infrastructure/docker-compose.yml

182 lines
3.6 KiB
YAML
Raw Normal View History

version: '3.9'
services:
# Database
database:
image: mariadb:latest
container_name: database
profiles:
- database
depends_on:
- caddy
restart: on-failure
volumes:
- database:/var/lib/mysql:rw
env_file:
- env/wordpress_db.env
command: '--default-authentication-plugin=mysql_native_password'
networks:
- infra-network
security_opt:
- no-new-privileges:true
# Wordpress
wordpress:
image: wordpress:fpm
container_name: wordpress
profiles:
- wordpress
restart: on-failure
depends_on:
- database
- caddy
env_file:
- env/wordpress.env
volumes:
- ./config/wordpress/php.ini:/usr/local/etc/php/conf.d/custom.ini:ro
- wordpress:/var/www/html:rw
networks:
- infra-network
security_opt:
- no-new-privileges:true
# Webserver
caddy:
image: caddy:latest
container_name: webserver
profiles:
- webserver
restart: on-failure
ports:
- 80:80
- 443:443
volumes:
- wordpress:/var/www/html:rw
- caddy_data:/data:rw
- caddy_config:/config:rw
- ./caddy:/etc/caddy:ro
networks:
- infra-network
security_opt:
- no-new-privileges:true
# cap_drop:
# - ALL
# cap_add:
# - CHOWN
# - FOWNER
# - DAC_OVERRIDE
# - SETGID
# - SETUID
# - NET_BIND_SERVICE
# Adminer
adminer:
image: adminer:latest
container_name: adminer
profiles:
- adminer
restart: on-failure
env_file:
- env/adminer.env
depends_on:
- database
- caddy
networks:
- infra-network
security_opt:
- no-new-privileges:true
uptime-kuma:
image: louislam/uptime-kuma:latest
container_name: uptime-kuma
profiles:
- uptime-kuma
volumes:
- uptimekuma_data:/app/data
restart: always
networks:
- infra-network
security_opt:
- no-new-privileges:true
gitea:
image: gitea/gitea:latest-rootless
container_name: gitea
profiles:
- gitea
restart: on-failure
depends_on:
- caddy
env_file:
- env/gitea.env
volumes:
- gitea_data:/var/lib/gitea
- gitea_config:/etc/gitea
# - /etc/timezone:/etc/timezone:ro
# - /etc/localtime:/etc/localtime:ro
networks:
- infra-network
security_opt:
- no-new-privileges:true
database_gitea:
image: mariadb:latest
container_name: database_gitea
profiles:
- database
depends_on:
- gitea
restart: on-failure
volumes:
- gitea_db:/var/lib/mysql:rw
env_file:
- env/gitea_db.env
command: '--default-authentication-plugin=mysql_native_password'
networks:
- infra-network
security_opt:
- no-new-privileges:true
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
profiles:
- qbittorrent
restart: on-failure
depends_on:
- caddy
env_file:
- env/qbittorrent.env
volumes:
- qbittorrent_config:/config
- qbittorrent_data:/downloads
networks:
- infra-network
security_opt:
- no-new-privileges:true
networks:
infra-network:
driver: bridge
name: infra-network
volumes:
database:
name: database
wordpress:
name: wordpress
caddy_data:
name: caddy_data
caddy_config:
name: caddy_config
qbittorrent_config:
name: qbittorrent_config
qbittorrent_data:
name: qbittorrent_data
uptimekuma_data:
name: uptimekuma_data
gitea_data:
name: gitea_data
gitea_config:
name: gitea_config
gitea_db:
name: gitea_db