Matrix-Mirrors/anonymousland-synapse-docker-deployment
1
0
Fork 0
mirror of https://git.anonymousland.org/deathrow/synapse-docker-deployment.git synced 2024-10-01 11:49:56 -04:00
Code Issues Packages Projects Releases Wiki Activity
main
anonymousland-synapse-docke.../docker-compose.yml
deathrow 2d6c85baa0
Disabling Worker TLS
2023-01-01 19:12:15 -05:00

328 lines
7.8 KiB
YAML
Raw Permalink Blame History

version: '3.7'
networks:
matrix:
registration:
dimension:
services:
synapse:
build: ./images/synapse-docker
restart: unless-stopped
container_name: synapse
user: "991:991"
environment:
- SYNAPSE_CONFIG_DIR=/data
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8008:8008
depends_on:
- postgres
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
extra_hosts:
- "host.docker.internal:host-gateway"
postgres:
image: docker.io/postgres:14.5-alpine
container_name: postgres
user: "70:70"
restart: unless-stopped
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
volumes:
- ./schemas:/var/lib/postgresql/data:Z
ports:
- 127.0.0.1:5432:5432
networks:
- matrix
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
tmpfs:
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
swag:
image: ghcr.io/linuxserver/swag
restart: unless-stopped
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- URL=${SWAG_URL}
- SUBDOMAINS=${SWAG_SUBDOMAINS}
- VALIDATION=http
- EMAIL=${SWAG_EMAIL}
- ONLY_SUBDOMAINS=true
volumes:
- ./swag:/config:Z
- /etc/localtime:/etc/localtime:ro
ports:
- 443:443
- 80:80
networks:
- matrix
- registration
security_opt:
- no-new-privileges:true
pantalaimon:
build: ./images/pantalaimon
container_name: pantalaimon
restart: unless-stopped
volumes:
- ./pantalaimon_data:/data:Z
depends_on:
- synapse
networks:
- matrix
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
mjolnir:
build: ./images/mjolnir
container_name: mjolnir
restart: unless-stopped
volumes:
- ./mjolnir:/data:Z
depends_on:
- pantalaimon
networks:
- matrix
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
maubot:
image: dock.mau.dev/maubot/maubot:latest
container_name: maubot
restart: unless-stopped
volumes:
- ./maubot:/data:Z
networks:
- matrix
matrix-registration:
build: ./images/synapse-captcha
container_name: matrix-registration
restart: unless-stopped
command: [
"--config-path=/data/config.yaml",
"serve"
]
ports:
- 127.0.0.1:5000:5000
volumes:
- ./matrix-registration_data:/data:Z
networks:
- matrix
redis:
image: redis:latest
container_name: redis
restart: unless-stopped
networks:
- matrix
dimension:
build: ./images/matrix-dimension
container_name: dimension
restart: unless-stopped
volumes:
- ./dimension:/data:Z
depends_on:
- dimension_db
networks:
- matrix
- dimension
ports:
- 127.0.0.1:8184:8184
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
dimension_db:
image: docker.io/postgres:14.5-alpine
container_name: dimension_db
user: "70:70"
restart: unless-stopped
environment:
- POSTGRES_USER=${DIMENSION_DB_USER}
- POSTGRES_PASSWORD=${DIMENSION_DB_PASSWORD}
- POSTGRES_DB=${DIMENSION_DB_DB}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
volumes:
- ./dimension/db:/var/lib/dimension_db/data:Z
ports:
- 127.0.0.1:5433:5432
networks:
- dimension
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
tmpfs:
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
# WORKERS
synapse-generic-worker-4:
build: ./images/workers/synapse
container_name: synapse-generic-worker-4
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker4.yaml"]
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8083:8081
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-generic-worker-3:
build: ./images/workers/synapse
container_name: synapse-generic-worker-3
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker3.yaml"]
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8082:8081
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-generic-worker-2:
build: ./images/synapse-worker-docker
container_name: synapse-generic-worker-2
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker2.yaml"]
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8081:8081
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-generic-worker-1:
build: ./images/synapse-worker-docker
container_name: synapse-generic-worker-1
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker1.yaml"]
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8080:8081
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-federation-sender-3:
build: ./images/synapse-worker-docker
container_name: synapse-federation-sender-3
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.federation_sender
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation3.yaml"]
volumes:
- ./files:/data:Z
ports:
- 127.0.0.1:8082:8081
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-federation-sender-2:
build: ./images/synapse-worker-docker
container_name: synapse-federation-sender-2
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.federation_sender
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation2.yaml"]
volumes:
- ./files:/data:Z
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-federation-sender-1:
build: ./images/synapse-worker-docker
container_name: synapse-federation-sender-1
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.federation_sender
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation1.yaml"]
volumes:
- ./files:/data:Z
depends_on:
- synapse
networks:
- matrix
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
Reference in New Issue View Git Blame Copy Permalink