version: "3.5" services: reverse-proxy: image: traefik:v2.6 command: - --log.level=${LOG_LEVEL} - --providers.docker # Entry points - --entryPoints.web.address=:${HTTP_PORT} - --entrypoints.web.http.redirections.entryPoint.to=websecure - --entrypoints.web.http.redirections.entryPoint.scheme=https - --entryPoints.websecure.address=:${HTTPS_PORT} # HTTP challenge - --certificatesresolvers.myresolver.acme.email=${ACME_EMAIL} - --certificatesresolvers.myresolver.acme.storage=/acme.json - --certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web # Let's Encrypt's staging server # uncomment during testing to avoid rate limiting #- --certificatesresolvers.dnsresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory ports: - "${HTTP_PORT}:80" - "${HTTPS_PORT}:443" volumes: - /var/run/docker.sock:/var/run/docker.sock - ${DATA_DIR}/letsencrypt/acme.json:/acme.json restart: ${RESTART_POLICY} front: build: context: ../.. dockerfile: front/Dockerfile #image: thecodingmachine/workadventure-front:${VERSION} environment: - DEBUG_MODE - JITSI_URL - JITSI_PRIVATE_MODE - PUSHER_URL=//${PUSHER_HOST} - ICON_URL=//${ICON_HOST} - TURN_SERVER - TURN_USER - TURN_PASSWORD - TURN_STATIC_AUTH_SECRET - STUN_SERVER - START_ROOM_URL - SKIP_RENDER_OPTIMIZATIONS - MAX_PER_GROUP - MAX_USERNAME_LENGTH - DISABLE_ANONYMOUS - DISABLE_NOTIFICATIONS labels: - "traefik.http.routers.front.rule=Host(`${FRONT_HOST}`)" - "traefik.http.routers.front.entryPoints=web" - "traefik.http.services.front.loadbalancer.server.port=80" - "traefik.http.routers.front-ssl.rule=Host(`${FRONT_HOST}`)" - "traefik.http.routers.front-ssl.entryPoints=websecure" - "traefik.http.routers.front-ssl.service=front" - "traefik.http.routers.front-ssl.tls=true" - "traefik.http.routers.front-ssl.tls.certresolver=myresolver" restart: ${RESTART_POLICY} pusher: build: context: ../.. dockerfile: pusher/Dockerfile #image: thecodingmachine/workadventure-pusher:${VERSION} command: yarn run runprod environment: - SECRET_JITSI_KEY - SECRET_KEY - API_URL - FRONT_URL=https://${FRONT_HOST} - JITSI_URL - JITSI_ISS - DISABLE_ANONYMOUS labels: - "traefik.http.routers.pusher.rule=Host(`${PUSHER_HOST}`)" - "traefik.http.routers.pusher.entryPoints=web" - "traefik.http.services.pusher.loadbalancer.server.port=8080" - "traefik.http.routers.pusher-ssl.rule=Host(${PUSHER_HOST}`)" - "traefik.http.routers.pusher-ssl.entryPoints=websecure" - "traefik.http.routers.pusher-ssl.service=pusher" - "traefik.http.routers.pusher-ssl.tls=true" - "traefik.http.routers.pusher-ssl.tls.certresolver=myresolver" restart: ${RESTART_POLICY} back: build: context: ../.. dockerfile: back/Dockerfile #image: thecodingmachine/workadventure-back:${VERSION} command: yarn run runprod environment: - SECRET_JITSI_KEY - SECRET_KEY - ADMIN_API_TOKEN - ADMIN_API_URL - TURN_SERVER - TURN_USER - TURN_PASSWORD - TURN_STATIC_AUTH_SECRET - STUN_SERVER - JITSI_URL - JITSI_ISS - MAX_PER_GROUP - STORE_VARIABLES_FOR_LOCAL_MAPS labels: - "traefik.http.routers.back.rule=Host(`${BACK_HOST}`)" - "traefik.http.routers.back.entryPoints=web" - "traefik.http.services.back.loadbalancer.server.port=8080" - "traefik.http.routers.back-ssl.rule=Host(`${BACK_HOST}`)" - "traefik.http.routers.back-ssl.entryPoints=websecure" - "traefik.http.routers.back-ssl.service=back" - "traefik.http.routers.back-ssl.tls=true" - "traefik.http.routers.back-ssl.tls.certresolver=myresolver" restart: ${RESTART_POLICY} icon: image: matthiasluedtke/iconserver:v3.13.0 labels: - "traefik.http.routers.icon.rule=Host(`${ICON_HOST}`)" - "traefik.http.routers.icon.entryPoints=web,traefik" - "traefik.http.services.icon.loadbalancer.server.port=8080" - "traefik.http.routers.icon-ssl.rule=Host(`${ICON_HOST}`)" - "traefik.http.routers.icon-ssl.entryPoints=websecure" - "traefik.http.routers.icon-ssl.service=icon" - "traefik.http.routers.icon-ssl.tls=true" - "traefik.http.routers.icon-ssl.tls.certresolver=myresolver"