8a9deb8ebc
- Agent: URL serveur par défaut, node_id auto-généré, config Headscale vide par défaut - Serveur: lors de l’activation, renvoie headscaleUrl + headscaleAuthKey - Agent: sauvegarde la config reçue et démarre Tailscale automatiquement - docker-compose.yml: passe HEADSCALE_URL et HEADSCALE_AUTH_KEY au service server - Mise à jour du suivi avec le flow zéro-config
119 lines
2.7 KiB
YAML
119 lines
2.7 KiB
YAML
services:
|
|
postgres:
|
|
image: postgres:18-alpine
|
|
container_name: studioe5-postgres
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_USER: studioe5
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
POSTGRES_DB: studioe5
|
|
volumes:
|
|
- pg_data:/var/lib/postgresql
|
|
networks:
|
|
- studioe5
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U studioe5 -d studioe5"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
server:
|
|
build:
|
|
context: ./server
|
|
dockerfile: Dockerfile
|
|
container_name: studioe5-server
|
|
volumes:
|
|
- ./server/public:/app/public:ro
|
|
restart: unless-stopped
|
|
environment:
|
|
DATABASE_URL: ${DATABASE_URL}
|
|
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
|
|
NEXTAUTH_URL: ${NEXTAUTH_URL}
|
|
SUPERADMIN_EMAIL: ${SUPERADMIN_EMAIL}
|
|
SUPERADMIN_PASSWORD: ${SUPERADMIN_PASSWORD}
|
|
MAIN_DOMAIN: ${MAIN_DOMAIN}
|
|
HEADSCALE_URL: ${HEADSCALE_URL}
|
|
HEADSCALE_AUTH_KEY: ${HEADSCALE_AUTH_KEY}
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
networks:
|
|
- studioe5
|
|
|
|
resolver:
|
|
build:
|
|
context: ./resolver
|
|
dockerfile: Dockerfile
|
|
container_name: studioe5-resolver
|
|
restart: unless-stopped
|
|
environment:
|
|
DATABASE_URL: ${DATABASE_URL}
|
|
MAIN_DOMAIN: ${MAIN_DOMAIN}
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
networks:
|
|
- studioe5
|
|
|
|
resolver-vpn:
|
|
image: tailscale/tailscale:latest
|
|
container_name: studioe5-resolver-vpn
|
|
restart: unless-stopped
|
|
network_mode: service:resolver
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
devices:
|
|
- /dev/net/tun:/dev/net/tun
|
|
environment:
|
|
TS_AUTHKEY: ${HEADSCALE_AUTH_KEY}
|
|
TS_LOGIN_SERVER: ${HEADSCALE_URL}
|
|
TS_EXTRA_ARGS: --login-server=${HEADSCALE_URL}
|
|
TS_STATE_DIR: /var/lib/tailscale
|
|
TS_HOSTNAME: studioe5-resolver
|
|
TS_USERSPACE: "false"
|
|
TS_ACCEPT_DNS: "false"
|
|
volumes:
|
|
- resolver_ts_state:/var/lib/tailscale
|
|
depends_on:
|
|
- resolver
|
|
|
|
caddy:
|
|
image: caddy:2-alpine
|
|
container_name: studioe5-caddy
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./Caddyfile:/etc/caddy/Caddyfile:ro
|
|
- ./agent:/usr/share/caddy/agent:ro
|
|
- caddy_data:/data
|
|
- caddy_config:/config
|
|
networks:
|
|
- studioe5
|
|
|
|
headscale:
|
|
image: headscale/headscale:latest
|
|
container_name: studioe5-headscale
|
|
restart: unless-stopped
|
|
command: serve
|
|
ports:
|
|
- "8080:8080"
|
|
- "3478:3478/udp"
|
|
volumes:
|
|
- ./headscale:/etc/headscale
|
|
networks:
|
|
- studioe5
|
|
|
|
volumes:
|
|
pg_data:
|
|
caddy_data:
|
|
caddy_config:
|
|
headscale_data:
|
|
resolver_ts_state:
|
|
|
|
networks:
|
|
studioe5:
|
|
driver: bridge
|