Eric Bower
·
17 Dec 24
docker-compose.prod.yml
1services:
2 postgres:
3 env_file:
4 - .env.prod
5 volumes:
6 - ./data/postgres-data:/var/lib/postgresql/data
7 ports:
8 - "5432:5432"
9 command: -N 1024 -B 4096MB
10 minio-caddy:
11 image: ghcr.io/picosh/pico/caddy:latest
12 restart: always
13 env_file:
14 - .env.prod
15 environment:
16 APP_DOMAIN: pico.sh
17 APP_EMAIL: ${MINIO_EMAIL:-hello@pico.sh}
18 volumes:
19 - ${MINIO_CADDYFILE}:/etc/caddy/Caddyfile
20 - ./data/minio-caddy/data:/data
21 - ./data/minio-caddy/config:/config
22 ports:
23 - "80:80"
24 - "443:443"
25 profiles:
26 - db
27 - all
28 minio:
29 env_file:
30 - .env.prod
31 volumes:
32 - ./data/minio-data:/data
33 pipemgr:
34 env_file:
35 - .env.prod
36 volumes:
37 - ./data/pipemgr/data/term_info_ed25519:/key:ro
38 registry:
39 env_file:
40 - .env.prod
41 volumes:
42 - ./imgs/registry.yml:/etc/docker/registry/config.yml
43 networks:
44 - imgs
45 imgproxy:
46 env_file:
47 - .env.prod
48 volumes:
49 - ./data/imgs-storage/data:/storage/imgs
50 - ./data/pgs-storage/data:/storage/pgs
51 pastes-caddy:
52 image: ghcr.io/picosh/pico/caddy:latest
53 restart: always
54 networks:
55 - pastes
56 env_file:
57 - .env.prod
58 environment:
59 APP_DOMAIN: ${PASTES_DOMAIN:-pastes.sh}
60 APP_EMAIL: ${PASTES_EMAIL:-hello@pico.sh}
61 volumes:
62 - ${PASTES_CADDYFILE}:/etc/caddy/Caddyfile
63 - ./data/pastes-caddy/data:/data
64 - ./data/pastes-caddy/config:/config
65 ports:
66 - "${PASTES_HTTPS_V4:-443}:443"
67 - "${PASTES_HTTP_V4:-80}:80"
68 - "${PASTES_HTTPS_V6:-[::1]:443}:443"
69 - "${PASTES_HTTP_V6:-[::1]:80}:80"
70 profiles:
71 - pastes
72 - caddy
73 - all
74 pastes-web:
75 networks:
76 pastes:
77 aliases:
78 - web
79 env_file:
80 - .env.prod
81 volumes:
82 - ./data/pastes-ssh/data:/app/ssh_data
83 pastes-ssh:
84 networks:
85 pastes:
86 aliases:
87 - ssh
88 env_file:
89 - .env.prod
90 volumes:
91 - ./data/pastes-ssh/data:/app/ssh_data
92 ports:
93 - "${PASTES_SSH_V4:-22}:2222"
94 - "${PASTES_SSH_V6:-[::1]:22}:2222"
95 pipe-caddy:
96 image: ghcr.io/picosh/pico/caddy:latest
97 restart: always
98 networks:
99 - pipe
100 env_file:
101 - .env.prod
102 environment:
103 APP_DOMAIN: ${PIPE_DOMAIN:-pipe.pico.sh}
104 APP_EMAIL: ${PIPE_EMAIL:-hello@pico.sh}
105 volumes:
106 - ${PIPE_CADDYFILE}:/etc/caddy/Caddyfile
107 - ./data/pipe-caddy/data:/data
108 - ./data/pipe-caddy/config:/config
109 ports:
110 - "${PIPE_HTTPS_V4:-443}:443"
111 - "${PIPE_HTTP_V4:-80}:80"
112 - "${PIPE_HTTPS_V6:-[::1]:443}:443"
113 - "${PIPE_HTTP_V6:-[::1]:80}:80"
114 profiles:
115 - pipe
116 - caddy
117 - all
118 pipe-web:
119 networks:
120 pipe:
121 aliases:
122 - web
123 env_file:
124 - .env.prod
125 volumes:
126 - ./data/pipe-ssh/data:/app/ssh_data
127 pipe-ssh:
128 networks:
129 pipe:
130 aliases:
131 - ssh
132 env_file:
133 - .env.prod
134 volumes:
135 - ./data/pipe-ssh/data:/app/ssh_data
136 ports:
137 - "${PIPE_SSH_V4:-22}:2222"
138 - "${PIPE_SSH_V6:-[::1]:22}:2222"
139 prose-caddy:
140 image: ghcr.io/picosh/pico/caddy:latest
141 restart: always
142 networks:
143 - prose
144 env_file:
145 - .env.prod
146 environment:
147 APP_DOMAIN: ${PROSE_DOMAIN:-prose.sh}
148 APP_EMAIL: ${PROSE_EMAIL:-hello@pico.sh}
149 volumes:
150 - ${PROSE_CADDYFILE}:/etc/caddy/Caddyfile
151 - ./data/prose-caddy/data:/data
152 - ./data/prose-caddy/config:/config
153 labels:
154 pipemgr.enable: true
155 pipemgr.filter: "http.log.access"
156 depends_on:
157 pipemgr:
158 condition: service_healthy
159 ports:
160 - "${PROSE_HTTPS_V4:-443}:443"
161 - "${PROSE_HTTP_V4:-80}:80"
162 - "${PROSE_HTTPS_V6:-[::1]:443}:443"
163 - "${PROSE_HTTP_V6:-[::1]:80}:80"
164 profiles:
165 - prose
166 - caddy
167 - all
168 prose-web:
169 networks:
170 prose:
171 aliases:
172 - web
173 env_file:
174 - .env.prod
175 volumes:
176 - ./data/prose-ssh/data:/app/ssh_data
177 prose-ssh:
178 networks:
179 prose:
180 aliases:
181 - ssh
182 env_file:
183 - .env.prod
184 volumes:
185 - ./data/prose-ssh/data:/app/ssh_data
186 ports:
187 - "${PROSE_SSH_V4:-22}:2222"
188 - "${PROSE_SSH_V6:-[::1]:22}:2222"
189 imgs-caddy:
190 image: ghcr.io/picosh/pico/caddy:latest
191 restart: always
192 networks:
193 - imgs
194 env_file:
195 - .env.prod
196 environment:
197 APP_DOMAIN: ${IMGS_DOMAIN:-imgs.sh}
198 APP_EMAIL: ${IMGS_EMAIL:-hello@pico.sh}
199 volumes:
200 - ${IMGS_CADDYFILE}:/etc/caddy/Caddyfile
201 - ./data/imgs-caddy/data:/data
202 - ./data/imgs-caddy/config:/config
203 ports:
204 - "${IMGS_HTTPS_V4:-443}:443"
205 - "${IMGS_HTTP_V4:-80}:80"
206 - "${IMGS_HTTPS_V6:-[::1]:443}:443"
207 - "${IMGS_HTTP_V6:-[::1]:80}:80"
208 profiles:
209 - imgs
210 - caddy
211 - all
212 imgs-web:
213 networks:
214 imgs:
215 aliases:
216 - web
217 env_file:
218 - .env.prod
219 volumes:
220 - ./data/storage/data:/app/.storage
221 - ./data/imgs-ssh/data:/app/ssh_data
222 imgs-ssh:
223 networks:
224 imgs:
225 aliases:
226 - ssh
227 env_file:
228 - .env.prod
229 volumes:
230 - ./data/storage/data:/app/.storage
231 - ./data/imgs-ssh/data:/app/ssh_data
232 - ./data/imgs-tmp:/tmp
233 ports:
234 - "${IMGS_SSH_V4:-22}:2222"
235 - "${IMGS_SSH_V6:-[::1]:22}:2222"
236 pgs-caddy:
237 image: ghcr.io/picosh/pico/caddy:latest
238 restart: always
239 networks:
240 - pgs
241 env_file:
242 - .env.prod
243 environment:
244 APP_DOMAIN: ${PGS_DOMAIN:-pgs.sh}
245 APP_EMAIL: ${PGS_EMAIL:-hello@pico.sh}
246 volumes:
247 - ${PGS_CADDYFILE}:/etc/caddy/Caddyfile
248 - ./data/pgs-caddy/data:/data
249 - ./data/pgs-caddy/config:/config
250 ports:
251 - "${PGS_HTTPS_V4:-443}:443"
252 - "${PGS_HTTP_V4:-80}:80"
253 - "${PGS_HTTPS_V6:-[::1]:443}:443"
254 - "${PGS_HTTP_V6:-[::1]:80}:80"
255 labels:
256 pipemgr.enable: true
257 pipemgr.filter: "http.log.access"
258 depends_on:
259 pipemgr:
260 condition: service_healthy
261 profiles:
262 - pgs
263 - caddy
264 - all
265 pgs-web:
266 networks:
267 pgs:
268 aliases:
269 - web
270 env_file:
271 - .env.prod
272 volumes:
273 - ./data/storage/data:/app/.storage
274 - ./data/pgs-ssh/data:/app/ssh_data
275 deploy:
276 resources:
277 limits:
278 memory: 3g
279 pgs-ssh:
280 networks:
281 pgs:
282 aliases:
283 - ssh
284 env_file:
285 - .env.prod
286 volumes:
287 - ./data/storage/data:/app/.storage
288 - ./data/pgs-ssh/data:/app/ssh_data
289 - ./data/tmp:/tmp
290 ports:
291 - "${PGS_SSH_V4:-22}:2222"
292 - "${PGS_SSH_V6:-[::1]:22}:2222"
293 deploy:
294 resources:
295 limits:
296 memory: 3g
297 feeds-caddy:
298 image: ghcr.io/picosh/pico/caddy:latest
299 restart: always
300 networks:
301 - feeds
302 env_file:
303 - .env.prod
304 environment:
305 APP_DOMAIN: ${FEEDS_DOMAIN:-feeds.pico.sh}
306 APP_EMAIL: ${FEEDS_EMAIL:-hello@pico.sh}
307 volumes:
308 - ${FEEDS_CADDYFILE}:/etc/caddy/Caddyfile
309 - ./data/feeds-caddy/data:/data
310 - ./data/feeds-caddy/config:/config
311 ports:
312 - "${FEEDS_HTTPS_V4:-443}:443"
313 - "${FEEDS_HTTP_V4:-80}:80"
314 - "${FEEDS_HTTPS_V6:-[::1]:443}:443"
315 - "${FEEDS_HTTP_V6:-[::1]:80}:80"
316 profiles:
317 - feeds
318 - caddy
319 - all
320 feeds-web:
321 networks:
322 feeds:
323 aliases:
324 - web
325 env_file:
326 - .env.prod
327 volumes:
328 - ./data/feeds-ssh/data:/app/ssh_data
329 feeds-ssh:
330 networks:
331 feeds:
332 aliases:
333 - ssh
334 env_file:
335 - .env.prod
336 volumes:
337 - ./data/feeds-ssh/data:/app/ssh_data
338 ports:
339 - "${FEEDS_SSH_V4:-22}:2222"
340 - "${FEEDS_SSH_V6:-[::1]:22}:2222"
341 pico-caddy:
342 image: ghcr.io/picosh/pico/caddy:latest
343 restart: always
344 networks:
345 - pico
346 env_file:
347 - .env.prod
348 environment:
349 APP_DOMAIN: ${PICO_DOMAIN:-pico.sh}
350 APP_EMAIL: ${PICO_EMAIL:-hello@pico.sh}
351 volumes:
352 - ${PICO_CADDYFILE}:/etc/caddy/Caddyfile
353 - ./data/pico-caddy/data:/data
354 - ./data/pico-caddy/config:/config
355 ports:
356 - "${PICO_HTTPS_V4:-443}:443"
357 - "${PICO_HTTP_V4:-80}:80"
358 - "${PICO_HTTPS_V6:-[::1]:443}:443"
359 - "${PICO_HTTP_V6:-[::1]:80}:80"
360 profiles:
361 - pico
362 - caddy
363 - all
364 pico-ssh:
365 networks:
366 pico:
367 aliases:
368 - ssh
369 env_file:
370 - .env.prod
371 volumes:
372 - ./data/pico-ssh/data:/app/ssh_data
373 ports:
374 - "${PICO_SSH_V4:-22}:2222"
375 - "${PICO_SSH_V6:-[::1]:22}:2222"
376
377networks:
378 default:
379 ipam:
380 driver: default
381 config:
382 - subnet: "172.101.0.0/24"
383 prose:
384 driver_opts:
385 com.docker.network.bridge.name: prose
386 ipam:
387 config:
388 - subnet: 172.18.0.0/16
389 pastes:
390 driver_opts:
391 com.docker.network.bridge.name: pastes
392 ipam:
393 config:
394 - subnet: 172.19.0.0/16
395 imgs:
396 driver_opts:
397 com.docker.network.bridge.name: imgs
398 ipam:
399 config:
400 - subnet: 172.21.0.0/16
401 feeds:
402 driver_opts:
403 com.docker.network.bridge.name: feeds
404 ipam:
405 config:
406 - subnet: 172.22.0.0/16
407 pgs:
408 driver_opts:
409 com.docker.network.bridge.name: pgs
410 ipam:
411 config:
412 - subnet: 172.23.0.0/16
413 pico:
414 driver_opts:
415 com.docker.network.bridge.name: pico
416 ipam:
417 config:
418 - subnet: 172.25.0.0/16
419 pipe:
420 driver_opts:
421 com.docker.network.bridge.name: pipe
422 ipam:
423 config:
424 - subnet: 172.27.0.0/16