Eric Bower
·
2025-06-23
docker-compose.prod.yml
1services:
2 postgres:
3 env_file:
4 - .env.prod
5 volumes:
6 - ./data/postgres-data:/var/lib/postgresql/data
7 ports:
8 - "5432:5432"
9 command: -N 1024 -B 4096MB
10 minio-caddy:
11 image: ghcr.io/picosh/pico/caddy:latest
12 restart: always
13 env_file:
14 - .env.prod
15 environment:
16 APP_DOMAIN: pico.sh
17 APP_EMAIL: ${MINIO_EMAIL:-hello@pico.sh}
18 volumes:
19 - ${MINIO_CADDYFILE}:/etc/caddy/Caddyfile
20 - ./data/minio-caddy/data:/data
21 - ./data/minio-caddy/config:/config
22 ports:
23 - "80:80"
24 - "443:443"
25 profiles:
26 - db
27 - all
28 minio:
29 env_file:
30 - .env.prod
31 volumes:
32 - ./data/minio-data:/data
33 pipemgr:
34 env_file:
35 - .env.prod
36 volumes:
37 - ./data/pipemgr/data/term_info_ed25519:/key:ro
38 logging:
39 driver: "json-file"
40 options:
41 max-file: "3"
42 max-size: "1024m"
43 imgproxy:
44 env_file:
45 - .env.prod
46 volumes:
47 - ./data/storage:/storage
48 networks:
49 prose:
50 pgs:
51 auth-web:
52 logging:
53 driver: "json-file"
54 options:
55 max-file: "3"
56 max-size: "1024m"
57 pastes-caddy:
58 image: ghcr.io/picosh/pico/caddy:latest
59 restart: always
60 networks:
61 - pastes
62 env_file:
63 - .env.prod
64 environment:
65 APP_DOMAIN: ${PASTES_DOMAIN:-pastes.sh}
66 APP_EMAIL: ${PASTES_EMAIL:-hello@pico.sh}
67 volumes:
68 - ${PASTES_CADDYFILE}:/etc/caddy/Caddyfile
69 - ./data/pastes-caddy/data:/data
70 - ./data/pastes-caddy/config:/config
71 ports:
72 - "${PASTES_HTTPS_V4:-443}:443"
73 - "${PASTES_HTTP_V4:-80}:80"
74 - "${PASTES_HTTPS_V6:-[::1]:443}:443"
75 - "${PASTES_HTTP_V6:-[::1]:80}:80"
76 profiles:
77 - pastes
78 - caddy
79 - all
80 pastes-web:
81 dns: 1.1.1.1
82 networks:
83 pastes:
84 aliases:
85 - web
86 env_file:
87 - .env.prod
88 volumes:
89 - ./data/pastes-ssh/data:/app/ssh_data
90 pastes-ssh:
91 networks:
92 pastes:
93 aliases:
94 - ssh
95 env_file:
96 - .env.prod
97 volumes:
98 - ./data/pastes-ssh/data:/app/ssh_data
99 ports:
100 - "${PASTES_SSH_V4:-22}:2222"
101 - "${PASTES_SSH_V6:-[::1]:22}:2222"
102 pipe-caddy:
103 image: ghcr.io/picosh/pico/caddy:latest
104 restart: always
105 networks:
106 - pipe
107 env_file:
108 - .env.prod
109 environment:
110 APP_DOMAIN: ${PIPE_DOMAIN:-pipe.pico.sh}
111 APP_EMAIL: ${PIPE_EMAIL:-hello@pico.sh}
112 volumes:
113 - ${PIPE_CADDYFILE}:/etc/caddy/Caddyfile
114 - ./data/pipe-caddy/data:/data
115 - ./data/pipe-caddy/config:/config
116 ports:
117 - "${PIPE_HTTPS_V4:-443}:443"
118 - "${PIPE_HTTP_V4:-80}:80"
119 - "${PIPE_HTTPS_V6:-[::1]:443}:443"
120 - "${PIPE_HTTP_V6:-[::1]:80}:80"
121 profiles:
122 - pipe
123 - caddy
124 - all
125 pipe-web:
126 networks:
127 pipe:
128 aliases:
129 - web
130 env_file:
131 - .env.prod
132 volumes:
133 - ./data/pipe-ssh/data:/app/ssh_data
134 pipe-ssh:
135 networks:
136 pipe:
137 aliases:
138 - ssh
139 env_file:
140 - .env.prod
141 volumes:
142 - ./data/pipe-ssh/data:/app/ssh_data
143 ports:
144 - "${PIPE_SSH_V4:-22}:2222"
145 - "${PIPE_SSH_V6:-[::1]:22}:2222"
146 prose-caddy:
147 image: ghcr.io/picosh/pico/caddy:latest
148 restart: always
149 networks:
150 - prose
151 env_file:
152 - .env.prod
153 environment:
154 APP_DOMAIN: ${PROSE_DOMAIN:-prose.sh}
155 APP_EMAIL: ${PROSE_EMAIL:-hello@pico.sh}
156 volumes:
157 - ${PROSE_CADDYFILE}:/etc/caddy/Caddyfile
158 - ./data/prose-caddy/data:/data
159 - ./data/prose-caddy/config:/config
160 labels:
161 pipemgr.enable: true
162 pipemgr.filter: "http.log.access"
163 depends_on:
164 pipemgr:
165 condition: service_healthy
166 ports:
167 - "${PROSE_HTTPS_V4:-443}:443"
168 - "${PROSE_HTTP_V4:-80}:80"
169 - "${PROSE_HTTPS_V6:-[::1]:443}:443"
170 - "${PROSE_HTTP_V6:-[::1]:80}:80"
171 profiles:
172 - prose
173 - caddy
174 - all
175 prose-web:
176 dns: 1.1.1.1
177 networks:
178 prose:
179 aliases:
180 - web
181 env_file:
182 - .env.prod
183 volumes:
184 - ./data/prose-ssh/data:/app/ssh_data
185 - ./data/storage:/storage
186 prose-ssh:
187 networks:
188 prose:
189 aliases:
190 - ssh
191 env_file:
192 - .env.prod
193 volumes:
194 - ./data/prose-ssh/data:/app/ssh_data
195 - ./data/storage:/storage
196 ports:
197 - "${PROSE_SSH_V4:-22}:2222"
198 - "${PROSE_SSH_V6:-[::1]:22}:2222"
199 pgs-caddy:
200 image: ghcr.io/picosh/pico/caddy:latest
201 restart: always
202 networks:
203 - pgs
204 env_file:
205 - .env.prod
206 environment:
207 APP_DOMAIN: ${PGS_DOMAIN:-pgs.sh}
208 APP_EMAIL: ${PGS_EMAIL:-hello@pico.sh}
209 volumes:
210 - ${PGS_CADDYFILE}:/etc/caddy/Caddyfile
211 - ./data/pgs-caddy/data:/data
212 - ./data/pgs-caddy/config:/config
213 ports:
214 - "${PGS_HTTPS_V4:-443}:443"
215 - "${PGS_HTTP_V4:-80}:80"
216 - "${PGS_HTTPS_V6:-[::1]:443}:443"
217 - "${PGS_HTTP_V6:-[::1]:80}:80"
218 labels:
219 pipemgr.enable: true
220 pipemgr.filter: "http.log.access"
221 depends_on:
222 pipemgr:
223 condition: service_healthy
224 profiles:
225 - pgs
226 - caddy
227 - all
228 logging:
229 driver: "json-file"
230 options:
231 max-file: "3"
232 max-size: "1024m"
233 pgs-web:
234 dns: 1.1.1.1
235 networks:
236 pgs:
237 aliases:
238 - web
239 env_file:
240 - .env.prod
241 volumes:
242 - ./data/storage:/storage
243 - ./data/pgs-ssh/data:/app/ssh_data
244 deploy:
245 resources:
246 limits:
247 memory: 3g
248 logging:
249 driver: "json-file"
250 options:
251 max-file: "3"
252 max-size: "1024m"
253 pgs-cdn:
254 dns: 1.1.1.1
255 networks:
256 pgs:
257 aliases:
258 - web
259 env_file:
260 - .env.prod
261 volumes:
262 - ./data/pgs-ssh/data:/app/ssh_data
263 deploy:
264 resources:
265 limits:
266 memory: 3g
267 logging:
268 driver: "json-file"
269 options:
270 max-file: "3"
271 max-size: "1024m"
272 pgs-ssh:
273 networks:
274 pgs:
275 aliases:
276 - ssh
277 env_file:
278 - .env.prod
279 volumes:
280 - ./data/storage:/storage
281 - ./data/pgs-ssh/data:/app/ssh_data
282 - ./data/tmp:/tmp
283 ports:
284 - "${PGS_SSH_V4:-22}:2222"
285 - "${PGS_SSH_V6:-[::1]:22}:2222"
286 deploy:
287 resources:
288 limits:
289 memory: 3g
290 logging:
291 driver: "json-file"
292 options:
293 max-file: "3"
294 max-size: "1024m"
295 feeds-caddy:
296 image: ghcr.io/picosh/pico/caddy:latest
297 restart: always
298 networks:
299 - feeds
300 env_file:
301 - .env.prod
302 environment:
303 APP_DOMAIN: ${FEEDS_DOMAIN:-feeds.pico.sh}
304 APP_EMAIL: ${FEEDS_EMAIL:-hello@pico.sh}
305 volumes:
306 - ${FEEDS_CADDYFILE}:/etc/caddy/Caddyfile
307 - ./data/feeds-caddy/data:/data
308 - ./data/feeds-caddy/config:/config
309 ports:
310 - "${FEEDS_HTTPS_V4:-443}:443"
311 - "${FEEDS_HTTP_V4:-80}:80"
312 - "${FEEDS_HTTPS_V6:-[::1]:443}:443"
313 - "${FEEDS_HTTP_V6:-[::1]:80}:80"
314 profiles:
315 - feeds
316 - caddy
317 - all
318 feeds-web:
319 networks:
320 feeds:
321 aliases:
322 - web
323 env_file:
324 - .env.prod
325 volumes:
326 - ./data/feeds-ssh/data:/app/ssh_data
327 logging:
328 driver: "json-file"
329 options:
330 max-file: "3"
331 max-size: "1024m"
332 feeds-ssh:
333 networks:
334 feeds:
335 aliases:
336 - ssh
337 env_file:
338 - .env.prod
339 volumes:
340 - ./data/feeds-ssh/data:/app/ssh_data
341 ports:
342 - "${FEEDS_SSH_V4:-22}:2222"
343 - "${FEEDS_SSH_V6:-[::1]:22}:2222"
344 logging:
345 driver: "json-file"
346 options:
347 max-file: "3"
348 max-size: "1024m"
349 pico-caddy:
350 image: ghcr.io/picosh/pico/caddy:latest
351 restart: always
352 networks:
353 - pico
354 env_file:
355 - .env.prod
356 environment:
357 APP_DOMAIN: ${PICO_DOMAIN:-pico.sh}
358 APP_EMAIL: ${PICO_EMAIL:-hello@pico.sh}
359 volumes:
360 - ${PICO_CADDYFILE}:/etc/caddy/Caddyfile
361 - ./data/pico-caddy/data:/data
362 - ./data/pico-caddy/config:/config
363 ports:
364 - "${PICO_HTTPS_V4:-443}:443"
365 - "${PICO_HTTP_V4:-80}:80"
366 - "${PICO_HTTPS_V6:-[::1]:443}:443"
367 - "${PICO_HTTP_V6:-[::1]:80}:80"
368 profiles:
369 - pico
370 - caddy
371 - all
372 logging:
373 driver: "json-file"
374 options:
375 max-file: "3"
376 max-size: "1024m"
377 pico-ssh:
378 networks:
379 pico:
380 aliases:
381 - ssh
382 env_file:
383 - .env.prod
384 volumes:
385 - ./data/pico-ssh/data:/app/ssh_data
386 ports:
387 - "${PICO_SSH_V4:-22}:2222"
388 - "${PICO_SSH_V6:-[::1]:22}:2222"
389
390networks:
391 default:
392 enable_ipv6: true
393 ipam:
394 driver: default
395 config:
396 - subnet: "172.101.0.0/24"
397 - subnet: fd00:dead:beef:101::/112
398 prose:
399 enable_ipv6: true
400 driver_opts:
401 com.docker.network.bridge.name: prose
402 ipam:
403 config:
404 - subnet: 172.30.0.0/16
405 - subnet: fd00:dead:beef:18::/112
406 pastes:
407 enable_ipv6: true
408 driver_opts:
409 com.docker.network.bridge.name: pastes
410 ipam:
411 config:
412 - subnet: 172.19.0.0/16
413 - subnet: fd00:dead:beef:19::/112
414 feeds:
415 enable_ipv6: true
416 driver_opts:
417 com.docker.network.bridge.name: feeds
418 ipam:
419 config:
420 - subnet: 172.22.0.0/16
421 - subnet: fd00:dead:beef:22::/112
422 pgs:
423 enable_ipv6: true
424 driver_opts:
425 com.docker.network.bridge.name: pgs
426 ipam:
427 config:
428 - subnet: 172.23.0.0/16
429 - subnet: fd00:dead:beef:23::/112
430 pico:
431 enable_ipv6: true
432 driver_opts:
433 com.docker.network.bridge.name: pico
434 ipam:
435 config:
436 - subnet: 172.25.0.0/16
437 - subnet: fd00:dead:beef:25::/112
438 pipe:
439 enable_ipv6: true
440 driver_opts:
441 com.docker.network.bridge.name: pipe
442 ipam:
443 config:
444 - subnet: 172.27.0.0/16
445 - subnet: fd00:dead:beef:27::/112