--- version: "3.8" services: nginx: image: nginx:1.19.2 networks: - proxy - app volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - app-data:/var/www/peertube/storage:ro - app-assets:/var/www/peertube/peertube-latest/client/dist:ro - nginx-tmp:/var/lib/nginx/client-tmp:rw - nginx-cache:/var/cache/nginx/peertube-media-cache:rw configs: - source: nginx_config target: /etc/nginx/conf.d/default.conf deploy: restart_policy: condition: on-failure labels: - "traefik.enable=true" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" ## Redirect from EXTRA_DOMAINS to DOMAIN #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" depends_on: - app healthcheck: test: ["CMD", "curl", "-f", "http://localhost"] interval: 30s timeout: 10s retries: 10 start_period: 10s app: image: chocobozzz/peertube:v3.1.0-rc.1-buster environment: PEERTUBE_WEBSERVER_HOSTNAME: ${DOMAIN} PEERTUBE_DB_HOSTNAME: db PEERTUBE_DB_USERNAME: peertube PEERTUBE_DB_PASSWORD_FILE: /run/secrets/db_password PEERTUBE_REDIS_HOSTNAME: redis PEERTUBE_TRUST_PROXY: '["127.0.0.1", "loopback", "172.16.0.0/12", "10.0.0.0/8"]' volumes: - app-data:/data - app-config:/config - app-assets:/app/client/dist secrets: - db_password configs: - source: entrypoint_conf target: /docker-entrypoint.sh mode: 0555 entrypoint: /docker-entrypoint.sh networks: app: postfix_smtp: redis: db: depends_on: - db - redis healthcheck: test: ["CMD", "curl", "-f", "http://localhost:9000"] interval: 30s timeout: 10s retries: 10 start_period: 1m db: image: postgres:10-alpine environment: POSTGRES_USER: peertube POSTGRES_PASSWORD_FILE: /run/secrets/db_password POSTGRES_DB: peertube secrets: - db_password volumes: - postgres-data:/var/lib/postgresql/data networks: db: redis: image: redis:4-alpine volumes: - redis-data:/data networks: redis: networks: proxy: external: true app: driver: overlay attachable: true redis: driver: overlay attachable: true db: driver: overlay attachable: true volumes: app-data: app-config: app-assets: nginx-tmp: nginx-cache: postgres-data: redis-data: configs: nginx_config: name: ${STACK_NAME}_nginx_config_${NGINX_CONFIG_VERSION} file: nginx.conf.tmpl template_driver: golang app_entrypoint: name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION} file: entrypoint.sh secrets: db_password: external: true name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}