Matrix-Mirrors
/
ArcticFoxes-Synapse-Docker-Compose
mirror of https://github.com/ArcticFoxes-net/Synapse-Docker-Compose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ArcticFoxes-Synapse-Docker-.../docker-compose.yml

168 lines
4.1 KiB
YAML
Raw Permalink Blame History

# This compose file is compatible with Compose itself, it might need some
# adjustments to run properly with stack.
version: '3'
services:
synapse:
# Use docker.io/matrixdotorg/synapse:latest if you want the official image (without the Mjolnir module).
image: ghcr.io/tommytran732/synapse:latest
# Since synapse does not retry to connect to the database, restart upon
# failure
container_name: synapse
restart: unless-stopped
# Comment out the next line if you are using the official image.
user: "991:991"
# See the readme for a full documentation of the environment settings
# NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
volumes:
- ./files:/data:Z
# Uncomment if you want to install appservices. The registration files should go into ./bridges, and in your homeserver.yaml specify that it should install the appservices in /bridges.
# - ./bridges:/bridges:Z
depends_on:
- postgres
networks:
- matrix
- postgres
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
#Runtime should always be runc, otherwise load average with gVisor will be extremely high
runtime: runc
postgres:
image: docker.io/postgres-15:alpine
container_name: postgres
restart: unless-stopped
# Change that password, of course!
environment:
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=changeme
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
volumes:
- ./schemas:/var/lib/postgresql/data:Z
networks:
- postgres
healthcheck:
test: ["CMD", "pg_isready", "-U", "synapse"]
interval: 15s
timeout: 5s
#user: "70:70"
#read_only: true
#security_opt:
# - no-new-privileges:true
#cap_drop:
# - ALL
#tmpfs:
# - /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
shm_size: 1g
#Runtime should always be runc, otherwise load average with gVisor will be extremely high
runtime: runc
element:
image: vectorim/element-web:latest
container_name: element
restart: unless-stopped
volumes:
- ./element/config.json:/app/config.json:Z
networks:
- element
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- CHOWN
- SETGID
- SETUID
- CAP_NET_BIND_SERVICE
tmpfs:
- /var/run:size=50M,mode=0770,noexec,nosuid,nodev
- /var/cache/nginx:size=50M,mode=0770,noexec,nosuid,nodev
matrix-to:
image: ghcr.io/tommytran732/matrix.to
container_name: matrix-to
restart: unless-stopped
networks:
- matrix-to
user: 992:992
security_opt:
- no-new-privileges:true
- label:disable
cap_drop:
- ALL
swag:
image: ghcr.io/linuxserver/swag
container_name: swag
restart: unless-stopped
environment:
- PUID=1000
- PGID=1000
- URL=yourdomain.tld
- SUBDOMAINS=synapse,element
- VALIDATION=http
- EMAIL=changeme@yourdomain.tld
- ONLY_SUBDOMAINS=true
volumes:
- ./swag:/config:Z
- /etc/localtime:/etc/localtime:ro
ports:
- 443:443
- 80:80
- 8448:8448
networks:
- matrix
- element
- mjolnir
security_opt:
- no-new-privileges:true
cap_add:
- NET_ADMIN
pantalaimon:
image: matrixdotorg/pantalaimon:latest
container_name: pantalaimon
restart: unless-stopped
volumes:
- ./pantalaimon:/data:Z
depends_on:
- synapse
networks:
- pantalaimon
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
mjolnir:
image: matrixdotorg/mjolnir:latest
container_name: mjolnir
restart: unless-stopped
volumes:
- ./mjolnir:/data:Z
depends_on:
- pantalaimon
networks:
- pantalaimon
- mjolnir
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
networks:
matrix:
postgres:
element:
pantalaimon:
mjolnir:
Reference in New Issue View Git Blame Copy Permalink