Antonio Mika
·
2025-03-07
docker-compose.prod.yml
1services:
2 postgres:
3 env_file:
4 - .env.prod
5 volumes:
6 - ./data/postgres-data:/var/lib/postgresql/data
7 ports:
8 - "5432:5432"
9 command: -N 1024 -B 4096MB
10 minio-caddy:
11 image: ghcr.io/picosh/pico/caddy:latest
12 restart: always
13 env_file:
14 - .env.prod
15 environment:
16 APP_DOMAIN: pico.sh
17 APP_EMAIL: ${MINIO_EMAIL:-hello@pico.sh}
18 volumes:
19 - ${MINIO_CADDYFILE}:/etc/caddy/Caddyfile
20 - ./data/minio-caddy/data:/data
21 - ./data/minio-caddy/config:/config
22 ports:
23 - "80:80"
24 - "443:443"
25 profiles:
26 - db
27 - all
28 minio:
29 env_file:
30 - .env.prod
31 volumes:
32 - ./data/minio-data:/data
33 pipemgr:
34 env_file:
35 - .env.prod
36 volumes:
37 - ./data/pipemgr/data/term_info_ed25519:/key:ro
38 imgproxy:
39 env_file:
40 - .env.prod
41 volumes:
42 - ./data/imgs-storage/data:/storage/imgs
43 - ./data/pgs-storage/data:/storage/pgs
44 pastes-caddy:
45 image: ghcr.io/picosh/pico/caddy:latest
46 restart: always
47 networks:
48 - pastes
49 env_file:
50 - .env.prod
51 environment:
52 APP_DOMAIN: ${PASTES_DOMAIN:-pastes.sh}
53 APP_EMAIL: ${PASTES_EMAIL:-hello@pico.sh}
54 volumes:
55 - ${PASTES_CADDYFILE}:/etc/caddy/Caddyfile
56 - ./data/pastes-caddy/data:/data
57 - ./data/pastes-caddy/config:/config
58 ports:
59 - "${PASTES_HTTPS_V4:-443}:443"
60 - "${PASTES_HTTP_V4:-80}:80"
61 - "${PASTES_HTTPS_V6:-[::1]:443}:443"
62 - "${PASTES_HTTP_V6:-[::1]:80}:80"
63 profiles:
64 - pastes
65 - caddy
66 - all
67 pastes-web:
68 dns: 1.1.1.1
69 networks:
70 pastes:
71 aliases:
72 - web
73 env_file:
74 - .env.prod
75 volumes:
76 - ./data/pastes-ssh/data:/app/ssh_data
77 pastes-ssh:
78 networks:
79 pastes:
80 aliases:
81 - ssh
82 env_file:
83 - .env.prod
84 volumes:
85 - ./data/pastes-ssh/data:/app/ssh_data
86 ports:
87 - "${PASTES_SSH_V4:-22}:2222"
88 - "${PASTES_SSH_V6:-[::1]:22}:2222"
89 pipe-caddy:
90 image: ghcr.io/picosh/pico/caddy:latest
91 restart: always
92 networks:
93 - pipe
94 env_file:
95 - .env.prod
96 environment:
97 APP_DOMAIN: ${PIPE_DOMAIN:-pipe.pico.sh}
98 APP_EMAIL: ${PIPE_EMAIL:-hello@pico.sh}
99 volumes:
100 - ${PIPE_CADDYFILE}:/etc/caddy/Caddyfile
101 - ./data/pipe-caddy/data:/data
102 - ./data/pipe-caddy/config:/config
103 ports:
104 - "${PIPE_HTTPS_V4:-443}:443"
105 - "${PIPE_HTTP_V4:-80}:80"
106 - "${PIPE_HTTPS_V6:-[::1]:443}:443"
107 - "${PIPE_HTTP_V6:-[::1]:80}:80"
108 profiles:
109 - pipe
110 - caddy
111 - all
112 pipe-web:
113 networks:
114 pipe:
115 aliases:
116 - web
117 env_file:
118 - .env.prod
119 volumes:
120 - ./data/pipe-ssh/data:/app/ssh_data
121 pipe-ssh:
122 networks:
123 pipe:
124 aliases:
125 - ssh
126 env_file:
127 - .env.prod
128 volumes:
129 - ./data/pipe-ssh/data:/app/ssh_data
130 ports:
131 - "${PIPE_SSH_V4:-22}:2222"
132 - "${PIPE_SSH_V6:-[::1]:22}:2222"
133 prose-caddy:
134 image: ghcr.io/picosh/pico/caddy:latest
135 restart: always
136 networks:
137 - prose
138 env_file:
139 - .env.prod
140 environment:
141 APP_DOMAIN: ${PROSE_DOMAIN:-prose.sh}
142 APP_EMAIL: ${PROSE_EMAIL:-hello@pico.sh}
143 volumes:
144 - ${PROSE_CADDYFILE}:/etc/caddy/Caddyfile
145 - ./data/prose-caddy/data:/data
146 - ./data/prose-caddy/config:/config
147 labels:
148 pipemgr.enable: true
149 pipemgr.filter: "http.log.access"
150 depends_on:
151 pipemgr:
152 condition: service_healthy
153 ports:
154 - "${PROSE_HTTPS_V4:-443}:443"
155 - "${PROSE_HTTP_V4:-80}:80"
156 - "${PROSE_HTTPS_V6:-[::1]:443}:443"
157 - "${PROSE_HTTP_V6:-[::1]:80}:80"
158 profiles:
159 - prose
160 - caddy
161 - all
162 prose-web:
163 dns: 1.1.1.1
164 networks:
165 prose:
166 aliases:
167 - web
168 env_file:
169 - .env.prod
170 volumes:
171 - ./data/prose-ssh/data:/app/ssh_data
172 prose-ssh:
173 networks:
174 prose:
175 aliases:
176 - ssh
177 env_file:
178 - .env.prod
179 volumes:
180 - ./data/prose-ssh/data:/app/ssh_data
181 ports:
182 - "${PROSE_SSH_V4:-22}:2222"
183 - "${PROSE_SSH_V6:-[::1]:22}:2222"
184 pgs-caddy:
185 image: ghcr.io/picosh/pico/caddy:latest
186 restart: always
187 networks:
188 - pgs
189 env_file:
190 - .env.prod
191 environment:
192 APP_DOMAIN: ${PGS_DOMAIN:-pgs.sh}
193 APP_EMAIL: ${PGS_EMAIL:-hello@pico.sh}
194 volumes:
195 - ${PGS_CADDYFILE}:/etc/caddy/Caddyfile
196 - ./data/pgs-caddy/data:/data
197 - ./data/pgs-caddy/config:/config
198 ports:
199 - "${PGS_HTTPS_V4:-443}:443"
200 - "${PGS_HTTP_V4:-80}:80"
201 - "${PGS_HTTPS_V6:-[::1]:443}:443"
202 - "${PGS_HTTP_V6:-[::1]:80}:80"
203 labels:
204 pipemgr.enable: true
205 pipemgr.filter: "http.log.access"
206 depends_on:
207 pipemgr:
208 condition: service_healthy
209 profiles:
210 - pgs
211 - caddy
212 - all
213 pgs-web:
214 dns: 1.1.1.1
215 networks:
216 pgs:
217 aliases:
218 - web
219 env_file:
220 - .env.prod
221 volumes:
222 - ./data/storage/data:/app/.storage
223 - ./data/pgs-ssh/data:/app/ssh_data
224 deploy:
225 resources:
226 limits:
227 memory: 3g
228 pgs-ssh:
229 networks:
230 pgs:
231 aliases:
232 - ssh
233 env_file:
234 - .env.prod
235 volumes:
236 - ./data/storage/data:/app/.storage
237 - ./data/pgs-ssh/data:/app/ssh_data
238 - ./data/tmp:/tmp
239 ports:
240 - "${PGS_SSH_V4:-22}:2222"
241 - "${PGS_SSH_V6:-[::1]:22}:2222"
242 deploy:
243 resources:
244 limits:
245 memory: 3g
246 feeds-caddy:
247 image: ghcr.io/picosh/pico/caddy:latest
248 restart: always
249 networks:
250 - feeds
251 env_file:
252 - .env.prod
253 environment:
254 APP_DOMAIN: ${FEEDS_DOMAIN:-feeds.pico.sh}
255 APP_EMAIL: ${FEEDS_EMAIL:-hello@pico.sh}
256 volumes:
257 - ${FEEDS_CADDYFILE}:/etc/caddy/Caddyfile
258 - ./data/feeds-caddy/data:/data
259 - ./data/feeds-caddy/config:/config
260 ports:
261 - "${FEEDS_HTTPS_V4:-443}:443"
262 - "${FEEDS_HTTP_V4:-80}:80"
263 - "${FEEDS_HTTPS_V6:-[::1]:443}:443"
264 - "${FEEDS_HTTP_V6:-[::1]:80}:80"
265 profiles:
266 - feeds
267 - caddy
268 - all
269 feeds-web:
270 networks:
271 feeds:
272 aliases:
273 - web
274 env_file:
275 - .env.prod
276 volumes:
277 - ./data/feeds-ssh/data:/app/ssh_data
278 feeds-ssh:
279 networks:
280 feeds:
281 aliases:
282 - ssh
283 env_file:
284 - .env.prod
285 volumes:
286 - ./data/feeds-ssh/data:/app/ssh_data
287 ports:
288 - "${FEEDS_SSH_V4:-22}:2222"
289 - "${FEEDS_SSH_V6:-[::1]:22}:2222"
290 pico-caddy:
291 image: ghcr.io/picosh/pico/caddy:latest
292 restart: always
293 networks:
294 - pico
295 env_file:
296 - .env.prod
297 environment:
298 APP_DOMAIN: ${PICO_DOMAIN:-pico.sh}
299 APP_EMAIL: ${PICO_EMAIL:-hello@pico.sh}
300 volumes:
301 - ${PICO_CADDYFILE}:/etc/caddy/Caddyfile
302 - ./data/pico-caddy/data:/data
303 - ./data/pico-caddy/config:/config
304 ports:
305 - "${PICO_HTTPS_V4:-443}:443"
306 - "${PICO_HTTP_V4:-80}:80"
307 - "${PICO_HTTPS_V6:-[::1]:443}:443"
308 - "${PICO_HTTP_V6:-[::1]:80}:80"
309 profiles:
310 - pico
311 - caddy
312 - all
313 pico-ssh:
314 networks:
315 pico:
316 aliases:
317 - ssh
318 env_file:
319 - .env.prod
320 volumes:
321 - ./data/pico-ssh/data:/app/ssh_data
322 ports:
323 - "${PICO_SSH_V4:-22}:2222"
324 - "${PICO_SSH_V6:-[::1]:22}:2222"
325
326networks:
327 default:
328 enable_ipv6: true
329 ipam:
330 driver: default
331 config:
332 - subnet: "172.101.0.0/24"
333 - subnet: fd00:dead:beef:101::/112
334 prose:
335 enable_ipv6: true
336 driver_opts:
337 com.docker.network.bridge.name: prose
338 ipam:
339 config:
340 - subnet: 172.18.0.0/16
341 - subnet: fd00:dead:beef:18::/112
342 pastes:
343 enable_ipv6: true
344 driver_opts:
345 com.docker.network.bridge.name: pastes
346 ipam:
347 config:
348 - subnet: 172.19.0.0/16
349 - subnet: fd00:dead:beef:19::/112
350 feeds:
351 enable_ipv6: true
352 driver_opts:
353 com.docker.network.bridge.name: feeds
354 ipam:
355 config:
356 - subnet: 172.22.0.0/16
357 - subnet: fd00:dead:beef:22::/112
358 pgs:
359 enable_ipv6: true
360 driver_opts:
361 com.docker.network.bridge.name: pgs
362 ipam:
363 config:
364 - subnet: 172.23.0.0/16
365 - subnet: fd00:dead:beef:23::/112
366 pico:
367 enable_ipv6: true
368 driver_opts:
369 com.docker.network.bridge.name: pico
370 ipam:
371 config:
372 - subnet: 172.25.0.0/16
373 - subnet: fd00:dead:beef:25::/112
374 pipe:
375 enable_ipv6: true
376 driver_opts:
377 com.docker.network.bridge.name: pipe
378 ipam:
379 config:
380 - subnet: 172.27.0.0/16
381 - subnet: fd00:dead:beef:27::/112