Tobias Manske
e4bc073b7b
All checks were successful
continuous-integration/drone/push Build is passing
272 lines
7.7 KiB
YAML
272 lines
7.7 KiB
YAML
---
|
|
version: '3.9'
|
|
|
|
services:
|
|
|
|
synapse:
|
|
image: registry.tobiasmanske.de/matrixdotorg/synapse:latest
|
|
user: "1000:1000"
|
|
# Since synapse does not retry to connect to the database, restart upon
|
|
# failure
|
|
restart: unless-stopped
|
|
# See the readme for a full documentation of the environment settings
|
|
# NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
|
|
environment:
|
|
- SYNAPSE_CONFIG_DIR=/config
|
|
- SYNAPSE_CONFIG_PATH=/config/homeserver.yaml
|
|
- TZ=Europe/Berlin
|
|
ulimits:
|
|
nofile:
|
|
soft: 10000
|
|
hard: 40000
|
|
volumes:
|
|
- synapse_data:/data
|
|
- ./synapse-config:/config:ro,Z
|
|
- ./mautrix-telegram/registration.yaml:/data/reg-mautrix-tg.yaml:ro,Z
|
|
- ./mautrix-slack/registration.yaml:/data/reg-mautrix-slack.yaml:ro,Z
|
|
- ./mautrix-signal/registration.yaml:/data/reg-mautrix-signal.yaml:ro,Z
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
networks:
|
|
- default
|
|
- backend
|
|
- metrics
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.http-synapse.rule=Host(`synapse.{{ matrix.baseurl }}`)"
|
|
- "traefik.http.routers.http-synapse.entryPoints=websecure"
|
|
- "traefik.http.routers.http-synapse.service=matrix-synapse"
|
|
- "traefik.http.routers.matrix-synapse.rule=Host(`{{ matrix.baseurl }}`) && PathPrefix(`/_{path:(matrix|synapse)}/`)"
|
|
- "traefik.http.routers.matrix-synapse.entryPoints=websecure"
|
|
- "traefik.http.routers.matrix-synapse.service=matrix-synapse"
|
|
- "traefik.http.services.matrix-synapse.loadbalancer.server.port=8008"
|
|
- "prometheus-scrape.enabled=true"
|
|
- "prometheus-scrape.port=9091"
|
|
- "prometheus-scrape.metrics_path=/_synapse/metrics"
|
|
|
|
db:
|
|
image: postgres:15
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER={{ matrix.db.user }}
|
|
- POSTGRES_DB={{ matrix.db.database }}
|
|
- POSTGRES_PASSWORD={{ matrix.db.password }}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
networks:
|
|
- backend
|
|
volumes:
|
|
- db_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
caddy:
|
|
image: caddy:2
|
|
volumes:
|
|
- ./Caddyfile:/etc/caddy/Caddyfile:ro,z
|
|
restart: unless-stopped
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.matrix-well-known.rule=Host(`{{ matrix.baseurl }}`) && PathPrefix(`/.well-known/matrix/`)"
|
|
- "traefik.http.routers.matrix-well-known.entrypoints=websecure"
|
|
- "traefik.http.services.matrix-well-known.loadbalancer.server.port=80"
|
|
|
|
cinny:
|
|
image: registry.tobiasmanske.de/cinnyapp/cinny:latest
|
|
restart: unless-stopped
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.matrix-cinny.rule=Host(`cinny.{{ matrix.baseurl }}`)"
|
|
- "traefik.http.routers.matrix-cinny.entryPoints=websecure"
|
|
- "traefik.http.services.matrix-cinny.loadbalancer.server.port=80"
|
|
volumes:
|
|
- ./cinny-config.json:/app/config.json:ro,Z
|
|
networks:
|
|
- default
|
|
|
|
redis:
|
|
image: redis:latest
|
|
restart: unless-stopped
|
|
networks:
|
|
- backend
|
|
|
|
### SLIDING SYNC
|
|
|
|
syncv3-db:
|
|
image: postgres:15
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER={{ matrix.syncv3.user }}
|
|
- POSTGRES_DB={{ matrix.syncv3.database }}
|
|
- POSTGRES_PASSWORD={{ matrix.syncv3.password }}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
networks:
|
|
- syncv3
|
|
volumes:
|
|
- syncv3_db_data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
syncv3-proxy:
|
|
image: ghcr.io/matrix-org/sliding-sync:latest
|
|
restart: always
|
|
environment:
|
|
- "SYNCV3_SERVER=https://synapse.{{ matrix.baseurl }}"
|
|
- "SYNCV3_SECRET={{ matrix.syncv3.secret }}"
|
|
- "SYNCV3_BINDADDR=:8008"
|
|
- "SYNCV3_PROM=:2112"
|
|
- "SYNCV3_DB=user={{ matrix.syncv3.user }} dbname={{ matrix.syncv3.database }} sslmode=disable host=syncv3-db password='{{ matrix.syncv3.password }}'"
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.matrix-syncv3-proxy.rule=Host(`syncv3.{{ matrix.baseurl }}`)"
|
|
- "traefik.http.routers.matrix-syncv3-proxy.entrypoints=websecure"
|
|
- "traefik.http.services.matrix-syncv3-proxy.loadbalancer.server.port=8008"
|
|
- "prometheus-scrape.enabled=false"
|
|
- "prometheus-scrape.port=2112"
|
|
networks:
|
|
- syncv3
|
|
- default
|
|
|
|
### BRIDGES
|
|
|
|
#### Telegram
|
|
|
|
mautrix-telegram:
|
|
image: dock.mau.dev/mautrix/telegram:latest
|
|
user: "1000:1000"
|
|
restart: unless-stopped
|
|
environment:
|
|
- "MAUTRIX_DIRECT_STARTUP=1"
|
|
volumes:
|
|
- bridge_tg_data:/data
|
|
- ./mautrix-telegram/config.yaml:/data/config.yaml:ro,Z
|
|
- ./mautrix-telegram/registration.yaml:/data/registration.yaml:ro,Z
|
|
networks:
|
|
- backend
|
|
- default # Needs to contact UFOs in the sky
|
|
depends_on:
|
|
- db-bridge-tg
|
|
- synapse
|
|
|
|
db-bridge-tg:
|
|
image: postgres:15
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER={{ matrix.bridge.tg.dbuser }}
|
|
- POSTGRES_DB={{ matrix.bridge.tg.dbname }}
|
|
- POSTGRES_PASSWORD={{ matrix.bridge.tg.dbpass }}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
networks:
|
|
- backend
|
|
volumes:
|
|
- bridge_tg_db:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
#### SLACK
|
|
|
|
mautrix-slack:
|
|
image: dock.mau.dev/mautrix/slack:latest
|
|
environment:
|
|
- "UID=1000"
|
|
- "GID=1000"
|
|
restart: unless-stopped
|
|
volumes:
|
|
- bridge_slack_data:/data
|
|
- ./mautrix-slack/config.yaml:/data/config.yaml:ro,Z
|
|
- ./mautrix-slack/registration.yaml:/data/registration.yaml:ro,Z
|
|
networks:
|
|
- backend
|
|
- default # Needs to contact UFOs in the sky
|
|
depends_on:
|
|
- db-bridge-slack
|
|
- synapse
|
|
|
|
db-bridge-slack:
|
|
image: postgres:15
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER={{ matrix.bridge.slack.dbuser }}
|
|
- POSTGRES_DB={{ matrix.bridge.slack.dbname }}
|
|
- POSTGRES_PASSWORD={{ matrix.bridge.slack.dbpass }}
|
|
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
|
|
networks:
|
|
- backend
|
|
volumes:
|
|
- bridge_slack_db:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
#### SIGNAL
|
|
mautrix-signal:
|
|
image: dock.mau.dev/mautrix/signal:latest
|
|
user: "1000:1000"
|
|
restart: unless-stopped
|
|
environment:
|
|
- "MAUTRIX_DIRECT_STARTUP=1"
|
|
networks:
|
|
- default
|
|
- backend
|
|
volumes:
|
|
- bridge_signal_data:/data
|
|
- signald_data:/signald
|
|
- ./mautrix-signal/config.yaml:/data/config.yaml:ro,Z
|
|
- ./mautrix-signal/registration.yaml:/data/registration.yaml:ro,Z
|
|
depends_on:
|
|
- signald
|
|
- db-bridge-signal
|
|
|
|
signald:
|
|
image: docker.io/signald/signald:latest
|
|
restart: unless-stopped
|
|
networks:
|
|
- default
|
|
- backend
|
|
volumes:
|
|
- signald_data:/signald
|
|
|
|
db-bridge-signal:
|
|
image: postgres:15
|
|
restart: unless-stopped
|
|
networks:
|
|
- backend
|
|
environment:
|
|
- POSTGRES_USER={{ matrix.bridge.signal.dbuser }}
|
|
- POSTGRES_DB={{ matrix.bridge.signal.dbname }}
|
|
- POSTGRES_PASSWORD={{ matrix.bridge.signal.dbpass }}
|
|
volumes:
|
|
- bridge_signal_db:/var/lib/postgresql/data
|
|
|
|
networks:
|
|
backend:
|
|
internal: true
|
|
syncv3:
|
|
internal: true
|
|
metrics:
|
|
external: true
|
|
|
|
volumes:
|
|
synapse_data:
|
|
syncv3_db_data:
|
|
bridge_tg_data:
|
|
bridge_tg_db:
|
|
bridge_slack_data:
|
|
bridge_slack_db:
|
|
bridge_signal_data:
|
|
bridge_signal_db:
|
|
signald_data:
|
|
db_data:
|
|
...
|