--- version: "3.8" services: app: image: cryptpad/cryptpad:version-2024.3.0 networks: - proxy environment: - "CPAD_MAIN_DOMAIN=${DOMAIN}" - "CPAD_SANDBOX_DOMAIN=sandbox.${DOMAIN}" # Traefik can't use HTTP2 to communicate with cryptpat_websocket # A workaroung is disabling HTTP2 in Nginx - "CPAD_HTTP2_DISABLE=true" - "CPAD_REALIP_RECURSIVE=on" - "CPAD_REALIP_HEADER=X-Real-Ip" volumes: - cryptpad_blob:/cryptpad/blob - cryptpad_block:/cryptpad/block - cryptpad_customize:/cryptpad/customize - cryptpad_data:/cryptpad/data - cryptpad_files:/cryptpad/datastore - cryptpad_config:/cryptpad/config/ configs: - source: config_js target: /cryptpad/config/config.js deploy: restart_policy: condition: on-failure labels: - "traefik.enable=true" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`, `sandbox.${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" # - "traefik.http.routers.${STACK_NAME}.tls.domains[0].main=${DOMAIN}" # - "traefik.http.routers.${STACK_NAME}.tls.domains[0].sans=sandbox.${DOMAIN}" ## Redirect from EXTRA_DOMAINS to DOMAIN #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - "coop-cloud.${STACK_NAME}.version=0.4.0+version-2024.3.0" # healthcheck: # test: ["CMD", "curl", "-f", "http://localhost"] # interval: 30s # timeout: 10s # retries: 10 # start_period: 1m networks: proxy: external: true volumes: cryptpad_blob: cryptpad_block: cryptpad_customize: cryptpad_data: cryptpad_files: cryptpad_config: configs: config_js: name: ${STACK_NAME}_config_${CONFIG_VERSION} file: config.js.tmpl template_driver: golang