X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=support%2Fdocker%2Fproduction%2Fdocker-compose.yml;h=e937c8b9c13535bcdf345f5b46867cfbb391448b;hb=745437e3ab402d5b8f85de6e9c09c3b6092e5904;hp=5b8f5700a3cb354112dc0a1ea6b9d1924e89deb3;hpb=e6a3b266f146169d15f3f8818b36ddf34945174b;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/support/docker/production/docker-compose.yml b/support/docker/production/docker-compose.yml
index 5b8f5700a..e937c8b9c 100644
--- a/support/docker/production/docker-compose.yml
+++ b/support/docker/production/docker-compose.yml
@@ -3,24 +3,33 @@ version: "3.3"
 services:
 
   reverse-proxy:
-    image: traefik
-    command: --api --docker # Enables the web UI and tells Træfik to listen to docker
+    image: traefik:v1.7
+    network_mode: "host"
+    command:
+      - "--docker" # Tells Træfik to listen to docker
+      - "--acme.email=${TRAEFIK_ACME_EMAIL}" # Let's Encrypt ACME email
+      - "--acme.domains=${TRAEFIK_ACME_DOMAINS}" # Let's Encrypt ACME domain list
     ports:
       - "80:80"     # The HTTP port
       - "443:443"   # The HTTPS port
-      - "8080:8080" # The Web UI (enabled by --api)
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock # So that Traefik can listen to the Docker events
       - ./docker-volume/traefik/acme.json:/etc/acme.json
       - ./docker-volume/traefik/traefik.toml:/traefik.toml
     restart: "always"
+    # If you want to use the Traefik dashboard, you should expose it on a
+    # subdomain with HTTPS and authentification:
+    # https://medium.com/@xavier.priour/secure-traefik-dashboard-with-https-and-password-in-docker-5b657e2aa15f
+    # https://github.com/containous/traefik/issues/880#issuecomment-310301168
 
   peertube:
     # If you don't want to use the official image and build one from sources
     # build:
     #   context: .
-    #   dockerfile: ./support/docker/production/Dockerfile.stretch
-    image: chocobozzz/peertube:production-stretch
+    #   dockerfile: ./support/docker/production/Dockerfile.buster
+    image: chocobozzz/peertube:production-buster
+    env_file:
+      - .env
     # Traefik labels are suggested as an example for people using Traefik,
     # remove them if you are using another reverse proxy.
     labels:
@@ -36,14 +45,13 @@ services:
     depends_on:
       - postgres
       - redis
+      - postfix
     restart: "always"
 
   postgres:
     image: postgres:10-alpine
-    environment:
-      POSTGRES_USER: ${DB_USERNAME}
-      POSTGRES_PASSWORD: ${DB_PASSWORD}
-      POSTGRES_DB: peertube
+    env_file:
+      - .env
     volumes:
       - ./docker-volume/db:/var/lib/postgresql/data
     restart: "always"
@@ -57,3 +65,20 @@ services:
     restart: "always"
     labels:
       traefik.enable: "false"
+
+  postfix:
+    image: mwader/postfix-relay
+    env_file:
+      - .env
+    volumes:
+      - ./docker-volume/opendkim/keys:/etc/opendkim/keys
+    labels:
+      traefik.enable: "false"
+    restart: "always"
+
+networks:
+  default:
+    ipam:
+      driver: default
+      config:
+      - subnet:  172.18.0.0/16