services: postgres: image: postgres:18-alpine container_name: edubox-postgres restart: unless-stopped environment: POSTGRES_USER: edubox POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_DB: edubox volumes: - pg_data:/var/lib/postgresql networks: - edubox healthcheck: test: ["CMD-SHELL", "pg_isready -U edubox -d edubox"] interval: 5s timeout: 5s retries: 5 server: build: context: ./server dockerfile: Dockerfile container_name: edubox-server restart: unless-stopped environment: DATABASE_URL: ${DATABASE_URL} NEXTAUTH_SECRET: ${NEXTAUTH_SECRET} NEXTAUTH_URL: ${NEXTAUTH_URL} SUPERADMIN_EMAIL: ${SUPERADMIN_EMAIL} SUPERADMIN_PASSWORD: ${SUPERADMIN_PASSWORD} HEADSCALE_URL: ${HEADSCALE_URL} HEADSCALE_AUTH_KEY: ${HEADSCALE_AUTH_KEY} MAIN_DOMAIN: ${MAIN_DOMAIN} GITEA_URL: ${GITEA_URL} GITEA_TOKEN: ${GITEA_TOKEN} depends_on: postgres: condition: service_healthy networks: - edubox tailscale: image: tailscale/tailscale:latest container_name: edubox-tailscale restart: unless-stopped network_mode: service:server cap_add: - NET_ADMIN - NET_RAW - SYS_MODULE devices: - /dev/net/tun:/dev/net/tun volumes: - tailscale_data:/var/lib/tailscale environment: HEADSCALE_URL: ${HEADSCALE_URL} HEADSCALE_AUTH_KEY: ${HEADSCALE_AUTH_KEY} command: > sh -c "echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf && echo 'net.ipv6.conf.all.forwarding = 1' >> /etc/sysctl.conf && sysctl -p && mkdir -p /var/run/tailscale && tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/var/run/tailscale/tailscaled.sock & sleep 5 && tailscale up --authkey=$${HEADSCALE_AUTH_KEY} --login-server=$${HEADSCALE_URL} --accept-routes --hostname=edubox-server --reset && tail -f /dev/null" depends_on: - server caddy: image: caddy:2-alpine container_name: edubox-caddy restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro - ./agent:/usr/share/caddy/agent:ro - caddy_data:/data - caddy_config:/config networks: - edubox headscale: image: headscale/headscale:latest container_name: edubox-headscale restart: unless-stopped command: serve ports: - "8080:8080" - "3478:3478/udp" volumes: - ./headscale:/etc/headscale networks: - edubox gitea: image: gitea/gitea:latest container_name: edubox-gitea restart: unless-stopped ports: - "3001:3000" environment: - USER_UID=1000 - USER_GID=1000 - GITEA__database__DB_TYPE=sqlite3 - GITEA__database__PATH=/data/gitea/gitea.db volumes: - gitea_data:/data networks: - edubox volumes: pg_data: caddy_data: caddy_config: headscale_data: gitea_data: tailscale_data: networks: edubox: driver: bridge