docker-compose.rc.yml

version: "3.7"

services:
  reverse-proxy:
    container_name: reverse-proxy
    image: traefik:v2.8
    restart: unless-stopped
    ports:
      - ${NGINX_PORT-80}:80
      - ${NGINX_PORT_SSL-443}:443
      - 8080:8080
    command: --providers.docker
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${PWD}/traefik:/root/.config
      - ${PWD}/traefik/shared:/shared
    networks:
      - tipi_main_network

  tipi-db:
    container_name: tipi-db
    image: postgres:14
    restart: unless-stopped
    stop_grace_period: 1m
    volumes:
      - ./data/postgres:/var/lib/postgresql/data
    environment:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_USER: tipi
      POSTGRES_DB: tipi
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d tipi -U tipi"]
      interval: 5s
      timeout: 10s
      retries: 120
    networks:
      - tipi_main_network

  tipi-redis:
    container_name: tipi-redis
    image: redis:alpine
    restart: unless-stopped
    volumes:
      - ./data/redis:/data
    networks:
      - tipi_main_network

  api:
    image: meienberger/runtipi:rc-${TIPI_VERSION}
    command: /bin/sh -c "cd /api && npm run start"
    container_name: api
    depends_on:
      tipi-db:
        condition: service_healthy
    volumes:
      - ${PWD}/repos:/runtipi/repos:ro
      - ${PWD}/apps:/runtipi/apps
      - ${PWD}/state:/runtipi/state
      - ${PWD}/logs:/app/logs
      - ${STORAGE_PATH}:/app/storage
      - ${PWD}/.env:/runtipi/.env:ro
    environment:
      INTERNAL_IP: ${INTERNAL_IP}
      TIPI_VERSION: ${TIPI_VERSION}
      JWT_SECRET: ${JWT_SECRET}
      NGINX_PORT: ${NGINX_PORT}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_USERNAME: tipi
      POSTGRES_DBNAME: tipi
      POSTGRES_HOST: tipi-db
      NODE_ENV: production
      APPS_REPO_ID: ${APPS_REPO_ID}
      APPS_REPO_URL: ${APPS_REPO_URL}
      DOMAIN: ${DOMAIN}
      ARCHITECTURE: ${ARCHITECTURE}
    networks:
      - tipi_main_network
    labels:
      traefik.enable: true
      # Web
      traefik.http.routers.api.rule: PathPrefix(`/api`)
      traefik.http.routers.api.service: api
      traefik.http.routers.api.entrypoints: web
      traefik.http.routers.api.middlewares: api-stripprefix
      traefik.http.services.api.loadbalancer.server.port: 3001
      # Websecure
      traefik.http.routers.api-secure.rule: (Host(`${DOMAIN}`) && PathPrefix(`/api`))
      traefik.http.routers.api-secure.entrypoints: websecure
      traefik.http.routers.api-secure.service: api-secure
      traefik.http.routers.api-secure.tls.certresolver: myresolver
      traefik.http.routers.api-secure.middlewares: api-stripprefix
      traefik.http.services.api-secure.loadbalancer.server.port: 3001
      # Middlewares
      traefik.http.middlewares.api-stripprefix.stripprefix.prefixes: /api

  dashboard:
    image: meienberger/runtipi:rc-${TIPI_VERSION}
    command: /bin/sh -c "cd /dashboard && node server.js"
    container_name: dashboard
    networks:
      - tipi_main_network
    depends_on:
      api:
        condition: service_started
    environment:
      NODE_ENV: production
    labels:
      traefik.enable: true
      # Web
      traefik.http.routers.dashboard.rule: PathPrefix("/")
      traefik.http.routers.dashboard.service: dashboard
      traefik.http.routers.dashboard.entrypoints: web
      traefik.http.services.dashboard.loadbalancer.server.port: 3000
      # Websecure
      traefik.http.routers.dashboard-secure.rule: Host(`${DOMAIN}`) && PathPrefix(`/`)
      traefik.http.routers.dashboard-secure.service: dashboard-secure
      traefik.http.routers.dashboard-secure.entrypoints: websecure
      traefik.http.routers.dashboard-secure.tls.certresolver: myresolver
      traefik.http.services.dashboard-secure.loadbalancer.server.port: 3000

networks:
  tipi_main_network:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 10.21.21.0/24