--- version: '3' services: gotosocial: image: superseriousbusiness/gotosocial:latest restart: unless-stopped user: "1000:1000" depends_on: db: condition: service_healthy environment: GTS_LOG_LEVEL: "info" GTS_HOST: "social.unruhig.eu" GTS_ACCOUNT_DOMAIN: "unruhig.eu" GTS_DB_TYPE: "postgres" GTS_DB_ADDRESS: "db" GTS_DB_PORT: "5432" GTS_DB_DATABASE: "{{ gotosocial.db.user }}" GTS_DB_USER: "{{ gotosocial.db.user }}" GTS_DB_PASSWORD: "{{ gotosocial.db.password }}" GTS_TRUSTED_PROXIES: "127.0.0.1/32,10.254.0.0/17,fd64:2::/104,::1" GTS_INSTANCE_LANGUAGES: "de,en-gb" GTS_LETSENCRYPT_ENABLED: "false" GTS_METRICS_ENABLED: "true" # STORAGE GTS_STORAGE_BACKEND: "s3" GTS_STORAGE_S3_ENDPOINT: "{{ gotosocial.s3.endpoint }}" GTS_STORAGE_S3_BUCKET: "{{ gotosocial.s3.bucket }}" GTS_STORAGE_S3_ACCESS_KEY: "{{ gotosocial.s3.access_key }}" GTS_STORAGE_S3_SECRET_KEY: "{{ gotosocial.s3.secret_key | mandatory }}" # OPENID CONNECT GTS_OIDC_ENABLED: "true" GTS_OIDC_IDP_NAME: "KeyCloak" GTS_OIDC_ISSUER: "{{ gotosocial.oidc.issuer }}" GTS_OIDC_CLIENT_ID: "{{ gotosocial.oidc.client_id }}" GTS_OIDC_CLIENT_SECRET: "{{ gotosocial.oidc.client_secret }}" GTS_OIDC_ADMIN_GROUPS: "gotosocial-admin" GTS_OIDC_SCOPES: "openid,email,profile" # GTS_ACCOUNTS_REGISTRATION_OPEN: "false" TZ: "Europe/Berlin" labels: - "traefik.enable=true" - "traefik.http.routers.gotosocial.rule=(Host(`social.unruhig.eu`) || (Host(`unruhig.eu`) && Path(`/.well-known/{a:(webfinger|nodeinfo|host-meta)}`)))" - "traefik.http.routers.gotosocial.entryPoints=websecure" - "traefik.http.services.gotosocial.loadbalancer.server.port=8080" - "traefik.http.routers.gotosocial.middlewares=deny-metrics@file" - "prometheus-scrape.enabled=true" - "prometheus-scrape.port=8080" networks: - backend - default - metrics db: image: postgres:15 restart: unless-stopped environment: - POSTGRES_USER={{ gotosocial.db.user }} - POSTGRES_PASSWORD={{ gotosocial.db.password }} volumes: - database:/var/lib/postgresql/data healthcheck: test: ["CMD", "pg_isready", "-U", "{{ gotosocial.db.user }}"] interval: 10s start_period: 30s networks: - backend volumes: database: networks: backend: internal: true metrics: external: true ...