--- version: "3.8" services: web: image: nginx:1.19.2 networks: - proxy - internal environment: - NGINX_WEBSEED_CDN_ENABLE - NGINX_WEBSEED_CDN_URI - NGINX_WEBSEED_PROXY_ENABLE - NGINX_WEBSEED_PROXY_URI volumes: - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - app-data:/var/www/peertube/storage:ro - app-assets:/var/www/peertube/peertube-latest/client/dist:ro - nginx-tmp:/var/lib/nginx/client-tmp:rw - nginx-cache:/var/cache/nginx/peertube-media-cache:rw configs: - source: nginx_config target: /etc/nginx/conf.d/default.conf deploy: restart_policy: condition: on-failure labels: - "traefik.enable=true" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" healthcheck: test: ["CMD", "curl", "-f", "http://localhost"] interval: 30s timeout: 10s retries: 10 start_period: 10s app: image: chocobozzz/peertube:v3.1.0-buster environment: - PEERTUBE_ADMIN_EMAIL - PEERTUBE_DB_HOSTNAME: db - PEERTUBE_DB_PASSWORD_FILE: /run/secrets/db_password - PEERTUBE_DB_USERNAME: peertube - PEERTUBE_REDIS_HOSTNAME: cache - PEERTUBE_SIGNUP_ENABLED - PEERTUBE_TRANSCODING_ENABLED - PEERTUBE_TRUST_PROXY: '["127.0.0.1", "loopback", "172.16.0.0/12", "10.0.0.0/8"]' - PEERTUBE_WEBSERVER_HOSTNAME: "${DOMAIN}" - PEERTUBE_WEBSERVER_HTTPS - PEERTUBE_WEBSERVER_PORT volumes: - app-data:/data - app-config:/config - app-assets:/app/client/dist secrets: - db_password configs: - source: entrypoint_conf target: /docker-entrypoint.sh mode: 0555 entrypoint: /docker-entrypoint.sh networks: - internal healthcheck: test: ["CMD", "curl", "-f", "http://localhost:9000"] interval: 30s timeout: 10s retries: 10 start_period: 1m db: image: postgres:10-alpine environment: POSTGRES_USER: peertube POSTGRES_PASSWORD_FILE: /run/secrets/db_password POSTGRES_DB: peertube secrets: - db_password volumes: - postgres-data:/var/lib/postgresql/data networks: - internal cache: image: redis:4-alpine volumes: - redis-data:/data networks: - internal networks: internal: proxy: external: true volumes: app-data: app-config: app-assets: nginx-tmp: nginx-cache: postgres-data: redis-data: configs: nginx_config: name: ${STACK_NAME}_nginx_config_${NGINX_CONFIG_VERSION} file: nginx.conf.tmpl template_driver: golang app_entrypoint: name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION} file: entrypoint.sh secrets: db_password: external: true name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}