X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=support%2Fdocker%2Fproduction%2Fdocker-compose.yml;h=cf90b226ffbac437b75d67a42ec8eb563cf361f5;hb=14b3e8f4457b2e2aad52044b4c373f5b8fb06568;hp=32ee7511305882ed0278ae24f5b2b6b7b952030d;hpb=6401417d6c17f827c94e44dd27c85c771442630b;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml
index 32ee75113..cf90b226f 100644
--- a/support/docker/production/docker-compose.yml
+++ b/support/docker/production/docker-compose.yml
@@ -2,75 +2,100 @@ version: "3.3"
 
 services:
 
-  reverse-proxy:
-    image: traefik
-    command: --api --docker # Enables the web UI and tells Træfik to listen to docker
+  # You can comment this webserver section if you want to use another webserver/proxy
+  webserver:
+    image: chocobozzz/peertube-webserver:latest
+    # If you don't want to use the official image and build one from sources:
+    # build:
+    #   context: .
+    #   dockerfile: Dockerfile.nginx
+    env_file:
+      - .env
     ports:
-      - "80:80"     # The HTTP port
-      - "443:443"   # The HTTPS port
-      - "8080:8080" # The Web UI (enabled by --api)
+     - "80:80"
+     - "443:443"
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
-      - ./docker-volume/traefik/acme.json:/etc/acme.json
-      - ./docker-volume/traefik/traefik.toml:/traefik.toml
+      - type: bind
+        # Switch sources if you downloaded the whole repository
+        #source: ../../nginx/peertube
+        source: ./docker-volume/nginx/peertube
+        target: /etc/nginx/conf.d/peertube.template
+      - assets:/var/www/peertube/peertube-latest/client/dist:ro
+      - ./docker-volume/data:/var/www/peertube/storage
+      - certbot-www:/var/www/certbot
+      - ./docker-volume/certbot/conf:/etc/letsencrypt
+    depends_on:
+      - peertube
     restart: "always"
 
+  # You can comment this certbot section if you want to use another webserver/proxy
+  certbot:
+    container_name: certbot
+    image: certbot/certbot
+    volumes:
+      - ./docker-volume/certbot/conf:/etc/letsencrypt
+      - certbot-www:/var/www/certbot
+    restart: unless-stopped
+    entrypoint: /bin/sh -c "trap exit TERM; while :; do certbot renew --webroot -w /var/www/certbot; sleep 12h & wait $${!}; done;"
+    depends_on:
+      - webserver
+
   peertube:
-    # If you don't want to use the official image and build one from sources
+    # If you don't want to use the official image and build one from sources:
     # build:
     #   context: .
-    #   dockerfile: ./support/docker/production/Dockerfile.stretch
-    image: chocobozzz/peertube:production-stretch
-    environment:
-      PEERTUBE_WEBSERVER_HOSTNAME: my.domain.tld
-      PEERTUBE_WEBSERVER_PORT: 443
-      PEERTUBE_WEBSERVER_HTTPS: "true"
-      PEERTUBE_ADMIN_EMAIL: admin@domain.tld
-      PEERTUBE_DB_HOSTNAME: postgres
-      PEERTUBE_DB_USERNAME: postgres_user
-      PEERTUBE_DB_PASSWORD: postgres_password
-      PEERTUBE_SIGNUP_ENABLED: "true"
-      PEERTUBE_TRANSCODING_ENABLED: "true"
-      PEERTUBE_REDIS_HOSTNAME: redis
-      PEERTUBE_SMTP_USERNAME: null
-      PEERTUBE_SMTP_PASSWORD: null
-      PEERTUBE_SMTP_HOSTNAME: null
-      PEERTUBE_SMTP_PORT: 25
-      PEERTUBE_SMTP_FROM: noreply@peertube.domain.tld
-      PEERTUBE_SMTP_TLS: "true"
-    # Traefik labels are suggested as an example for people using Traefik,
-    # remove them if you are using another reverse proxy.
-    labels:
-      traefik.enable: "true"
-      traefik.frontend.rule: "Host:${PEERTUBE_WEBSERVER_HOSTNAME}"
-      traefik.port: "9000"
-    # If you don't want to use a reverse proxy (not suitable for production!)
-    # ports:
-      # - "80:9000"
+    #   dockerfile: ./support/docker/production/Dockerfile.bullseye
+    image: chocobozzz/peertube:production-bullseye
+    # Use a static IP for this container because nginx does not handle proxy host change without reload
+    # This container could be restarted on crash or until the postgresql database is ready for connection
+    networks:
+      default:
+        ipv4_address: 172.18.0.42
+    env_file:
+      - .env
+
+    ports:
+     - "1935:1935" # If you don't want to use the live feature, you can comment this line
+    #  - "9000:9000" # If you provide your own webserver and reverse-proxy, otherwise not suitable for production
     volumes:
+      - assets:/app/client/dist
       - ./docker-volume/data:/data
       - ./docker-volume/config:/config
     depends_on:
       - postgres
       - redis
+      - postfix
     restart: "always"
 
   postgres:
-    image: postgres:10-alpine
-    environment:
-      POSTGRES_USER: postgres_user
-      POSTGRES_PASSWORD: postgres_password
-      POSTGRES_DB: peertube
+    image: postgres:13-alpine
+    env_file:
+      - .env
     volumes:
       - ./docker-volume/db:/var/lib/postgresql/data
     restart: "always"
-    labels:
-      traefik.enable: "false"
 
   redis:
-    image: redis:4-alpine
+    image: redis:6-alpine
     volumes:
       - ./docker-volume/redis:/data
     restart: "always"
-    labels:
-      traefik.enable: "false"
\ No newline at end of file
+
+  postfix:
+    image: mwader/postfix-relay
+    env_file:
+      - .env
+    volumes:
+      - ./docker-volume/opendkim/keys:/etc/opendkim/keys
+    restart: "always"
+
+networks:
+  default:
+    ipam:
+      driver: default
+      config:
+      - subnet: 172.18.0.0/16
+
+volumes:
+  assets:
+  certbot-www: