TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c831770ac8
docker-apps/photoview/stacks/compose.yml
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

132 lines
5.4 KiB
YAML
Raw Blame History

# https://github.com/photoview/photoview/blob/master/docker-compose%20example/docker-compose.example.yml
#
secrets:
photoview_postgresql_password:
file: "${SECRETSDIR}/photoview_postgresql_password"
photoview_postgresql_database:
file: "${SECRETSDIR}/photoview_postgresql_database"
photoview_postgresql_username:
file: "${SECRETSDIR}/photoview_postgresql_username"
photoview_database_url:
file: "${SECRETSDIR}/photoview_database_url"
networks:
traefik-net:
external: true
postgres-net:
external: true
services:
photoview:
image: photoview/photoview:latest
hostname: "${APPLICATION_NAME}"
env_file: .photoview.env
user: "${PUID}:${MEDIA_PGID}"
networks:
- postgres-net
- traefik-net
secrets:
- photoview_postgresql_database
- photoview_postgresql_password
- photoview_postgresql_username
- photoview_database_url
environment:
# can't get photoview to work with docker secrets; remove when photoview work with docker secrets
- PHOTOVIEW_POSTGRES_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@photoview_postgresql:${POSTGRES_DB_PORT}/${POSTGRES_DB}
#
# for future photoview that supports docker secrets
# - PHOTOVIEW_POSTGRES_URL=postgres://$${POSTGRES_USER}:$${POSTGRES_PASSWORD}@photoview_postgresql:${POSTGRES_DB_PORT}/$${POSTGRES_DB}
# OR as per single PHOTOVIEW_POSTGRES_URL_FILE entry in .photoview.env
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- "${DATADIR}/config:/etc/photoview"
- "${DATADIR}/appdata:/home/photoview"
- "${MEDIADIR}/Pictures/Photos:/photos:ro"
# - "${DATADIR}/backups:/mnt/backups"
restart: unless-stopped
stop_grace_period: 10s
# healthcheck:
# test: [ "CMD", "bash", "-c", "[ $(curl -s -o /dev/null -w '%{http_code}' http://localhost:80/login) == '200' ]" ]
# interval: 1m
# timeout: 2s
# retries: 5
# start_period: 30s
depends_on:
postgresql:
condition: service_healthy
## Security options for some restricted systems
security_opt:
- seccomp:unconfined
- apparmor:unconfined
## Share hardware devices with FFmpeg (optional):
devices:
## Uncomment next devices mappings if they are available in your host system
## Intel QSV
# - "/dev/dri:/dev/dri"
## Nvidia CUDA
- "/dev/nvidia0:/dev/nvidia0"
- "/dev/nvidiactl:/dev/nvidiactl"
- "/dev/nvidia-modeset:/dev/nvidia-modeset"
# - "/dev/nvidia-nvswitchctl:/dev/nvidia-nvswitchctl"
- "/dev/nvidia-uvm:/dev/nvidia-uvm"
- "/dev/nvidia-uvm-tools:/dev/nvidia-uvm-tools"
## Video4Linux Video Encode Device (h264_v4l2m2m)
# - "/dev/video11:/dev/video11"
labels:
- traefik.enable=true
- traefik.docker.network=traefik-net
#
# http middlewares
# ----------------
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.scheme=https" # we have global redirection, but added for good measure
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.permanent=true" # we have global redirection, but added for good measure
#
# http services
# -------------
- "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}"
#
# http routers
# ------------
# limit router to web ":80" entrypoint (Note: web entrypoint http requests are globally redirected to websecure router in traefik.yml)
- "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web"
# set match criteria for router
- "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
# attach middlewares to router
- "traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=${APPLICATION_NAME}-https-redirect"
# assign svc target to router
- "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc"
#
# limit router to websecure ":443" entrypoint
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure"
# set match criteria for router
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
# set router to be dedicated to secure requests only for the host specified in match criteria
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true"
# generate certificates using following certresolver
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=sthomeresolver"
# assign svc target to router
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc"
postgresql:
image: postgres:16-alpine
hostname: "${APPLICATION_NAME}_postgresql"
shm_size: 128mb # https://hub.docker.com/_/postgres
env_file: .postgresql.env
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
networks:
postgres-net:
aliases: ["${APPLICATION_NAME}_postgresql"]
secrets:
- ${APPLICATION_NAME}_postgresql_database
- ${APPLICATION_NAME}_postgresql_password
- ${APPLICATION_NAME}_postgresql_username
volumes:
- "${DATADIR}/pgdata:/var/lib/postgresql/data"
- "${DATADIR}/pgbackups:/mnt/backups"
Reference in New Issue View Git Blame Copy Permalink