Applications/Services/matrix/conduit/docker-compose.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

version: "3"

services:
  conduit:
    image: matrixconduit/matrix-conduit
    restart: unless-stopped
    volumes:
      - "remote:${CONDUIT_DATABASE_PATH}"
    environment:
      - "CONDUIT_SERVER_NAME=${DOMAIN}"
      - "CONDUIT_PORT=${PORT}"
      - "CONDUIT_DATABASE_PATH=${CONDUIT_DATABASE_PATH}"
      - "CONDUIT_DATABASE_BACKEND=rocksdb"
      - "CONDUIT_ALLOW_REGISTRATION=false"
      - "CONDUIT_ALLOW_FEDERATION=true"
      - "CONDUIT_ALLOW_CHECK_FOR_UPDATES=false"
      - "CONDUIT_ADDRESS=0.0.0.0"
      - "CONDUIT_CONFIG="
    networks:
      - matrix
      - traefik
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=${TRAEFIK_NETWORK}"
      - "traefik.http.routers.matrix.rule=Host(`${DOMAIN}`)"
      - "traefik.http.routers.matrix.entrypoints=websecure"
      - "traefik.http.routers.matrix.tls=true"
      - "traefik.http.routers.matrix.tls.certresolver=letsencrypt"
      - "traefik.http.services.matrix.loadbalancer.server.port=${PORT}"
      - "traefik.http.routers.matrix.middlewares=cors-headers@docker"

      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"

  well-known:
    image: nginx:alpine
    restart: unless-stopped
    volumes:
      - "./nginx/templates:/etc/nginx/templates"
      - "./nginx/www:/var/www"
    environment:
      - "CONDUIT_DOMAIN=${DOMAIN}"
    networks:
      - traefik
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=${TRAEFIK_NETWORK}"
      - "traefik.http.routers.matrix-well-known.rule=Host(`${DOMAIN}`) && PathPrefix(`/.well-known/matrix`)"
      - "traefik.http.routers.matrix-well-known.entrypoints=websecure"
      - "traefik.http.routers.matrix-well-known.tls=true"
      - "traefik.http.routers.matrix-well-known.tls.certresolver=letsencrypt"
      - "traefik.http.routers.matrix-well-known.middlewares=cors-headers@docker"

      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
      - "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"

  bridge-telegram:
    image: dock.mau.dev/mautrix/telegram:latest
    restart: unless-stopped
    volumes:
      - "./bridges/telegram:/data"
    networks:
      - matrix

  bridge-signal:
    image: dock.mau.dev/mautrix/signalgo:latest
    restart: unless-stopped
    volumes:
      - "./bridges/signal:/data"
    networks:
      - matrix

volumes:
  remote:
    driver: local
    driver_opts:
      type: cifs
      device: "//${REMOTE_DOMAIN}${REMOTE_PATH}"
      o: "addr=${REMOTE_DOMAIN},username=${REMOTE_USERNAME},password=${REMOTE_PASSWORD},file_mode=0777,dir_mode=0777"

networks:
  matrix:
  traefik:
    name: "${TRAEFIK_NETWORK}"
    external: true