blob: febf7fbe0272c84f07d872c0e484f7b3145d023a [file] [log] [blame]
Nico Huber8cd50ee2023-06-24 15:35:16 +00001version: "3"
2services:
3 nginx:
Nico Huber38c14da2023-06-24 16:59:28 +00004 build:
5 context: .
6 dockerfile: nginx/Dockerfile
Nico Huberaa15aee2023-07-01 22:35:45 +00007 args:
8 - SELFSIGNED_REQ_HOST=${SA_PUBLIC_DOMAIN_NAME}
9 - SELFSIGNED_REQ_ALT_NAMES=DNS:${SA_PUBLIC_DOMAIN_NAME},
10 DNS:id.${SA_PUBLIC_DOMAIN_NAME}, DNS:mail.${SA_PUBLIC_DOMAIN_NAME},
11 DNS:review.${SA_PUBLIC_DOMAIN_NAME}
Nico Huberd6528722023-07-01 14:38:39 +000012 env_file: environment
Nico Huber8cd50ee2023-06-24 15:35:16 +000013 ports:
14 - "80:80"
Nico Huber38c14da2023-06-24 16:59:28 +000015 - "443:443"
Nico Huber8cd50ee2023-06-24 15:35:16 +000016 networks:
17 - simpleidnet
Nico Hubera1a296f2023-06-25 10:07:07 +000018 - gerritnet
Nico Huber8cd50ee2023-06-24 15:35:16 +000019 volumes:
Nico Huber15edd772023-07-01 18:16:50 +000020 - ./certbot/www/:/var/www/certbot/:ro
Nico Huberd6528722023-07-01 14:38:39 +000021 - ./simpleid/identities/:/var/db/simpleid-templates/:ro
22 - ./simpleid/www/:/var/www/simpleid/:ro
Nico Huber15edd772023-07-01 18:16:50 +000023 - ./certs/:/etc/nginx/certs/:rw
Nico Huberd6528722023-07-01 14:38:39 +000024 - ./nginx/sa.conf:/etc/nginx/conf.d/sa.conf.template:ro
Nico Huber8cd50ee2023-06-24 15:35:16 +000025 - ./nginx/empty.conf:/etc/nginx/conf.d/default.conf:ro
26 - ./logs/nginx:/var/log/nginx/:rw
27 simpleid:
28 build:
29 context: .
30 dockerfile: simpleid/Dockerfile
Nico Huberd6528722023-07-01 14:38:39 +000031 env_file: environment
Nico Huber8cd50ee2023-06-24 15:35:16 +000032 networks:
33 - simpleidnet
34 volumes:
35 - ./simpleid/cache/:/var/cache/simpleid/:rw
Nico Huberd6528722023-07-01 14:38:39 +000036 - ./simpleid/identities/:/var/db/simpleid-templates/:ro
Nico Huber8cd50ee2023-06-24 15:35:16 +000037 - ./simpleid/store/:/var/lib/simpleid/:rw
Nico Huberd6528722023-07-01 14:38:39 +000038 - ./simpleid/www/:/var/www/simpleid/:ro
Nico Huber8cd50ee2023-06-24 15:35:16 +000039 - ./logs/simpleid/:/var/log/:rw
Nico Hubera1a296f2023-06-25 10:07:07 +000040 gerrit:
41 build:
42 context: .
43 dockerfile: gerrit/Dockerfile
44 env_file: gerrit/environment
45 environment:
46 - HTTPD_LISTEN_URL=proxy-https://*:8080/
47 networks:
48 - gerritnet
49 volumes:
50 - ./logs/gerrit/:/var/gerrit/logs/:rw
51 - ./gerrit/etc/:/var/gerrit/etc/:rw
52 - ./gerrit/db/:/var/gerrit/db/:rw
53 - ./gerrit/git/:/var/gerrit/git/:rw
54 - ./gerrit/index/:/var/gerrit/index/:rw
55 - ./gerrit/cache/:/var/gerrit/cache/:rw
Nico Huber54073102023-06-25 11:36:59 +000056 - ./gerrit/gerrit-oauth-provider.jar:/var/gerrit/plugins/gerrit-oauth-provider.jar:ro
Nico Huber804b41b2023-07-02 15:53:42 +000057 mailserver:
58 image: ghcr.io/docker-mailserver/docker-mailserver:12
59 #container_name: mailserver
60 # Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
61 hostname: mail.${SA_PUBLIC_DOMAIN_NAME}
62 env_file: mail/mailserver.env
63 # More information about the mail-server ports:
64 # https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/
65 # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
66 ports:
67 - "25:25" # SMTP (explicit TLS => STARTTLS)
68 - "143:143" # IMAP4 (explicit TLS => STARTTLS)
69 - "465:465" # ESMTP (implicit TLS)
70 - "587:587" # ESMTP (explicit TLS => STARTTLS)
71 - "993:993" # IMAP4 (implicit TLS)
72 volumes:
73 - ./logs/mail-supervisor/:/var/log/supervisor/:rw
74 - ./logs/mail/:/var/log/mail/:rw
Nico Huber49781a72023-07-02 16:29:22 +000075 - ./certs/:/etc/letsencrypt/:ro
Nico Huber804b41b2023-07-02 15:53:42 +000076 - ./mail/data/:/var/mail/:rw
77 - ./mail/state/:/var/mail-state/:rw
78 - ./mail/config/:/tmp/docker-mailserver/:rw
79 - /etc/localtime:/etc/localtime:ro
80 restart: always
81 stop_grace_period: 1m
82 # Uncomment if using `ENABLE_FAIL2BAN=1`:
83 # cap_add:
84 # - NET_ADMIN
85 healthcheck:
86 test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
87 timeout: 3s
88 retries: 0
Nico Huber8cd50ee2023-06-24 15:35:16 +000089networks:
90 simpleidnet:
91 driver: bridge
Nico Huber4bc2bdd2023-07-01 22:33:36 +000092 ipam:
93 config:
94 - subnet: 10.12.14.16/29
Nico Hubera1a296f2023-06-25 10:07:07 +000095 gerritnet:
96 driver: bridge
Nico Huber4bc2bdd2023-07-01 22:33:36 +000097 ipam:
98 config:
99 - subnet: 10.12.14.24/29