ryuupendragon/docker-compose
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Adding comprehensive comments

Browse Source
This commit is contained in:
Ryuu Pendragon
2025-07-14 12:48:15 +05:30
parent e57dfa763e
commit ff5ae47bef
22 changed files with 683 additions and 329 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
adminer/docker-compose.yml
View File

@@ -1,13 +1,20 @@
# Adminer Database Management Tool Configuration
services:
adminer:
# Basic container configuration
container_name: adminer
image: docker.io/library/adminer:5.3.0
restart: unless-stopped
# Network port configuration
ports:
- ${PORT}:8080
- ${PORT}:8080 # Maps host port to Adminer web interface
# Network configuration
networks:
- backend
- backend # Connects to backend network
# External network definition
networks:
backend:
external: true
external: true # Uses pre-existing backend network

25
forgejo/docker-compose.yml
View File

@@ -1,19 +1,28 @@
# Forgejo Git Service Configuration
services:
forgejo:
# Basic container configuration
container_name: forgejo
image: codeberg.org/forgejo/forgejo:11.0.3-rootless
restart: unless-stopped
user: ${PUID}:${PGID}
user: ${PUID}:${PGID} # Runs as specified user/group
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/forgejo/config:/etc/gitea
- ${APPDATA_PATH}/forgejo/data:/var/lib/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- ${APPDATA_PATH}/forgejo/config:/etc/gitea # Configuration files
- ${APPDATA_PATH}/forgejo/data:/var/lib/gitea # Application data
- /etc/timezone:/etc/timezone:ro # Timezone configuration
- /etc/localtime:/etc/localtime:ro # Local time configuration
# Network port configuration
ports:
- ${SERVER_PORT}:3000
- ${SERVER_PORT}:3000 # Maps host port to Forgejo web interface
# Network configuration
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network

41
gitea-mirror/docker-compose.yml
View File

@@ -1,28 +1,41 @@
# Gitea Mirror Service Configuration
services:
gitea-mirror:
# Basic container configuration
container_name: gitea-mirror
image: ghcr.io/raylabshq/gitea-mirror:v2.22.0
restart: unless-stopped
user: ${PUID}:${PGID}
user: ${PUID}:${PGID} # Runs as specified user/group
# Application environment configuration
environment:
- NODE_ENV=production
- DATABASE_URL=file:data/gitea-mirror.db
- HOST=0.0.0.0
- PORT=4321
- JWT_SECRET=${JWT_SECRET}
- NODE_ENV=production # Runtime environment
- DATABASE_URL=file:data/gitea-mirror.db # SQLite database location
- HOST=0.0.0.0 # Binding address
- PORT=4321 # Internal container port
- JWT_SECRET=${JWT_SECRET} # Authentication secret
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gitea-mirror/data:/app/data
- ${APPDATA_PATH}/gitea-mirror/data:/app/data # Application data storage
# Network port configuration
ports:
- ${PORT}:4321
- ${PORT}:4321 # Maps host port to container
# Network configuration
networks:
- internal
- internal # Connects to internal network
# Health check configuration
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=3", "--spider", "http://localhost:4321/api/health"]
interval: 30s
timeout: 10s
retries: 5
start_period: 15s
interval: 30s # Check interval
timeout: 10s # Check timeout
retries: 5 # Allowed retries
start_period: 15s # Initial delay before checks
# External network definition
networks:
internal:
external: true
external: true # Uses pre-existing internal network

61
gitea-runner/docker-compose-multi.yml
View File

@@ -1,42 +1,61 @@
# Gitea Multiple Actions Runners Configuration
services:
# First Gitea Runner Instance
gitea_runner1:
# Basic container configuration
container_name: gitea_runner1
image: docker.io/gitea/act_runner:0.2.12
restart: unless-stopped
# Runner configuration environment variables
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME1}"
CONFIG_FILE: /config.yaml # Path to configuration file
GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token
GITEA_RUNNER_NAME: "${RUNNER_NAME1}" # Display name for first runner
# Persistent storage and docker socket configuration
volumes:
- ./config.yaml:/config.yaml
- ./data1:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./config.yaml:/config.yaml # Shared configuration file
- ./data1:/data # Dedicated data directory for runner1
- /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs
# Second Gitea Runner Instance
gitea_runner2:
# Basic container configuration
container_name: gitea_runner2
image: docker.io/gitea/act_runner:0.2.12
restart: unless-stopped
# Runner configuration environment variables
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME2}"
CONFIG_FILE: /config.yaml # Path to configuration file
GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token
GITEA_RUNNER_NAME: "${RUNNER_NAME2}" # Display name for second runner
# Persistent storage and docker socket configuration
volumes:
- ./config.yaml:/config.yaml
- ./data2:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./config.yaml:/config.yaml # Shared configuration file
- ./data2:/data # Dedicated data directory for runner2
- /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs
# Third Gitea Runner Instance
gitea_runner3:
# Basic container configuration
container_name: gitea_runner3
image: docker.io/gitea/act_runner:0.2.12
restart: unless-stopped
# Runner configuration environment variables
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME3}"
CONFIG_FILE: /config.yaml # Path to configuration file
GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token
GITEA_RUNNER_NAME: "${RUNNER_NAME3}" # Display name for third runner
# Persistent storage and docker socket configuration
volumes:
- ./config.yaml:/config.yaml
- ./data3:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./config.yaml:/config.yaml # Shared configuration file
- ./data3:/data # Dedicated data directory for runner3
- /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs

20
gitea-runner/docker-compose.yml
View File

@@ -1,14 +1,20 @@
# Gitea Actions Runner Configuration
services:
gitea_runner:
# Basic container configuration
container_name: gitea_runner
image: docker.io/gitea/act_runner:0.2.12
restart: unless-stopped
# Runner configuration environment variables
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME}"
CONFIG_FILE: /config.yaml # Path to configuration file
GITEA_INSTANCE_URL: "${INSTANCE_URL}" # URL of Gitea instance
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}" # Registration token
GITEA_RUNNER_NAME: "${RUNNER_NAME}" # Display name for runner
# Persistent storage and docker socket configuration
volumes:
- ./config.yaml:/config.yaml
- ./data:/data
- /var/run/docker.sock:/var/run/docker.sock
- ./config.yaml:/config.yaml # Runner configuration file
- ./data:/data # Persistent runner data
- /var/run/docker.sock:/var/run/docker.sock # Docker socket for container jobs

62
gitea/docker-compose-mariadb.yml
View File

@@ -1,55 +1,85 @@
# Gitea Git Service with MariaDB Database Configuration
services:
# MariaDB Database Service
gitea_db:
# Basic container configuration
container_name: gitea_db
image: docker.io/library/mariadb:11.8.2
restart: unless-stopped
# Database optimization parameters
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
# Database credentials and configuration
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} # Root password
- MYSQL_USER=${MYSQL_USER} # Gitea database user
- MYSQL_PASSWORD=${MYSQL_PASSWORD} # Gitea user password
- MYSQL_DATABASE=${MYSQL_DATABASE} # Database name for Gitea
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gitea/db:/var/lib/mysql
# Network port configuration
ports:
- ${DB_PORT}:3306
- ${DB_PORT}:3306 # Maps host port to MariaDB
# Network configuration
networks:
- backend
- backend # Connects to backend network
# Health check configuration
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 3
start_period: 10s # Initial delay before checks
interval: 10s # Check interval
timeout: 5s # Check timeout
retries: 3 # Allowed retries
# Gitea Server Service
gitea_server:
# Basic container configuration
container_name: gitea_server
image: docker.io/gitea/gitea:1.24.2-rootless
restart: unless-stopped
# Service dependencies
depends_on:
gitea_db:
condition: service_healthy
user: ${PUID}:${PGID}
condition: service_healthy # Requires healthy database
# Runtime configuration
user: ${PUID}:${PGID} # Runs as specified user/group
# Gitea configuration
environment:
- GITEA__database__DB_TYPE=mysql
- GITEA__database__HOST=gitea_db:3306
- GITEA__database__NAME=${MYSQL_DATABASE}
- GITEA__database__USER=${MYSQL_USER}
- GITEA__database__PASSWD=${MYSQL_PASSWORD}
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gitea/config:/etc/gitea
- ${APPDATA_PATH}/gitea/data:/var/lib/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
# Network port configuration
ports:
- ${SERVER_PORT}:3000
- ${SSH_PORT}:22
# Network configuration
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# Internal network definition
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network
backend:
external: true
external: true # Uses pre-existing backend network

70
gitea/docker-compose.yml
View File

@@ -1,53 +1,79 @@
# Gitea Git Service with PostgreSQL Database Configuration
services:
# PostgreSQL Database Service
gitea_db:
# Basic container configuration
container_name: gitea_db
image: docker.io/library/postgres:17.5
restart: unless-stopped
# Database credentials and configuration
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER} # Database admin username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database admin password
- POSTGRES_DB=${POSTGRES_DB} # Database name for Gitea
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gitea/db:/var/lib/postgresql/data
# Network port configuration
ports:
- ${DB_PORT}:5432
- ${DB_PORT}:5432 # Maps host port to PostgreSQL
# Network configuration
networks:
- backend
- backend # Connects to backend network
# Health check configuration
healthcheck:
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 3
start_period: 10s # Initial delay before checks
interval: 10s # Check interval
timeout: 5s # Check timeout
retries: 3 # Allowed retries
# Gitea Server Service
gitea_server:
# Basic container configuration
container_name: gitea_server
image: docker.io/gitea/gitea:1.24.2-rootless
restart: unless-stopped
# Service dependencies
depends_on:
gitea_db:
condition: service_healthy
user: ${PUID}:${PGID}
condition: service_healthy # Requires healthy database
# Runtime configuration
user: ${PUID}:${PGID} # Runs as specified user/group
environment:
- GITEA__database__DB_TYPE=postgres
- GITEA__database__HOST=gitea_db:5432
- GITEA__database__NAME=${POSTGRES_DB}
- GITEA__database__USER=${POSTGRES_USER}
- GITEA__database__PASSWD=${POSTGRES_PASSWORD}
- GITEA__database__DB_TYPE=postgres # Database type
- GITEA__database__HOST=gitea_db:5432 # Database host
- GITEA__database__NAME=${POSTGRES_DB} # Database name
- GITEA__database__USER=${POSTGRES_USER} # Database username
- GITEA__database__PASSWD=${POSTGRES_PASSWORD} # Database password
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gitea/config:/etc/gitea
- ${APPDATA_PATH}/gitea/data:/var/lib/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
# Network port configuration
ports:
- ${SERVER_PORT}:3000
- ${SSH_PORT}:22
- ${SERVER_PORT}:3000 # Maps host port to Gitea web interface
- ${SSH_PORT}:22 # Maps host port to Gitea SSH
# Network configuration
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network
backend:
external: true
external: true # Uses pre-existing backend network

23
gotify/docker-compose.yml
View File

@@ -1,18 +1,29 @@
# Gotify Push Notification Server Configuration
services:
gotify:
# Basic container configuration
container_name: gotify
image: ghcr.io/gotify/server:2.6.3
restart: unless-stopped
# Application environment configuration
environment:
- TZ=${TZ}
- GOTIFY_REGISTRATION=${GOTIFY_REGISTRATION}
- TZ=${TZ} # Timezone configuration
- GOTIFY_REGISTRATION=${GOTIFY_REGISTRATION} # Allow/disallow new user registration
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/gotify/config:/app/data
- ${APPDATA_PATH}/gotify/config:/app/data # Configuration and database storage
# Network port configuration
ports:
- ${PORT}:80
- ${PORT}:80 # Maps host port to Gotify web interface
# Network configuration
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network

76
healthchecks/docker-compose.yml
View File

@@ -1,39 +1,61 @@
# Healthchecks.io Monitoring Service Configuration
services:
healthchecks:
# Basic container configuration
container_name: healthchecks
image: ghcr.io/linuxserver/healthchecks:3.10.20250705
restart: unless-stopped
# User and system configuration
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- SITE_ROOT=${SITE_ROOT}
- SITE_NAME=${SITE_NAME}
- DEFAULT_FROM_EMAIL=${DEFAULT_FROM_EMAIL}
- EMAIL_HOST=${EMAIL_HOST}
- EMAIL_PORT=${EMAIL_PORT}
- EMAIL_HOST_USER=${EMAIL_HOST_USER}
- EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD}
- EMAIL_USE_TLS=${EMAIL_USE_TLS}
- EMAIL_USE_SSL=${EMAIL_USE_SSL}
- SUPERUSER_EMAIL=${SUPERUSER_EMAIL}
- SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD}
- SECRET_KEY=${SECRET_KEY}
- APPRISE_ENABLED=${APPRISE_ENABLED}
- REGISTRATION_OPEN=${REGISTRATION_OPEN}
- DEBUG=${DEBUG}
- SITE_LOGO_URL=${SITE_LOGO_URL}
- PING_EMAIL_DOMAIN=${PING_EMAIL_DOMAIN}
- DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID}
- DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET}
# System settings
- PUID=${PUID} # User ID
- PGID=${PGID} # Group ID
- TZ=${TZ} # Timezone
# Site configuration
- SITE_ROOT=${SITE_ROOT} # Base URL
- SITE_NAME=${SITE_NAME} # Site display name
- SITE_LOGO_URL=${SITE_LOGO_URL} # Custom logo URL
# Email server configuration
- DEFAULT_FROM_EMAIL=${DEFAULT_FROM_EMAIL} # Sender address
- EMAIL_HOST=${EMAIL_HOST} # SMTP server
- EMAIL_PORT=${EMAIL_PORT} # SMTP port
- EMAIL_HOST_USER=${EMAIL_HOST_USER} # SMTP username
- EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD} # SMTP password
- EMAIL_USE_TLS=${EMAIL_USE_TLS} # Enable TLS
- EMAIL_USE_SSL=${EMAIL_USE_SSL} # Enable SSL
- PING_EMAIL_DOMAIN=${PING_EMAIL_DOMAIN} # Email domain for pings
# Authentication and security
- SUPERUSER_EMAIL=${SUPERUSER_EMAIL} # Admin email
- SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD} # Admin password
- SECRET_KEY=${SECRET_KEY} # Cryptographic secret
- REGISTRATION_OPEN=${REGISTRATION_OPEN} # Allow new registrations
# Integration settings
- APPRISE_ENABLED=${APPRISE_ENABLED} # Enable Apprise notifications
- DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} # Discord integration
- DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} # Discord secret
# Debugging
- DEBUG=${DEBUG} # Debug mode
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/healthchecks/config:/config
- ${APPDATA_PATH}/healthchecks/config:/config # Configuration storage
# Network port configuration
ports:
- ${PORT}:8000
- ${SMTP_PORT}:2525
- ${PORT}:8000 # Web interface port
- ${SMTP_PORT}:2525 # SMTP port for email
# Network configuration
networks:
- frontend
- frontend # Connects to frontend network
# External network configuration
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network

19
homeassistant/docker-compose.yml
View File

@@ -1,16 +1,25 @@
# Home Assistant Smart Home Platform Configuration
services:
homeassistant:
# Basic container configuration
container_name: homeassistant
image: docker.io/homeassistant/home-assistant:2025.7.1
restart: unless-stopped
# Persistent storage and system configuration
volumes:
- ${APPDATA_PATH}/homeassistant/config:/config
- /etc/localtime:/etc/localtime:ro
- ${APPDATA_PATH}/homeassistant/config:/config # Configuration files
- /etc/localtime:/etc/localtime:ro # Sync host timezone
# Network port configuration
ports:
- ${PORT}:8123
- ${PORT}:8123 # Web interface port
# Network configuration
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing frontend network

2
minio/docker-compose.yml
View File

@@ -28,7 +28,7 @@ services:
# Network configuration
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:

140
nextcloud/docker-compose.yml
View File

@@ -1,43 +1,65 @@
# Nextcloud with PostgreSQL and Valkey Configuration
services:
# PostgreSQL Database Service
nextcloud_db:
# Basic container configuration
container_name: nextcloud_db
image: docker.io/library/postgres:17.5
restart: unless-stopped
# Database credentials
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER} # Database username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
- POSTGRES_DB=${POSTGRES_DB} # Database name
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/nextcloud/db:/var/lib/postgresql/data
- ${APPDATA_PATH}/nextcloud/db:/var/lib/postgresql/data # Database files
# Network configuration
ports:
- ${DB_PORT}:5432
- ${DB_PORT}:5432 # PostgreSQL port
networks:
- backend
- backend # Connects to backend network
# Health monitoring
healthcheck:
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
start_period: 10s
interval: 10s
timeout: 5s
retries: 3
start_period: 10s # Initial delay
interval: 10s # Check frequency
timeout: 5s # Timeout duration
retries: 3 # Retry attempts
# Valkey (Redis-compatible) Cache Service
nextcloud_valkey:
# Basic container configuration
container_name: nextcloud_valkey
image: docker.io/valkey/valkey:8.1.3
restart: unless-stopped
command: valkey-server --save 60 1 --requirepass ${VALKEY_PASSWORD}
# Runtime configuration
command: valkey-server --save 60 1 --requirepass ${VALKEY_PASSWORD} # Persistence and auth
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/nextcloud/valkey:/data
- ${APPDATA_PATH}/nextcloud/valkey:/data # Valkey data
# Network configuration
ports:
- ${VALKEY_PORT}:6379
- ${VALKEY_PORT}:6379 # Valkey port
networks:
- backend
- backend # Connects to backend network
# Health monitoring
healthcheck:
test: ["CMD-SHELL", "echo 'auth ${VALKEY_PASSWORD}\nping' | valkey-cli | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
start_period: 20s # Initial delay
interval: 30s # Check frequency
retries: 5 # Retry attempts
timeout: 3s # Timeout duration
# Nextcloud Application Service
nextcloud_app:
image: docker.io/library/nextcloud:31.0.7
container_name: nextcloud_app
@@ -47,51 +69,81 @@ services:
condition: service_healthy
nextcloud_valkey:
condition: service_healthy
# Environment variables
environment:
- POSTGRES_HOST=nextcloud_db:5432
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- REDIS_HOST=nextcloud_valkey
- REDIS_HOST_PORT=6379
- REDIS_HOST_PASSWORD=${VALKEY_PASSWORD}
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT}
- PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT}
- APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP}
# Database configuration
- POSTGRES_HOST=nextcloud_db:5432 # PostgreSQL host and port
- POSTGRES_DB=${POSTGRES_DB} # Database name
- POSTGRES_USER=${POSTGRES_USER} # Database username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
# Redis/Valkey cache configuration
- REDIS_HOST=nextcloud_valkey # Valkey hostname
- REDIS_HOST_PORT=6379 # Valkey port
- REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} # Valkey authentication
# PHP performance tuning
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} # Memory allocation
- PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} # Max upload size
# Security settings
- APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} # IP address handling
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/nextcloud/app:/var/www/html
# Network configuration
ports:
- ${APP_PORT}:80
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# Nextcloud Cron Service
nextcloud_cron:
image: docker.io/library/nextcloud:31.0.7
container_name: nextcloud_cron
restart: unless-stopped
depends_on:
- nextcloud_app
# Entry point
entrypoint: /cron.sh
# Environment variables
environment:
- POSTGRES_HOST=nextcloud_db:5432
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- REDIS_HOST=nextcloud_valkey
- REDIS_HOST_PORT=6379
- REDIS_HOST_PASSWORD=${VALKEY_PASSWORD}
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT}
- PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT}
- APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP}
# Database configuration
- POSTGRES_HOST=nextcloud_db:5432 # PostgreSQL host and port
- POSTGRES_DB=${POSTGRES_DB} # Database name
- POSTGRES_USER=${POSTGRES_USER} # Database username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
# Redis/Valkey cache configuration
- REDIS_HOST=nextcloud_valkey # Valkey hostname
- REDIS_HOST_PORT=6379 # Valkey port
- REDIS_HOST_PASSWORD=${VALKEY_PASSWORD} # Valkey authentication
# PHP performance tuning
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT} # Memory allocation
- PHP_UPLOAD_LIMIT=${PHP_UPLOAD_LIMIT} # Max upload size
# Security settings
- APACHE_DISABLE_REWRITE_IP=${APACHE_DISABLE_REWRITE_IP} # IP address handling
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/nextcloud/app:/var/www/html
# Network configuration
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# External network definitions
networks:
frontend:
external: true
external: true # Uses pre-existing network
backend:
external: true
external: true # Uses pre-existing network

96
opengist/docker-compose-mariadb.yml
View File

@@ -1,58 +1,94 @@
# OpenGist with MariaDB Configuration
services:
# MariaDB Database Service
opengist_db:
# Basic container configuration
container_name: opengist_db
image: docker.io/library/mariadb:11.8.2
restart: unless-stopped
# Database performance tuning
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
# Database credentials
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} # Root password
- MYSQL_USER=${MYSQL_USER} # Application username
- MYSQL_PASSWORD=${MYSQL_PASSWORD} # Application password
- MYSQL_DATABASE=${MYSQL_DATABASE} # Database name
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/opengist/db:/var/lib/mysql
- ${APPDATA_PATH}/opengist/db:/var/lib/mysql # Database files
# Network configuration
ports:
- ${DB_PORT}:3306
- ${DB_PORT}:3306 # MariaDB port
networks:
- backend
- backend # Connects to backend network
# Health monitoring
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
interval: 10s # Check frequency
timeout: 5s # Timeout duration
retries: 3 # Retry attempts
start_period: 10s # Initial delay
# OpenGist Application Service
opengist_server:
# Basic container configuration
container_name: opengist_server
image: ghcr.io/thomiceli/opengist:1.10.0
restart: unless-stopped
# Service dependencies
depends_on:
opengist_db:
condition: service_healthy
condition: service_healthy # Wait for healthy database
# Runtime configuration
environment:
- UID=${UID}
- GID=${GID}
- OG_DB_URI=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@opengist_db:3306/${MYSQL_DATABASE}
- OG_EXTERNAL_URL=${OG_EXTERNAL_URL}
- OG_SECRET_KEY=${OG_SECRET_KEY}
- OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED}
- OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED}
- OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY}
- OG_GITEA_SECRET=${OG_GITEA_SECRET}
- OG_GITEA_URL=${OG_GITEA_URL}
- OG_GITEA_NAME=${OG_GITEA_NAME}
- OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME}
- OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH}
# User and group IDs for file permissions
- UID=${UID} # User ID for file permissions
- GID=${GID} # Group ID for file permissions
# Database connection
- OG_DB_URI=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@opengist_db:3306/${MYSQL_DATABASE} # MariaDB connection string
# Application settings
- OG_EXTERNAL_URL=${OG_EXTERNAL_URL} # Public URL for OpenGist
- OG_SECRET_KEY=${OG_SECRET_KEY} # Encryption key for sessions
# Git protocol configuration
- OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} # Enable HTTP Git access
- OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} # Enable SSH Git access
# Gitea integration
- OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} # OAuth client key
- OG_GITEA_SECRET=${OG_GITEA_SECRET} # OAuth secret
- OG_GITEA_URL=${OG_GITEA_URL} # Gitea instance URL
- OG_GITEA_NAME=${OG_GITEA_NAME} # Gitea application name
# Customization
- OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} # Custom link name
- OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} # Custom link path
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/opengist/data:/opengist
# Network configuration
ports:
- ${SERVER_PORT}:6157
- ${SERVER_PORT}:6157 # Web interface port
- 2222:2222 # SSH port for Git operations
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# External network definitions
networks:
frontend:
external: true
external: true # Uses pre-existing network
backend:
external: true
external: true # Uses pre-existing network

93
opengist/docker-compose.yml
View File

@@ -1,57 +1,90 @@
# OpenGist Git Snippet Service Configuration
services:
# PostgreSQL Database Service
opengist_db:
# Basic container configuration
container_name: opengist_db
image: docker.io/library/postgres:17.5
restart: unless-stopped
# Database credentials
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER} # Database username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
- POSTGRES_DB=${POSTGRES_DB} # Database name
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/opengist/db:/var/lib/postgresql/data
- ${APPDATA_PATH}/opengist/db:/var/lib/postgresql/data # Database files
# Network configuration
ports:
- ${DB_PORT}:5432
- ${DB_PORT}:5432 # PostgreSQL port
networks:
- backend
- backend # Connects to backend network
# Health monitoring
healthcheck:
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
interval: 10s # Check frequency
timeout: 5s # Timeout duration
retries: 3 # Retry attempts
start_period: 10s # Initial delay
# OpenGist Application Service
opengist_server:
# Basic container configuration
container_name: opengist_server
image: ghcr.io/thomiceli/opengist:1.10.0
restart: unless-stopped
# Service dependencies
depends_on:
opengist_db:
condition: service_healthy
condition: service_healthy # Wait for healthy database
# Runtime configuration
environment:
- UID=${UID}
- GID=${GID}
- OG_DB_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@opengist_db:5432/${POSTGRES_DB}
- OG_EXTERNAL_URL=${OG_EXTERNAL_URL}
- OG_SECRET_KEY=${OG_SECRET_KEY}
- OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED}
- OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED}
- OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY}
- OG_GITEA_SECRET=${OG_GITEA_SECRET}
- OG_GITEA_URL=${OG_GITEA_URL}
- OG_GITEA_NAME=${OG_GITEA_NAME}
- OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME}
- OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH}
# User and group IDs for file permissions
- UID=${UID} # User ID for file permissions
- GID=${GID} # Group ID for file permissions
# Database connection
- OG_DB_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@opengist_db:5432/${POSTGRES_DB} # PostgreSQL connection string
# Application settings
- OG_EXTERNAL_URL=${OG_EXTERNAL_URL} # Public URL for OpenGist
- OG_SECRET_KEY=${OG_SECRET_KEY} # Encryption key for sessions
# Git protocol configuration
- OG_HTTP_GIT_ENABLED=${OG_HTTP_GIT_ENABLED} # Enable HTTP Git access
- OG_SSH_GIT_ENABLED=${OG_SSH_GIT_ENABLED} # Enable SSH Git access
# Gitea integration
- OG_GITEA_CLIENT_KEY=${OG_GITEA_CLIENT_KEY} # OAuth client key
- OG_GITEA_SECRET=${OG_GITEA_SECRET} # OAuth secret
- OG_GITEA_URL=${OG_GITEA_URL} # Gitea instance URL
- OG_GITEA_NAME=${OG_GITEA_NAME} # Gitea application name
# Customization
- OG_CUSTOM_STATIC_LINK_0_NAME=${OG_CUSTOM_STATIC_LINK_0_NAME} # Custom link name
- OG_CUSTOM_STATIC_LINK_0_PATH=${OG_CUSTOM_STATIC_LINK_0_PATH} # Custom link path
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/opengist/data:/opengist
# Network configuration
ports:
- ${SERVER_PORT}:6157
- 2222:2222
- ${SERVER_PORT}:6157 # Web interface port
- 2222:2222 # SSH port for Git operations
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# External network definitions
networks:
frontend:
external: true
external: true # Uses pre-existing network
backend:
external: true
external: true # Uses pre-existing network

29
palmr/docker-compose.yml
View File

@@ -1,22 +1,31 @@
# Palmr File Transfer Service Configuration
services:
palmr:
# Basic container configuration
container_name: palmr
image: docker.io/kyantech/palmr:v3.1.1-beta
restart: unless-stopped
# Application settings
environment:
- ENABLE_S3=${ENABLE_S3}
- ENCRYPTION_KEY=${ENCRYPTION_KEY}
- SECURE_SITE=${SECURE_SITE}
- PALMR_UID=${PUID}
- PALMR_GID=${PGID}
- ENABLE_S3=${ENABLE_S3} # Enable/Disable S3-compatible storage backend
- ENCRYPTION_KEY=${ENCRYPTION_KEY} # Data encryption key for security
- SECURE_SITE=${SECURE_SITE} # Enable/Disable HTTPS security features
- PALMR_UID=${PUID} # User ID for proper file permissions
- PALMR_GID=${PGID} # Group ID for proper file permissions
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/palmr/db:/app/server/prisma
- ${DATA_PATH}/palmr/data:/app/server
- ${APPDATA_PATH}/palmr/db:/app/server/prisma # Transfer metadata database
- ${DATA_PATH}/palmr/data:/app/server # File storage directory
# Network configuration
ports:
- ${PORT}:5487
- ${PORT}:5487 # Web interface port
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing network

12
portainer-agent/docker-compose.yml
View File

@@ -1,10 +1,16 @@
# Portainer Agent Configuration
services:
portainer-agent:
# Basic container configuration
container_name: portainer-agent
image: docker.io/portainer/agent:latest
restart: unless-stopped
# System access configuration
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /var/run/docker.sock:/var/run/docker.sock # Docker API access
- /var/lib/docker/volumes:/var/lib/docker/volumes # Volume management
# Network port configuration
ports:
- 9001:9001
- 9001:9001 # Agent communication port

16
portainer/docker-compose.yml
View File

@@ -1,12 +1,18 @@
# Portainer Container Management Configuration
services:
portainer:
# Basic container configuration
container_name: portainer
image: docker.io/portainer/portainer-ee:latest
restart: unless-stopped
# Persistent storage and system access configuration
volumes:
- ./data:/data
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock
- ./data:/data # Portainer configuration and database
- /etc/localtime:/etc/localtime:ro # Sync host timezone
- /var/run/docker.sock:/var/run/docker.sock # Docker API access
# Network ports configuration
ports:
- 8000:8000
- 9443:9443
- 8000:8000 # Edge agent communication port
- 9443:9443 # Web UI HTTPS port

55
radicale/docker-compose.yml
View File

@@ -1,36 +1,53 @@
# Radicale CalDAV/CardDAV Server Configuration
services:
radicale:
# Basic container configuration
container_name: radicale
image: docker.io/tomsquest/docker-radicale:3.5.4.0
restart: unless-stopped
init: true
read_only: true
# Security hardening
init: true # Use init process for proper signal handling
read_only: true # Read-only filesystem for security
# Minimal required capabilities
cap_add:
- CHOWN
- KILL
- SETGID
- SETUID
- CHOWN # Required for file ownership changes
- KILL # Required for process management
- SETGID # Required for group permissions
- SETUID # Required for user permissions
# Security restrictions
cap_drop:
- ALL
- ALL # Drop all capabilities by default
security_opt:
- no-new-privileges:true
- no-new-privileges:true # Prevent privilege escalation
# Resource limits
deploy:
resources:
limits:
memory: 256M
pids: 50
memory: 256M # Memory limit
pids: 50 # Maximum number of processes
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/radicale/data:/data
- ${APPDATA_PATH}/radicale/config:/config:ro
- ${APPDATA_PATH}/radicale/data:/data # Calendar and contact data
- ${APPDATA_PATH}/radicale/config:/config:ro # Read-only configuration
# Network configuration
ports:
- ${PORT}:5232
- ${PORT}:5232 # DAV service port
networks:
- frontend
healthcheck:
test: curl -f http://127.0.0.1:5232 || exit 1
interval: 30s
retries: 3
- frontend # Connects to frontend network
# Health monitoring
healthcheck:
test: curl -f http://127.0.0.1:5232 || exit 1 # Simple HTTP check
interval: 30s # Check every 30 seconds
retries: 3 # Allow 3 failures before marking unhealthy
# External network definition
networks:
frontend:
external: true
external: true # Uses pre-existing network

41
stirling-pdf/docker-compose.yml
View File

@@ -1,26 +1,35 @@
# Stirling PDF Service Configuration
services:
stirling-pdf:
# Basic container configuration
container_name: stirling-pdf
image: ghcr.io/stirling-tools/stirling-pdf:1.0.2-fat
restart: unless-stopped
image: ghcr.io/stirling-tools/stirling-pdf:1.0.2-fat # Full-featured image
restart: unless-stopped # Auto-recover from crashes
# Application settings
environment:
- DISABLE_ADDITIONAL_FEATURES=${DISABLE_ADDITIONAL_FEATURES}
- DOCKER_ENABLE_SECURITY=${DOCKER_ENABLE_SECURITY}
- SECURITY_ENABLELOGIN=${SECURITY_ENABLELOGIN}
- LANGS=${LANGS}
- SHOW_SURVEY=false
- DISABLE_PIXEL=true
- DISABLE_ADDITIONAL_FEATURES=${DISABLE_ADDITIONAL_FEATURES} # Toggle extra features
- DOCKER_ENABLE_SECURITY=${DOCKER_ENABLE_SECURITY} # Enable security restrictions
- SECURITY_ENABLELOGIN=${SECURITY_ENABLELOGIN} # Require authentication
- LANGS=${LANGS} # Supported languages for OCR
- SHOW_SURVEY=false # Disable user surveys
- DISABLE_PIXEL=true # Disable pixel tracking
# Persistent storage configuration
volumes:
- ${APPDATA_DATA}/stirling-pdf/training_data:/usr/share/tessdata
- ${APPDATA_DATA}/stirling-pdf/config:/configs
- ${APPDATA_DATA}/stirling-pdf/custom_files:/customFiles/
- ${APPDATA_DATA}/stirling-pdf/logs:/logs/
- ${APPDATA_DATA}/stirling-pdf/pipeline:/pipeline/
- ${APPDATA_DATA}/stirling-pdf/training_data:/usr/share/tessdata # OCR training data
- ${APPDATA_DATA}/stirling-pdf/config:/configs # Configuration files
- ${APPDATA_DATA}/stirling-pdf/custom_files:/customFiles/ # User uploads
- ${APPDATA_DATA}/stirling-pdf/logs:/logs/ # Application logs
- ${APPDATA_DATA}/stirling-pdf/pipeline:/pipeline/ # Processing pipelines
# Network configuration
ports:
- ${PORT}:8080
- ${PORT}:8080 # Web interface port
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses existing Docker network

23
syncyomi/docker-compose.yml
View File

@@ -1,18 +1,27 @@
# SyncYomi Configuration - Manga/Comic Reader Sync Service
services:
syncyomi:
# Basic container configuration
container_name: syncyomi
image: ghcr.io/syncyomi/syncyomi:v1.1.4
restart: unless-stopped
restart: unless-stopped # Auto-restart on failure
# Application settings
environment:
- TZ=${TZ}
- TZ=${TZ} # Timezone for proper timestamp handling
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/syncyomi/config:/config
- ${APPDATA_PATH}/syncyomi/log:/log
- ${APPDATA_PATH}/syncyomi/config:/config # Configuration files
- ${APPDATA_PATH}/syncyomi/log:/log # Application logs
# Network configuration
ports:
- ${PORT}:8282
- ${PORT}:8282 # Web interface port
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses existing Docker network

17
uptime-kuma/docker-compose.yml
View File

@@ -1,15 +1,22 @@
# Uptime Kuma Configuration - Status Monitoring Service
services:
uptime-kuma:
# Basic container configuration
container_name: uptime-kuma
image: docker.io/louislam/uptime-kuma:1.23.16
restart: unless-stopped
restart: unless-stopped # Auto-recover from crashes
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/uptime-kuma/config:/app/data
- ${APPDATA_PATH}/uptime-kuma/config:/app/data # Monitoring configuration and data
# Network configuration
ports:
- ${PORT}:3001
- ${PORT}:3001 # Web dashboard port
networks:
- frontend
- frontend # Connects to frontend network
# External network definition
networks:
frontend:
external: true
external: true # Uses existing Docker network

78
vaultwarden/docker-compose.yml
View File

@@ -1,53 +1,71 @@
# Vaultwarden Configuration - (Bitwarden-compatible) Password Manager
services:
vaultwarden_db:
# PostgreSQL Database Configuration
container_name: vaultwarden_db
image: docker.io/library/postgres:17.5
restart: unless-stopped
restart: unless-stopped # Auto-recover from crashes
# Database credentials
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_USER=${POSTGRES_USER} # Database username
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
- POSTGRES_DB=${POSTGRES_DB} # Database name
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/vaultwarden/db:/var/lib/postgresql/data
- ${APPDATA_PATH}/vaultwarden/db:/var/lib/postgresql/data # Database files
# Network configuration
ports:
- ${DB_PORT}:5432
- ${DB_PORT}:5432 # PostgreSQL default port
networks:
- backend
- backend # Connects to backend network
# Health monitoring
healthcheck:
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
interval: 30s
timeout: 5s
retries: 5
start_period: 20s
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] # Connection check
interval: 30s # Check every 30 seconds
timeout: 5s # Maximum check duration
retries: 5 # Allow 5 failures before marking unhealthy
start_period: 20s # Initial grace period
vaultwarden_server:
container_name: vaultwarden_server
image: ghcr.io/dani-garcia/vaultwarden:1.34.1
restart: unless-stopped
# Container configuration
image: ghcr.io/dani-garcia/vaultwarden:1.34.1 # Official Vaultwarden image
restart: unless-stopped # Auto-restart on failure
depends_on:
vaultwarden_db:
condition: service_healthy
condition: service_healthy # Wait for healthy database
# Application settings
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@vaultwarden_db:5432/${POSTGRES_DB}
- WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED}
- LOG_FILE=/data/vaultwarden.log
- PUID=${PUID} # User ID for file permissions
- PGID=${PGID} # Group ID for file permissions
- TZ=${TZ} # Timezone configuration
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@vaultwarden_db:5432/${POSTGRES_DB} # DB connection
- WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED} # Real-time updates
- LOG_FILE=/data/vaultwarden.log # Log file location
# Uncomment and set these only on first run
# - DOMAIN=${DOMAIN}
# - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED}
# - ADMIN_TOKEN=${ADMIN_TOKEN}
# - DOMAIN=${DOMAIN} # Domain Name
# - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} # User registration
# - ADMIN_TOKEN=${ADMIN_TOKEN} # Admin interface access token
# Persistent storage configuration
volumes:
- ${APPDATA_PATH}/vaultwarden/data:/data
- ${APPDATA_PATH}/vaultwarden/data:/data # Vault data storage
# Network configuration
ports:
- ${SERVER_PORT}:80
- ${SERVER_PORT}:80 # Web interface port
networks:
- frontend
- backend
- frontend # Connects to frontend network
- backend # Connects to backend network
# External network definitions
networks:
frontend:
external: true
external: true # Uses existing frontend network
backend:
external: true
external: true # Uses existing backend network