2021-12-12 18:22:49 +00:00
|
|
|
---
|
2020-09-08 16:38:35 +00:00
|
|
|
version: "3.8"
|
2021-12-12 18:22:49 +00:00
|
|
|
|
2020-09-08 16:38:35 +00:00
|
|
|
services:
|
2020-10-27 07:47:59 +00:00
|
|
|
app:
|
2023-05-07 22:53:44 +00:00
|
|
|
image: "matrixdotorg/synapse:v1.82.0"
|
2020-09-08 16:38:35 +00:00
|
|
|
volumes:
|
|
|
|
- "data:/data"
|
2022-05-12 20:29:27 +00:00
|
|
|
depends_on:
|
|
|
|
- db
|
2021-12-12 19:00:51 +00:00
|
|
|
secrets:
|
|
|
|
- db_password
|
2021-12-13 11:16:23 +00:00
|
|
|
- registration_shared_secret
|
|
|
|
- macaroon_secret_key
|
|
|
|
- form_secret
|
2020-09-08 16:38:35 +00:00
|
|
|
environment:
|
2022-09-05 23:07:04 +00:00
|
|
|
- ALLOWED_LIFETIME_MAX
|
2022-01-12 10:27:43 +00:00
|
|
|
- AUTO_JOIN_ROOM
|
|
|
|
- AUTO_JOIN_ROOM_ENABLED
|
2021-12-12 22:50:45 +00:00
|
|
|
- DISABLE_FEDERATION
|
2021-12-13 09:56:36 +00:00
|
|
|
- DOMAIN
|
2022-02-07 23:32:28 +00:00
|
|
|
- ENABLE_3PID_LOOKUP
|
|
|
|
- ENABLE_ALLOWLIST
|
2022-03-13 15:55:48 +00:00
|
|
|
- ENABLE_REGISTRATION
|
2022-09-05 23:07:04 +00:00
|
|
|
- ENCRYPTED_BY_DEFAULT
|
2022-02-07 23:32:28 +00:00
|
|
|
- FEDERATION_ALLOWLIST
|
2020-09-08 16:38:35 +00:00
|
|
|
- LETSENCRYPT_HOST=${DOMAIN}
|
2023-01-07 23:10:03 +00:00
|
|
|
- MEDIA_RETENTION_LOCAL_LIFETIME
|
|
|
|
- MEDIA_RETENTION_REMOTE_LIFETIME
|
2022-03-14 16:19:56 +00:00
|
|
|
- PASSWORD_LOGIN_ENABLED
|
2022-02-07 23:32:28 +00:00
|
|
|
- REDACTION_RETENTION_PERIOD
|
2022-09-05 23:07:04 +00:00
|
|
|
- RETENTION_MAX_LIFETIME
|
2022-02-07 23:32:28 +00:00
|
|
|
- ROOT_LOG_LEVEL
|
2022-04-06 10:57:41 +00:00
|
|
|
- SERVE_SERVER_WELLKNOWN
|
2022-02-07 23:32:28 +00:00
|
|
|
- SQL_LOG_LEVEL
|
2021-12-13 11:54:09 +00:00
|
|
|
- STACK_NAME
|
2021-12-12 22:25:24 +00:00
|
|
|
- SYNAPSE_ADMIN_EMAIL
|
|
|
|
- SYNAPSE_REPORT_STATS=no
|
|
|
|
- SYNAPSE_SERVER_NAME=${DOMAIN}
|
2022-02-07 23:32:28 +00:00
|
|
|
- USER_IPS_MAX_AGE
|
2021-12-12 22:25:24 +00:00
|
|
|
- VIRTUAL_HOST=${DOMAIN}
|
|
|
|
- VIRTUAL_PORT=8008
|
2020-10-27 07:48:06 +00:00
|
|
|
networks:
|
2021-12-13 15:40:47 +00:00
|
|
|
- proxy
|
2021-12-12 22:31:37 +00:00
|
|
|
- internal
|
2021-12-12 18:22:49 +00:00
|
|
|
entrypoint: /docker-entrypoint.sh
|
|
|
|
configs:
|
2021-12-12 19:00:51 +00:00
|
|
|
- source: homeserver_yaml
|
|
|
|
target: /data/homeserver.yaml
|
2021-12-13 11:39:19 +00:00
|
|
|
- source: log_config
|
|
|
|
target: /data/log.config
|
2021-12-12 18:22:49 +00:00
|
|
|
- source: entrypoint_conf
|
|
|
|
target: /docker-entrypoint.sh
|
|
|
|
mode: 0555
|
2021-12-13 15:40:47 +00:00
|
|
|
deploy:
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
labels:
|
|
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8008"
|
|
|
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
|
|
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
|
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
2023-05-07 22:53:44 +00:00
|
|
|
- "coop-cloud.${STACK_NAME}.version=3.7.0+v1.82.0"
|
2021-12-12 18:22:49 +00:00
|
|
|
|
2021-12-12 19:00:51 +00:00
|
|
|
db:
|
|
|
|
image: postgres:13-alpine
|
|
|
|
secrets:
|
|
|
|
- db_password
|
|
|
|
environment:
|
2022-03-08 08:17:27 +00:00
|
|
|
- LC_COLLATE=C
|
|
|
|
- LC_CTYPE=C
|
2021-12-13 11:52:48 +00:00
|
|
|
- POSTGRES_DB=synapse
|
2022-03-08 08:17:27 +00:00
|
|
|
- POSTGRES_INITDB_ARGS="-E \"UTF8\""
|
2021-12-13 11:52:48 +00:00
|
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
|
|
|
- POSTGRES_USER=synapse
|
2021-12-12 19:00:51 +00:00
|
|
|
networks:
|
|
|
|
- internal
|
|
|
|
healthcheck:
|
2023-01-08 00:59:46 +00:00
|
|
|
test: ["CMD", "pg_isready", "-U", "$POSTGRES_USER" ]
|
2021-12-12 19:00:51 +00:00
|
|
|
volumes:
|
|
|
|
- postgres:/var/lib/postgresql/data
|
2022-04-12 13:29:56 +00:00
|
|
|
deploy:
|
|
|
|
labels:
|
|
|
|
backupbot.backup: "true"
|
|
|
|
backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql"
|
|
|
|
backupbot.backup.post-hook: "rm -rf /tmp/backup"
|
|
|
|
backupbot.backup.path: "/tmp/backup/"
|
2021-12-12 19:00:51 +00:00
|
|
|
|
2020-09-08 16:38:35 +00:00
|
|
|
volumes:
|
|
|
|
data:
|
2021-12-12 19:00:51 +00:00
|
|
|
postgres:
|
2021-12-12 18:22:49 +00:00
|
|
|
|
2020-09-08 16:38:35 +00:00
|
|
|
networks:
|
|
|
|
proxy:
|
|
|
|
external: true
|
|
|
|
internal:
|
2021-12-12 18:22:49 +00:00
|
|
|
|
2020-09-08 16:38:35 +00:00
|
|
|
configs:
|
|
|
|
entrypoint_conf:
|
|
|
|
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
|
|
|
file: entrypoint.sh.tmpl
|
|
|
|
template_driver: golang
|
2021-12-12 19:00:51 +00:00
|
|
|
homeserver_yaml:
|
2023-02-02 18:12:12 +00:00
|
|
|
name: ${STACK_NAME}_homeserver_yaml_${HOMESERVER_YAML_VERSION}
|
2021-12-12 19:00:51 +00:00
|
|
|
file: homeserver.yaml.tmpl
|
|
|
|
template_driver: golang
|
2021-12-13 11:39:19 +00:00
|
|
|
log_config:
|
|
|
|
name: ${STACK_NAME}_log_config_${LOG_CONFIG_VERSION}
|
|
|
|
file: log.config.tmpl
|
|
|
|
template_driver: golang
|
2021-12-12 19:00:51 +00:00
|
|
|
|
|
|
|
secrets:
|
|
|
|
db_password:
|
|
|
|
external: true
|
|
|
|
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
2021-12-13 11:16:23 +00:00
|
|
|
registration_shared_secret:
|
|
|
|
external: true
|
|
|
|
name: ${STACK_NAME}_db_password_${SECRET_REGISTRATION_SHARED_SECRET_VERSION}
|
|
|
|
macaroon_secret_key:
|
|
|
|
external: true
|
|
|
|
name: ${STACK_NAME}_db_password_${SECRET_MACAROON_SECRET_KEY_VERSION}
|
|
|
|
form_secret:
|
|
|
|
external: true
|
|
|
|
name: ${STACK_NAME}_db_password_${SECRET_FORM_SECRET_VERSION}
|