75 lines
2.2 KiB
YAML
75 lines
2.2 KiB
YAML
services:
|
|
# Tailscale container
|
|
tailscale:
|
|
hostname: ${TAILNET_NAME} # This will become the tailscale device name
|
|
image: tailscale/tailscale
|
|
volumes:
|
|
- ./data/tailscale:/tailscale # State data will be stored in this directory
|
|
- /dev/net/tun:/dev/net/tun # Required for tailscale to work
|
|
- ./data/tailscaled.run:/tmp # tailscale socket required for Caddy SSL registration
|
|
cap_add: # Required for tailscale to work
|
|
- net_admin
|
|
- sys_module
|
|
environment:
|
|
TS_AUTHKEY: ${TS_AUTHKEY}
|
|
TS_AUTH_ONCE: true
|
|
TS_STATE_DIR: /tailscale
|
|
restart: unless-stopped
|
|
|
|
# Caddy: Proxy + TLS
|
|
caddy:
|
|
image: caddy:alpine
|
|
network_mode: service:tailscale
|
|
volumes:
|
|
- ./data/caddy_data:/data
|
|
- ./data/tailscaled.run:/var/run/tailscale
|
|
command: ["caddy", "reverse-proxy", "--from", "${TAILNET_FULLNAME}", "--to", "n8n:5678"]
|
|
depends_on:
|
|
- tailscale
|
|
- n8n
|
|
restart: unless-stopped
|
|
|
|
postgres:
|
|
image: postgres:16
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER
|
|
- POSTGRES_PASSWORD
|
|
- POSTGRES_DB
|
|
- POSTGRES_NON_ROOT_USER
|
|
- POSTGRES_NON_ROOT_PASSWORD
|
|
volumes:
|
|
- ./data/postgres:/var/lib/postgresql/data
|
|
- ./init-data.sh:/docker-entrypoint-initdb.d/init-data.sh
|
|
healthcheck:
|
|
test: ['CMD-SHELL', 'pg_isready -h localhost -U ${POSTGRES_USER} -d ${POSTGRES_DB}']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
n8n:
|
|
image: docker.n8n.io/n8nio/n8n
|
|
restart: always
|
|
environment:
|
|
- DB_TYPE=postgresdb
|
|
- DB_POSTGRESDB_HOST=postgres
|
|
- DB_POSTGRESDB_PORT=5432
|
|
- DB_POSTGRESDB_DATABASE=${POSTGRES_DB}
|
|
- DB_POSTGRESDB_USER=${POSTGRES_NON_ROOT_USER}
|
|
- DB_POSTGRESDB_PASSWORD=${POSTGRES_NON_ROOT_PASSWORD}
|
|
- WEBHOOK_URL=${WEBHOOK_URL}
|
|
- NODE_ENV=${NODE_ENV}
|
|
links:
|
|
- postgres
|
|
volumes:
|
|
- ./data/n8n:/home/node/.n8n
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
|
|
tunnel:
|
|
image: cloudflare/cloudflared
|
|
command: tunnel --no-autoupdate run
|
|
restart: unless-stopped
|
|
environment:
|
|
TUNNEL_TOKEN: $TUNNEL_TOKEN |