services: halo: image: halohub/halo:latest pull_policy: always container_name: halo restart: on-failure:3 volumes: - ./data/halo:/root/.halo - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "8090:8090" environment: - SERVER_PORT=8090 - SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.h2.Driver - SPRING_DATASOURCE_URL=jdbc:h2:file:~/.halo/db/halo - SPRING_DATASOURCE_USERNAME=admin - SPRING_DATASOURCE_PASSWORD=$CRUPEST_HALO_DB_PASSWORD - HALO_ADMIN_PATH=admin - HALO_CACHE=memory networks: - internal timeline: image: crupest/timeline:latest pull_policy: always container_name: timeline restart: on-failure:3 environment: - ASPNETCORE_FORWARDEDHEADERS_ENABLED=true - TIMELINE_DisableAutoBackup=true volumes: - ./data/timeline:/root/timeline ports: - "5000:5000" networks: - internal code-server: pull_policy: build build: context: ./docker/arch-code-server dockerfile: Dockerfile pull: true args: - CRUPEST_USER=$CRUPEST_USER - CRUPEST_GROUP=$CRUPEST_GROUP - CRUPEST_UID=$CRUPEST_UID - CRUPEST_GID=$CRUPEST_GID - USE_CHINA_MIRROR=$CRUPEST_IN_CHINA tags: - "crupest/arch-code-server:latest" container_name: code-server restart: on-failure:3 volumes: - ./data/code-server:/data ports: - "8080:8080" networks: - internal nginx: image: nginx:latest pull_policy: always container_name: nginx restart: on-failure:3 ports: - "80:80" - "443:443" - "443:443/udp" volumes: - "./nginx-config:/etc/nginx/conf.d:ro" - "./site:/srv/www:ro" - "./data/certbot/certs:/etc/letsencrypt:ro" - "./data/certbot/webroot:/srv/acme:ro" networks: - external - internal auto-certbot: pull_policy: build build: context: ./docker/auto-certbot dockerfile: Dockerfile pull: true args: - CRUPEST_DOMAIN=$CRUPEST_DOMAIN - CRUPEST_AUTO_CERTBOT_ADDITIONAL_PACKAGES=docker-cli - CRUPEST_AUTO_CERTBOT_POST_HOOK=docker restart nginx tags: - "crupest/auto-certbot:latest" container_name: auto-certbot volumes: - "./data/certbot/certs:/etc/letsencrypt" - "./data/certbot/data:/var/lib/letsencrypt" - "./data/certbot/webroot:/var/www/certbot" # map docker socket to allow auto-certbot to restart nginx - "/var/run/docker.sock:/var/run/docker.sock" restart: on-failure:3 networks: - internal mailserver: image: docker.io/mailserver/docker-mailserver:latest pull_policy: always container_name: mailserver # If the FQDN for your mail-server is only two labels (eg: example.com), # you can assign this entirely to `hostname` and remove `domainname`. hostname: mail domainname: $CRUPEST_DOMAIN env_file: mailserver.env # More information about the mail-server ports: # https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/ # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks. ports: - "25:25" # SMTP (explicit TLS => STARTTLS) - "143:143" # IMAP4 (explicit TLS => STARTTLS) - "465:465" # ESMTP (implicit TLS) - "587:587" # ESMTP (explicit TLS => STARTTLS) - "993:993" # IMAP4 (implicit TLS) volumes: - ./data/dms/mail-data/:/var/mail/ - ./data/dms/mail-state/:/var/mail-state/ - ./data/dms/mail-logs/:/var/log/mail/ - ./data/dms/config/:/tmp/docker-mailserver/ - ./data/certbot/certs:/etc/letsencrypt - /etc/localtime:/etc/localtime:ro restart: on-failure:3 stop_grace_period: 1m cap_add: - NET_ADMIN healthcheck: test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" timeout: 3s retries: 0 networks: - external networks: internal: internal: true external: