88 lines
2.5 KiB
YAML
88 lines
2.5 KiB
YAML
services:
|
|
peertube:
|
|
image: chocobozzz/peertube:production-bookworm
|
|
container_name: peertube
|
|
networks:
|
|
- proxy
|
|
ports:
|
|
- "1935"
|
|
depends_on:
|
|
postgres-peertube:
|
|
condition: service_healthy
|
|
redis-peertube:
|
|
condition: service_started
|
|
environment:
|
|
- PEERTUBE_DB_USERNAME=${POSTGRES_USER}
|
|
- PEERTUBE_DB_PASSWORD=${POSTGRES_PASSWORD}
|
|
- PEERTUBE_DB_SSL=false
|
|
- PEERTUBE_DB_HOSTNAME=postgres-peertube
|
|
- PEERTUBE_REDIS_HOSTNAME=redis-peertube
|
|
- PEERTUBE_WEBSERVER_HOSTNAME=${PEERTUBE_HOSTNAME}
|
|
- PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "172.18.0.0/16"]
|
|
- PEERTUBE_SECRET=${PEERTUBE_SECRET}
|
|
- PEERTUBE_ADMIN_EMAIL=${PEERTUBE_ADMIN_EMAIL}
|
|
- PT_INITIAL_ROOT_PASSWORD=${PT_INITIAL_ROOT_PASSWORD}
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_DISCOVER_URL=https://auth.chatons.duckdns.org/realms/chatons/.well-known/openid-configuration
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_CLIENT_ID=peertube
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_CLIENT_SECRET=${PEERTUBE_OIDC_CLIENT_SECRET}
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_SCOPE=openid profile email
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_USERNAME_PROPERTY=preferred_username
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_MAIL_PROPERTY=email
|
|
- PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_DISPLAY_NAME_PROPERTY=name
|
|
volumes:
|
|
- peertube-data:/data
|
|
- peertube-config:/config
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
postgres-peertube:
|
|
image: library/postgres
|
|
container_name: peertube-db
|
|
read_only: true
|
|
environment:
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
- POSTGRES_DB=peertube
|
|
tmpfs:
|
|
- /tmp
|
|
- /run/postgresql
|
|
volumes:
|
|
- postgres-peer-data:/var/lib/postgresql
|
|
networks:
|
|
- proxy
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d peertube"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
redis-peertube:
|
|
image: library/redis
|
|
container_name: peertube-redis
|
|
read_only: true
|
|
tmpfs:
|
|
- /tmp
|
|
volumes:
|
|
- redis-peer-data:/data
|
|
networks:
|
|
- proxy
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
|
|
|
|
volumes:
|
|
peertube-data:
|
|
name: peertube-data
|
|
peertube-config:
|
|
name: peertube-config
|
|
postgres-peer-data:
|
|
name: postgres-peer-data
|
|
redis-peer-data:
|
|
name: redis-peer-data
|
|
|
|
networks:
|
|
proxy:
|
|
name: proxy
|
|
external: true |