infrastructure/ansible/roles/pve_docker/files/tt-rss/docker-compose.yml
Jake Howard d5c7d94ac8
Run traefik as dockeruser, and without host networking
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
2022-01-15 23:44:06 +00:00

45 lines
1.1 KiB
YAML

version: "2.3"
services:
tt-rss:
image: registry.gitlab.com/lunik1/docker-tt-rss:latest
environment:
- PUID={{ docker_user.id }}
- PGID={{ docker_user.id }}
- TZ={{ timezone }}
- DOCKER_MODS=theorangeone/lsio-mod-more-processes:latest
- TTRSS_DB_USER=tt-rss
- TTRSS_DB_NAME=tt-rss
- TTRSS_DB_PASS=tt-rss
- TTRSS_SELF_URL_PATH=https://tt-rss.jakehoward.tech/
- TTRSS_ENABLE_REGISTRATION=false
- TTRSS_CHECK_FOR_UPDATES=false
- TTRSS_ENABLE_GZIP_OUTPUT=true
volumes:
- "{{ app_data_dir }}/tt-rss/feed-icons:/config/feed-icons"
- ./plugins:/config/plugins.local
restart: unless-stopped
labels:
- traefik.enable=true
- traefik.http.routers.tt-rss.rule=Host(`tt-rss.jakehoward.tech`)
depends_on:
- db
tmpfs:
- /config/log
networks:
- default
- traefik
db:
image: postgres:14-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/postgres/tt-rss/:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=tt-rss
- POSTGRES_USER=tt-rss
networks:
traefik:
external: true