106 lines
3.7 KiB
YAML
106 lines
3.7 KiB
YAML
# https://docs.sheetable-iii.org/how-to/sheetable-iii/installation/docker/
|
|
|
|
name: sheetable
|
|
|
|
secrets:
|
|
sheetable_api_secret:
|
|
file: ${SECRETSDIR}/sheetable_api_secret
|
|
sheetable_admin_email:
|
|
file: ${SECRETSDIR}/sheetable_admin_email
|
|
sheetable_admin_password:
|
|
file: ${SECRETSDIR}/sheetable_admin_password
|
|
sheetable_postgresql_database:
|
|
file: ${SECRETSDIR}/sheetable_postgresql_database
|
|
sheetable_postgresql_password:
|
|
file: ${SECRETSDIR}/sheetable_postgresql_password
|
|
sheetable_postgresql_username:
|
|
file: ${SECRETSDIR}/sheetable_postgresql_username
|
|
|
|
networks:
|
|
traefik-net:
|
|
external: true
|
|
postgres-net:
|
|
external: true
|
|
|
|
services:
|
|
sheetable:
|
|
image: vallezw/sheetable
|
|
hostname: "sheetable"
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- "${DATADIR}/config:${APPLICATION_CONFIG_PATH}"
|
|
restart: unless-stopped
|
|
env_file: .sheetable.env
|
|
networks:
|
|
- traefik-net
|
|
- postgres-net
|
|
depends_on:
|
|
postgresql:
|
|
condition: service_healthy
|
|
secrets:
|
|
- sheetable_api_secret
|
|
- sheetable_admin_email
|
|
- sheetable_admin_password
|
|
- sheetable_postgresql_database
|
|
- sheetable_postgresql_password
|
|
- sheetable_postgresql_username
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-net
|
|
#
|
|
# http middlewares
|
|
# ---------------------------
|
|
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.scheme=https"
|
|
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.permanent=true"
|
|
#
|
|
# http services
|
|
# -------------
|
|
- "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}"
|
|
#
|
|
# http routers
|
|
# ------------
|
|
# limit router to web ":80" entrypoint
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# attach middlewares to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=${APPLICATION_NAME}-https-redirect"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc"
|
|
#
|
|
# limit router to websecure ":443" entrypoint
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# set router to be dedicated to secure requests only for the host specified in match criteria
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true"
|
|
# generate certificates using following certresolver
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=sthomeresolver"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc"
|
|
|
|
postgresql:
|
|
image: postgres:16-alpine
|
|
hostname: "${APPLICATION_NAME}_postgresql"
|
|
shm_size: 128mb # https://hub.docker.com/_/postgres
|
|
restart: unless-stopped
|
|
env_file: .postgresql.env
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
|
|
start_period: 20s
|
|
interval: 30s
|
|
retries: 5
|
|
timeout: 5s
|
|
networks:
|
|
postgres-net:
|
|
aliases: ["sheetable_postgresql"]
|
|
secrets:
|
|
- sheetable_postgresql_database
|
|
- sheetable_postgresql_password
|
|
- sheetable_postgresql_username
|
|
volumes:
|
|
- "${DATADIR}/pgdata:/var/lib/postgresql/data"
|
|
- "${DATADIR}/pgbackups:/mnt/backups"
|
|
|
|
|