# https://docs.firefly-iii.org/how-to/firefly-iii/installation/docker/ # # The Firefly III Data Importer will ask you for the Firefly III URL and a "Client ID". # You can generate the Client ID at http://localhost/profile (after registering) # The Firefly III URL is: http://app:8080 # # Other URL's will give 500 | Server Error # name: fireflyiii networks: traefik-net: external: true fireflyiii-net: external: true secrets: fireflyiii_access_token: file: ${SECRETSDIR}/fireflyiii_access_token fireflyiii_app_key: file: ${SECRETSDIR}/fireflyiii_app_key fireflyiii_default_lat: file: ${SECRETSDIR}/fireflyiii_default_lat fireflyiii_default_long: file: ${SECRETSDIR}/fireflyiii_default_long fireflyiii_mail_destination: file: ${SECRETSDIR}/fireflyiii_mail_destination fireflyiii_mail_from: file: ${SECRETSDIR}/fireflyiii_mail_from fireflyiii_mail_host: file: ${SECRETSDIR}/fireflyiii_mail_host fireflyiii_mail_password: file: ${SECRETSDIR}/fireflyiii_mail_password fireflyiii_mail_username: file: ${SECRETSDIR}/fireflyiii_mail_username fireflyiii_postgresql_database: file: ${SECRETSDIR}/fireflyiii_postgresql_database fireflyiii_postgresql_password: file: ${SECRETSDIR}/fireflyiii_postgresql_password fireflyiii_postgresql_username: file: ${SECRETSDIR}/fireflyiii_postgresql_username fireflyiii_site_owner: file: ${SECRETSDIR}/fireflyiii_site_owner fireflyiii_static_cron_token: file: ${SECRETSDIR}/fireflyiii_static_cron_token services: firefly: image: fireflyiii/core:latest #image: fireflyiii/core:version-6.1.16 hostname: "${APPLICATION_NAME}" # user: ${PUID}:${PGID} volumes: - ${DATADIR}/appdata:/var/www/html/storage/upload - ${DATADIR}/config:/config restart: unless-stopped env_file: .firefly.env networks: fireflyiii-net: aliases: ["fireflyiii", "${FFIII_FQDN}"] traefik-net: {} depends_on: postgresql: condition: service_healthy secrets: - fireflyiii_app_key - fireflyiii_default_lat - fireflyiii_default_long - fireflyiii_mail_from - fireflyiii_mail_host - fireflyiii_mail_password - fireflyiii_mail_username - fireflyiii_postgresql_database - fireflyiii_postgresql_password - fireflyiii_postgresql_username - fireflyiii_site_owner - fireflyiii_static_cron_token labels: - traefik.enable=true - traefik.docker.network=traefik-net # # http services # ------------- - "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}" # # http routers # ------------ # limit router to web ":80" entrypoint - "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web" # set match criteria for router - "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${FFIII_FQDN}`)&& PathPrefix(`/`)" # attach middlewares to router - "traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file" # assign svc target to router - "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc" # # limit router to websecure ":443" entrypoint - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure" # set match criteria for router - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${FFIII_FQDN}`)&& PathPrefix(`/`)" # set router to be dedicated to secure requests only for the host specified in match criteria - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true" # apply tls options - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.options=tls-options@file" # generate certificates using following certresolver - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=solver-dns" # attach middlewares to router - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file" # assign svc target to router - "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc" importer: image: fireflyiii/data-importer:latest hostname: "${IMPORTER_NAME}" restart: unless-stopped env_file: .importer.env # user: ${PUID}:${PGID} networks: traefik-net: {} # ipv4_address: ${FFIII_IMPORTER_IPV4_ADDRESS} # aliases: ["${FFIII_IMPORTER_FQDN}"] depends_on: - firefly secrets: - fireflyiii_access_token - fireflyiii_mail_from - fireflyiii_mail_host - fireflyiii_mail_password - fireflyiii_mail_username - fireflyiii_mail_destination labels: - traefik.enable=true - traefik.docker.network=traefik-net - "traefik.http.services.${IMPORTER_NAME}-svc.loadbalancer.server.port=${IMPORTER_WEBUI_PORT}" - "traefik.http.routers.${IMPORTER_NAME}-rtr.entrypoints=web" - "traefik.http.routers.${IMPORTER_NAME}-rtr.rule=Host(`${FFIII_IMPORTER_FQDN}`)&& PathPrefix(`/`)" - "traefik.http.routers.${IMPORTER_NAME}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file" - "traefik.http.routers.${IMPORTER_NAME}-rtr.service=${IMPORTER_NAME}-svc" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.entrypoints=websecure" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.rule=Host(`${FFIII_IMPORTER_FQDN}`)&& PathPrefix(`/`)" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.tls=true" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.tls.options=tls-options@file" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.tls.certresolver=solver-dns" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file" - "traefik.http.routers.${IMPORTER_NAME}-secure-rtr.service=${IMPORTER_NAME}-svc" postgresql: image: postgres:16-alpine hostname: "firefly_postgresql" shm_size: 128mb # https://hub.docker.com/_/postgres restart: unless-stopped env_file: .postgresql.env healthcheck: test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] start_period: 20s interval: 30s retries: 5 timeout: 5s networks: fireflyiii-net: aliases: ["fireflyiii_postgresql"] secrets: - fireflyiii_postgresql_database - fireflyiii_postgresql_password - fireflyiii_postgresql_username volumes: - "${DATADIR}/pgdata:/var/lib/postgresql/data" - "${DATADIR}/pgbackups:/mnt/backups" cron: # # To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable # The STATIC_CRON_TOKEN must be *exactly* 32 characters long # Generate the token with # openssl rand 32 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -32 # image: alpine restart: always secrets: - fireflyiii_static_cron_token command: sh -c "echo \"0 3 * * * wget -qO- http://fireflyiii:8080/api/v1/cron/$${STATIC_CRON_TOKEN}\" | crontab - && crond -f -L /dev/stdout" networks: - fireflyiii-net