mirror of
https://git.anonymousland.org/deathrow/synapse-docker-deployment.git
synced 2024-10-01 11:49:56 -04:00
316 lines
7.6 KiB
YAML
316 lines
7.6 KiB
YAML
version: '3.7'
|
|
|
|
networks:
|
|
matrix:
|
|
registration:
|
|
dimension:
|
|
|
|
services:
|
|
synapse:
|
|
build: ./images/synapse-docker
|
|
restart: unless-stopped
|
|
container_name: synapse
|
|
user: "991:991"
|
|
environment:
|
|
- SYNAPSE_CONFIG_DIR=/data
|
|
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- postgres
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
extra_hosts:
|
|
- "host.docker.internal:host-gateway"
|
|
|
|
postgres:
|
|
image: docker.io/postgres:14.5-alpine
|
|
container_name: postgres
|
|
user: "70:70"
|
|
restart: unless-stopped
|
|
environment:
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
- POSTGRES_DB=${POSTGRES_DB}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
volumes:
|
|
- ./schemas:/var/lib/postgresql/data:Z
|
|
ports:
|
|
- 127.0.0.1:5432:5432
|
|
networks:
|
|
- matrix
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
tmpfs:
|
|
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
|
|
|
|
swag:
|
|
image: ghcr.io/linuxserver/swag
|
|
restart: unless-stopped
|
|
container_name: swag
|
|
cap_add:
|
|
- NET_ADMIN
|
|
environment:
|
|
- PUID=1000
|
|
- PGID=1000
|
|
- URL=${SWAG_URL}
|
|
- SUBDOMAINS=${SWAG_SUBDOMAINS}
|
|
- VALIDATION=http
|
|
- EMAIL=${SWAG_EMAIL}
|
|
- ONLY_SUBDOMAINS=true
|
|
volumes:
|
|
- ./swag:/config:Z
|
|
- /etc/localtime:/etc/localtime:ro
|
|
ports:
|
|
- 443:443
|
|
- 80:80
|
|
networks:
|
|
- matrix
|
|
- registration
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
pantalaimon:
|
|
build: ./images/pantalaimon
|
|
container_name: pantalaimon
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./pantalaimon_data:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
mjolnir:
|
|
build: ./images/mjolnir
|
|
container_name: mjolnir
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./mjolnir:/data:Z
|
|
depends_on:
|
|
- pantalaimon
|
|
networks:
|
|
- matrix
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
maubot:
|
|
image: dock.mau.dev/maubot/maubot:latest
|
|
container_name: maubot
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./maubot:/data:Z
|
|
networks:
|
|
- matrix
|
|
|
|
matrix-registration:
|
|
build: ./images/synapse-captcha
|
|
container_name: matrix-registration
|
|
restart: unless-stopped
|
|
command: [
|
|
"--config-path=/data/config.yaml",
|
|
"serve"
|
|
]
|
|
ports:
|
|
- 127.0.0.1:5000:5000
|
|
volumes:
|
|
- ./matrix-registration_data:/data:Z
|
|
networks:
|
|
- matrix
|
|
|
|
redis:
|
|
image: redis:latest
|
|
container_name: redis
|
|
restart: unless-stopped
|
|
networks:
|
|
- matrix
|
|
|
|
dimension:
|
|
build: ./images/matrix-dimension
|
|
container_name: dimension
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./dimension:/data:Z
|
|
depends_on:
|
|
- dimension_db
|
|
networks:
|
|
- matrix
|
|
- dimension
|
|
ports:
|
|
- 127.0.0.1:8184:8184
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
dimension_db:
|
|
image: docker.io/postgres:14.5-alpine
|
|
container_name: dimension_db
|
|
user: "70:70"
|
|
restart: unless-stopped
|
|
environment:
|
|
- POSTGRES_USER=${DIMENSION_DB_USER}
|
|
- POSTGRES_PASSWORD=${DIMENSION_DB_PASSWORD}
|
|
- POSTGRES_DB=${DIMENSION_DB_DB}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
volumes:
|
|
- ./dimension/db:/var/lib/dimension_db/data:Z
|
|
ports:
|
|
- 127.0.0.1:5433:5432
|
|
networks:
|
|
- dimension
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
tmpfs:
|
|
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
|
|
|
|
# WORKERS
|
|
|
|
synapse-generic-worker-4:
|
|
build: ./images/workers/synapse
|
|
container_name: synapse-generic-worker-4
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.generic_worker
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker4.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
synapse-generic-worker-3:
|
|
build: ./images/workers/synapse
|
|
container_name: synapse-generic-worker-3
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.generic_worker
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker3.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
synapse-generic-worker-2:
|
|
build: ./images/synapse-worker-docker
|
|
container_name: synapse-generic-worker-2
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.generic_worker
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker2.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
synapse-generic-worker-1:
|
|
build: ./images/synapse-worker-docker
|
|
container_name: synapse-generic-worker-1
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.generic_worker
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker1.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
synapse-federation-sender-3:
|
|
build: ./images/synapse-worker-docker
|
|
container_name: synapse-federation-sender-3
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.federation_sender
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation3.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
synapse-federation-sender-2:
|
|
build: ./images/synapse-worker-docker
|
|
container_name: synapse-federation-sender-2
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.federation_sender
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation2.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
synapse-federation-sender-1:
|
|
build: ./images/synapse-worker-docker
|
|
container_name: synapse-federation-sender-1
|
|
user: "991:991"
|
|
restart: unless-stopped
|
|
environment:
|
|
SYNAPSE_WORKER: synapse.app.federation_sender
|
|
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/federation1.yaml"]
|
|
volumes:
|
|
- ./files:/data:Z
|
|
depends_on:
|
|
- synapse
|
|
networks:
|
|
- matrix
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL |