-
-
Save aambert/490f5c4b0039605f42b4fc5157745274 to your computer and use it in GitHub Desktop.
Docker-Compose: Mastodon v3.0.1 with Traefik v2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| # Variables to fill in: | |
| # Line 22: <LETSENCRYPT_MAIL_ADDRESS> - your mail address for contact with Let's Encrypt | |
| # Line 35: <TRAEFIK_DASHBOARD_ADMIN_PASSWORD> - MD5 hash of your password (use http://www.htaccesstools.com/htpasswd-generator/) | |
| # Lines 30, 82, 106: <DOMAIN> - e.g. social.yourdomain.com (Must have an A record pointing to your box' IP) (AAAA for IPv6 ;) | |
| services: | |
| traefik: | |
| image: traefik:v2.1 | |
| container_name: "traefik" | |
| restart: always | |
| command: | |
| # - "--log.level=DEBUG" | |
| - "--api.dashboard=true" | |
| - "--entrypoints.web.address=:80" | |
| - "--entrypoints.websecure.address=:443" | |
| - "--providers.docker=true" | |
| - "--providers.docker.exposedbydefault=false" | |
| - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" | |
| - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web" | |
| - "--certificatesresolvers.letsencrypt.acme.email=<LETSENCRYPT_MAIL_ADDRESS>" | |
| - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" | |
| ports: | |
| - "80:80" | |
| - "443:443" | |
| labels: | |
| - "traefik.enable=true" | |
| # Dashboard | |
| - "traefik.http.routers.traefik.rule=(Host(`<DOMAIN>`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`)))" | |
| - "traefik.http.routers.traefik.service=api@internal" | |
| - "traefik.http.routers.traefik.tls.certresolver=letsencrypt" | |
| - "traefik.http.routers.traefik.entrypoints=websecure" | |
| - "traefik.http.routers.traefik.middlewares=dashboardauth" | |
| - "traefik.http.middlewares.dashboardauth.basicauth.users=admin:<TRAEFIK_DASHBOARD_ADMIN_PASSWORD>" | |
| # HTTPS Redirect | |
| - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" | |
| - "traefik.http.routers.http-catchall.entrypoints=web" | |
| - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker" | |
| - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - ./letsencrypt:/letsencrypt | |
| networks: | |
| - external_network | |
| db: | |
| restart: always | |
| image: postgres:9.6-alpine | |
| healthcheck: | |
| test: ["CMD", "pg_isready", "-U", "postgres"] | |
| volumes: | |
| - ./postgres:/var/lib/postgresql/data | |
| networks: | |
| - internal_network | |
| redis: | |
| restart: always | |
| image: redis:5.0-alpine | |
| healthcheck: | |
| test: ["CMD", "redis-cli", "ping"] | |
| volumes: | |
| - ./redis:/data | |
| networks: | |
| - internal_network | |
| web: | |
| image: tootsuite/mastodon:v3.0.1 | |
| restart: always | |
| env_file: .env.production | |
| command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" | |
| healthcheck: | |
| test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"] | |
| expose: | |
| - "3000" | |
| depends_on: | |
| - db | |
| - redis | |
| - traefik | |
| labels: | |
| - "traefik.enable=true" | |
| - "traefik.http.routers.mastodon-web.rule=Host(`<DOMAIN>`)" | |
| - "traefik.http.routers.mastodon-web.entrypoints=websecure" | |
| - "traefik.http.routers.mastodon-web.tls.certresolver=letsencrypt" | |
| volumes: | |
| - ./public/system:/mastodon/public/system | |
| networks: | |
| - external_network | |
| - internal_network | |
| streaming: | |
| image: tootsuite/mastodon:v3.0.1 | |
| restart: always | |
| env_file: .env.production | |
| command: node ./streaming | |
| healthcheck: | |
| test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"] | |
| expose: | |
| - "4000" | |
| depends_on: | |
| - db | |
| - redis | |
| - traefik | |
| labels: | |
| - "traefik.enable=true" | |
| - "traefik.http.routers.mastodon-streaming.rule=(Host(`<DOMAIN>`) && PathPrefix(`/api/v1/streaming`))" | |
| - "traefik.http.routers.mastodon-streaming.entrypoints=websecure" | |
| - "traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt" | |
| networks: | |
| - external_network | |
| - internal_network | |
| sidekiq: | |
| image: tootsuite/mastodon:v3.0.1 | |
| restart: always | |
| env_file: .env.production | |
| command: bundle exec sidekiq | |
| depends_on: | |
| - db | |
| - redis | |
| - traefik | |
| volumes: | |
| - ./public/system:/mastodon/public/system | |
| networks: | |
| - external_network | |
| - internal_network | |
| networks: | |
| external_network: | |
| internal_network: | |
| internal: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment