/html
- ./data/nginx/vhost.d:/etc/nginx/vhost.d
labels:
@@ -109,7 +111,7 @@ services:
- NGINX_PROXY_CONTAINER=nginx-proxy
- DOCKER_HOST=tcp://socket-rw:2375 # Needs RW to restart Nginx after renewal
volumes:
- ssl-data:/etc/nginx/certs
- ./data/nginx/certs:/etc/nginx/certs
- ./data/nginx/vhost.d:/etc/nginx/vhost.d
- ./data/nginx/default_html:/usr/share/nginx/html
- ./data/nginx/acme_config:/etc/acme.sh
@@ -180,27 +182,61 @@ services:
networks:
- web-network
db-matrix:
image: postgres:15-alpine
container_name: db-matrix
restart: unless-stopped
environment:
- POSTGRES_DB=synapse
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=${DB_PASSWORD}
volumes:
- ./data/matrix/postgres:/var/lib/postgresql/data
deploy:
resources:
limits:
memory: 200M
networks:
- matrix-internal
# Synapse: Matrix homeserver for decentralized communication
synapse:
image: matrixdotorg/synapse:latest
container_name: synapse
restart: unless-stopped
deploy:
resources:
limits:
memory: 800M
reservations:
memory: 400M
volumes:
- ./data/synapse:/data
- ./data/matrix/synapse:/data
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
- VIRTUAL_HOST=msg.${HOSTNAME}
- LETSENCRYPT_HOST=msg.${HOSTNAME}
- LETSENCRYPT_EMAIL=${EMAIL}
- VIRTUAL_PORT=8008
- SYNAPSE_POSTGRES_HOST=db-matrix
- SYNAPSE_POSTGRES_USER=synapse
- SYNAPSE_POSTGRES_PASSWORD=${DB_PASSWORD}
- SYNAPSE_POSTGRES_DB=synapse
networks:
- web-network
- matrix-internal
depends_on:
- db-matrix
# Gitea: Self-hosted Git forge (Lightweight alternative to GitHub)
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
deploy:
resources:
limits:
memory: 512M
environment:
- VIRTUAL_HOST=git.${HOSTNAME}
- LETSENCRYPT_HOST=git.${HOSTNAME}
@@ -208,7 +244,7 @@ services:
- VIRTUAL_PORT=3000
- GITEA__server__DOMAIN=git.${HOSTNAME}
- GITEA__server__ROOT_URL=https://git.${HOSTNAME}/
- DISABLE_REGISTRATION=true # Private instance security
# - DISABLE_REGISTRATION=true # Private instance security
volumes:
- ./data/gitea:/data
- /etc/localtime:/etc/localtime:ro
@@ -228,6 +264,7 @@ services:
- LETSENCRYPT_EMAIL=${EMAIL}
- VIRTUAL_PORT=4321
- BETTER_AUTH_SECRET=${GITHUB_AUTH_SECRET}
- BETTER_AUTH_TRUSTED_ORIGINS=https://mirror.${HOSTNAME}
volumes:
- gitea-mirror-data:/app/data
networks: