87 lines
2.9 KiB
YAML
87 lines
2.9 KiB
YAML
secrets:
|
|
gitea_postgresql_password:
|
|
file: "${STACKSDIR}/secrets/${APP_NAME}_postgresql_password"
|
|
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
# pgadmin cannot access postgres if it's on backend network
|
|
gitea-backend:
|
|
name: gitea-backend
|
|
|
|
services:
|
|
gitea:
|
|
image: gitea/gitea:1.22.3-rootless
|
|
hostname: "${APP_NAME}"
|
|
#user: "${PUID}:${PGID}"
|
|
networks:
|
|
- "${APP_NAME}-backend"
|
|
- traefik
|
|
environment:
|
|
- PUID
|
|
- PGID
|
|
- TZ
|
|
- GITEA__database__DB_TYPE
|
|
- GITEA__database__NAME
|
|
- GITEA__database__USER
|
|
- GITEA__database__HOST="${APP_NAME}_postgresql:5432"
|
|
- GITEA__mailer__ENABLED
|
|
- GITEA__mailer__FROM
|
|
- GITEA__mailer__PROTOCOL
|
|
- GITEA__mailer__SMTP_ADDR
|
|
- GITEA__mailer__SMTP_PORT
|
|
- GITEA__mailer__USER
|
|
- GIT_DISCOVERY_ACROSS_FILESYSTEM
|
|
volumes:
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- "${DATADIR}/config:/etc/gitea"
|
|
- "${DATADIR}/appdata:/var/lib/gitea"
|
|
- "${DATADIR}/backups:/mnt/backups"
|
|
restart: unless-stopped
|
|
depends_on:
|
|
postgresql:
|
|
condition: service_healthy
|
|
labels:
|
|
- traefik.enable=true
|
|
- "traefik.http.routers.${APP_NAME}.entrypoints=web"
|
|
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_NAME}.${DOMAINNAME}`)"
|
|
- "traefik.http.middlewares.${APP_NAME}-https-redirect.redirectscheme.scheme=https"
|
|
- "traefik.http.routers.${APP_NAME}.middlewares=${APP_NAME}-https-redirect"
|
|
- "traefik.http.routers.${APP_NAME}-secure.entrypoints=websecure"
|
|
- "traefik.http.routers.${APP_NAME}-secure.rule=Host(`${APP_NAME}.${DOMAINNAME}`)"
|
|
- "traefik.http.routers.${APP_NAME}-secure.tls=true"
|
|
- "traefik.http.routers.${APP_NAME}-secure.tls.certresolver=sthomeresolver"
|
|
- "traefik.http.routers.${APP_NAME}-secure.service=${APP_NAME}"
|
|
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
|
|
- traefik.docker.network=traefik
|
|
|
|
postgresql:
|
|
image: postgres:16-alpine
|
|
container_name: "${APP_NAME}_postgresql"
|
|
hostname: "${APP_NAME}_postgresql"
|
|
shm_size: 128mb # https://hub.docker.com/_/postgres
|
|
restart: unless-stopped
|
|
#user: "${PG_UID}:${PG_GID}" # postgress is unhealthy when this is not 70:70
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
|
|
start_period: 20s
|
|
interval: 30s
|
|
retries: 5
|
|
timeout: 5s
|
|
networks:
|
|
- "${APP_NAME}-backend"
|
|
# - traefik # required for pgadmin access
|
|
secrets:
|
|
# Generate the password with openssl rand 36 | base64 -w 0
|
|
- "${APP_NAME}_postgresql_password"
|
|
environment:
|
|
- PGID
|
|
- PG_GID
|
|
- TZ
|
|
- POSTGRES_PASSWORD_FILE
|
|
- POSTGRES_USER
|
|
- POSTGRES_DB
|
|
volumes:
|
|
- "${DATADIR}/pgdata:/var/lib/postgresql/data"
|
|
- "${DATADIR}/pgbackups:/mnt/backups" |