318 lines
8.1 KiB
YAML
318 lines
8.1 KiB
YAML
version: "3.8"
|
|
|
|
services:
|
|
|
|
app:
|
|
image: ghcr.io/revoltchat/server:20250210-1
|
|
depends_on:
|
|
- database
|
|
- redis
|
|
- rabbit
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
- INVITE_ONLY_ENABLED
|
|
- EMAIL_VERIFICATION_ENABLED
|
|
- SMTP_HOST
|
|
- SMTP_USERNAME
|
|
- SMTP_FROM_ADDRESS
|
|
- SMTP_REPLY_TO
|
|
- SMTP_PORT
|
|
- SMTP_USE_TLS
|
|
- SECURITY_CAPTCHA_ENABLED
|
|
- SECURITY_CLAMV_HOST
|
|
- NOTIFICATIONS_WEBOOKS_ENABLED
|
|
- NOTIFICATIONS_MASS_MENTIONS_PUSH_NOTIF
|
|
- NOTIFICATIONS_MASS_MENTIONS_ENABLED
|
|
- NOTIFICATIONS_FCM_ENABLED
|
|
- NOTIFICATIONS_APN_ENABLED
|
|
deploy:
|
|
restart_policy:
|
|
condition: on-failure
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.api.loadbalancer.server.port=14702"
|
|
- "traefik.http.routers.api.rule=Host(`${DOMAIN}`) && PathPrefix(`/api`)"
|
|
- "traefik.http.routers.api.entrypoints=web-secure"
|
|
- "traefik.http.routers.api.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.middlewares.api-stripprefix.stripprefix.prefixes=/api"
|
|
- "traefik.http.routers.api.middlewares=api-stripprefix"
|
|
- "coop-cloud.${STACK_NAME}.version=0.1.0+0.8.2"
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
secrets:
|
|
- file_encrypt_token
|
|
- public_key
|
|
- private_key
|
|
- rabbit_password
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
|
|
|
|
database:
|
|
image: docker.io/mongo
|
|
volumes:
|
|
- db:/data/db
|
|
healthcheck:
|
|
test: echo 'db.runCommand("ping").ok' | mongosh localhost:27017/test --quiet
|
|
interval: 10s
|
|
timeout: 10s
|
|
retries: 5
|
|
start_period: 10s
|
|
networks:
|
|
internal:
|
|
|
|
|
|
redis:
|
|
image: docker.io/eqalpha/keydb:x86_64_v6.3.4
|
|
networks:
|
|
internal:
|
|
|
|
|
|
rabbit:
|
|
image: docker.io/rabbitmq:4.1.0
|
|
environment:
|
|
RABBITMQ_DEFAULT_USER: rabbituser
|
|
RABBITMQ_DEFAULT_PASS: rabbitpass
|
|
volumes:
|
|
- rabbit:/var/lib/rabbitmq
|
|
secrets:
|
|
- rabbit_password
|
|
healthcheck:
|
|
test: rabbitmq-diagnostics -q ping
|
|
interval: 10s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 20s
|
|
networks:
|
|
internal:
|
|
|
|
|
|
minio:
|
|
image: docker.io/minio/minio:RELEASE.2025-04-22T22-12-26Z
|
|
command: server /data
|
|
volumes:
|
|
- minio:/data
|
|
environment:
|
|
MINIO_ROOT_USER: minioautumn
|
|
MINIO_ROOT_PASSWORD: minioautumn
|
|
MINIO_DOMAIN: minio
|
|
networks:
|
|
internal:
|
|
|
|
|
|
events:
|
|
image: ghcr.io/revoltchat/bonfire:20250210-1
|
|
depends_on:
|
|
- database
|
|
- redis
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
- INVITE_ONLY_ENABLED
|
|
- EMAIL_VERIFICATION_ENABLED
|
|
- SMTP_HOST
|
|
- SMTP_USERNAME
|
|
- SMTP_FROM_ADDRESS
|
|
- SMTP_REPLY_TO
|
|
- SMTP_PORT
|
|
- SMTP_USE_TLS
|
|
- SECURITY_CAPTCHA_ENABLED
|
|
- SECURITY_CLAMV_HOST
|
|
- NOTIFICATIONS_WEBOOKS_ENABLED
|
|
- NOTIFICATIONS_MASS_MENTIONS_PUSH_NOTIF
|
|
- NOTIFICATIONS_MASS_MENTIONS_ENABLED
|
|
- NOTIFICATIONS_FCM_ENABLED
|
|
- NOTIFICATIONS_APN_ENABLED
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
deploy:
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.events.loadbalancer.server.port=14703"
|
|
- "traefik.http.routers.events.rule=Host(`${DOMAIN}`) && PathPrefix(`/ws`)"
|
|
- "traefik.http.routers.events.entrypoints=web-secure"
|
|
- "traefik.http.routers.events.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.middlewares.ws-stripprefix.stripprefix.prefixes=/ws"
|
|
- "traefik.http.routers.events.middlewares=ws-stripprefix"
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
|
|
|
|
web:
|
|
image: ghcr.io/revoltchat/client:1.0.1
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
deploy:
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.web.loadbalancer.server.port=5000"
|
|
- "traefik.http.routers.web.rule=Host(`${DOMAIN}`) && !PathPrefix(`/api`, `/ws`, `/autumn`, `/january`)"
|
|
- "traefik.http.routers.web.entrypoints=web-secure"
|
|
- "traefik.http.routers.web.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.routers.web.priority=1"
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
|
|
|
|
autumn:
|
|
image: ghcr.io/revoltchat/autumn:20250210-1
|
|
depends_on:
|
|
- database
|
|
- createbuckets
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
- INVITE_ONLY_ENABLED
|
|
- EMAIL_VERIFICATION_ENABLED
|
|
- SMTP_HOST
|
|
- SMTP_USERNAME
|
|
- SMTP_FROM_ADDRESS
|
|
- SMTP_REPLY_TO
|
|
- SMTP_PORT
|
|
- SMTP_USE_TLS
|
|
- SECURITY_CAPTCHA_ENABLED
|
|
- SECURITY_CLAMV_HOST
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
deploy:
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.autumn.loadbalancer.server.port=14704"
|
|
- "traefik.http.routers.autumn.rule=Host(`${DOMAIN}`) && PathPrefix(`/autumn`)"
|
|
- "traefik.http.routers.autumn.entrypoints=web-secure"
|
|
- "traefik.http.routers.autumn.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.middlewares.autumn-stripprefix.stripprefix.prefixes=/autumn"
|
|
- "traefik.http.routers.autumn.middlewares=autumn-stripprefix"
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
|
|
|
|
january:
|
|
image: ghcr.io/revoltchat/january:20250210-1
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
deploy:
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.january.loadbalancer.server.port=14705"
|
|
- "traefik.http.routers.january.rule=Host(`${DOMAIN}`) && PathPrefix(`/january`)"
|
|
- "traefik.http.routers.january.entrypoints=web-secure"
|
|
- "traefik.http.routers.january.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.middlewares.january-stripprefix.stripprefix.prefixes=/january"
|
|
- "traefik.http.routers.january.middlewares=january-stripprefix"
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
|
|
|
|
crond:
|
|
image: ghcr.io/revoltchat/crond:20250210-1-debug
|
|
depends_on:
|
|
- database
|
|
- minio
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
- INVITE_ONLY_ENABLED
|
|
- EMAIL_VERIFICATION_ENABLED
|
|
- SMTP_HOST
|
|
- SMTP_USERNAME
|
|
- SMTP_FROM_ADDRESS
|
|
- SMTP_REPLY_TO
|
|
- SMTP_PORT
|
|
- SMTP_USE_TLS
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
networks:
|
|
internal:
|
|
|
|
|
|
pushd:
|
|
image: ghcr.io/revoltchat/pushd:20250210-1
|
|
depends_on:
|
|
- database
|
|
- redis
|
|
- rabbit
|
|
environment:
|
|
- HOSTNAME
|
|
- REVOLT_PUBLIC_URL
|
|
- NOTIFICATIONS_WEBOOKS_ENABLED
|
|
- NOTIFICATIONS_MASS_MENTIONS_PUSH_NOTIF
|
|
- NOTIFICATIONS_MASS_MENTIONS_ENABLED
|
|
- NOTIFICATIONS_FCM_ENABLED
|
|
- NOTIFICATIONS_APN_ENABLED
|
|
configs:
|
|
- source: revolt_toml
|
|
target: /Revolt.toml
|
|
networks:
|
|
internal:
|
|
|
|
|
|
createbuckets:
|
|
image: docker.io/minio/mc
|
|
depends_on:
|
|
- minio
|
|
deploy:
|
|
restart_policy:
|
|
condition: on-failure
|
|
max_attempts: 5
|
|
entrypoint: >
|
|
/bin/sh -c " if /usr/bin/mc ready minio; then
|
|
/usr/bin/mc config host add minio http://minio:9000 minioautumn minioautumn;
|
|
/usr/bin/mc mb minio/revolt-uploads;
|
|
echo 'Successfully created bucket';
|
|
exit 0;
|
|
else
|
|
echo 'Minio not ready, will retry on next container restart';
|
|
exit 1;
|
|
fi "
|
|
networks:
|
|
internal:
|
|
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
internal:
|
|
|
|
|
|
volumes:
|
|
db:
|
|
minio:
|
|
rabbit:
|
|
|
|
|
|
configs:
|
|
revolt_toml:
|
|
name: ${STACK_NAME}_revolt_toml_${REVOLT_TOML_VERSION}
|
|
file: Revolt.toml.tmpl
|
|
template_driver: golang
|
|
|
|
secrets:
|
|
file_encrypt_token:
|
|
name: ${STACK_NAME}_file_encrypt_token_${SECRET_FILE_ENCRYPT_TOKEN_VERSION}
|
|
external: true
|
|
public_key:
|
|
name: ${STACK_NAME}_public_key_${SECRET_PUBLIC_KEY_VERSION}
|
|
external: true
|
|
private_key:
|
|
name: ${STACK_NAME}_private_key_${SECRET_PRIVATE_KEY_VERSION}
|
|
external: true
|
|
rabbit_password:
|
|
name: ${STACK_NAME}_rabbit_password_${SECRET_RABBIT_PASSWORD_VERSION}
|
|
external: true
|