stacks/melville/docker-compose.yaml

version: "3.8"
services:
  traefik:
    image: traefik
    environment:
      TRAEFIK_API: "true"
      TRAEFIK_API_INSECURE: "true"
      TRAEFIK_ENTRYPOINTS_WEB_ADDRESS: :80
      TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_TO: websecure
      TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME: https
      TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS: :443
      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_CERTRESOLVER: letsencrypt
      TRAEFIK_CERTIFICATESRESOLVERS_LETSENCYRPT_ACME_EMAIL: neale@woozle.org
      TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_STORAGE: /acme.json
      TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_HTTPCHALLENGE_ENTRYPOINT: web
      TRAEFIK_PROVIDERS_DOCKER_SWARMMODE: "true"
      TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT: "false"
    ports:
      - target: 80
        published: 80
        mode: host
      - target: 443
        published: 443
        mode: host
      - target: 8080
        published: 8080
    volumes:
      - type: bind
        source: /var/run/docker.sock
        target: /var/run/docker.sock
        read_only: true
      - type: bind
        source: /srv/traefik/acme.json
        target: /acme.json
    secrets:
      - htaccess
    deploy:
      labels:
        traefik.enable: "true"
        traefik.http.routers.dashboard.rule: "Host(`melville.woozle.org`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
        traefik.http.routers.dashboard.tls.certresolver: letsencrypt
        traefik.http.routers.dashboard.middlewares: auth
        traefik.http.routers.dashboard.service: api@internal
        traefik.http.middlewares.auth.basicauth.usersfile: /run/secrets/htaccess
        traefik.http.services.traefik.loadbalancer.server.port: "1"

  vail:
    image: ghcr.io/nealey/vail:master
    deploy:
      labels:
        traefik.enable: "true"
        traefik.http.routers.vail.rule: "PathPrefix(`/vail`) || Host(`vail.woozle.org`)"
        traefik.http.services.vail.loadbalancer.server.port: "8080"

  chat:
    image: ghcr.io/dirtbags/microchat
    command:
      - --redis=redis:6379
      - --noauth
    deploy:
      labels:
        traefik.enable: "true"
        traefik.http.routers.chat.rule: "Host(`melville.woozle.org`) && PathPrefix(`/chat`)"
        traefik.http.routers.chat.middlewares: chat-prefix
        traefik.http.middlewares.chat-prefix.stripprefix.prefixes: "/chat"
        traefik.http.services.chat.loadbalancer.server.port: "8080"
  redis:
    image: redis


secrets:
  htaccess:
    file: htaccess
    name: htaccess-v1