services: traefik: image: traefik:v3.2 command: - --configFile=/etc/traefik/traefik.yml ports: - "80:80" - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./traefik/traefik.yml:/etc/traefik/traefik.yml:ro - ./traefik/dynamic:/etc/traefik/dynamic - ./traefik/letsencrypt:/letsencrypt networks: - portal_net restart: unless-stopped db: image: postgres:16 environment: POSTGRES_DB: ${POSTGRES_DB} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} volumes: - pg_data:/var/lib/postgresql/data networks: - portal_net restart: unless-stopped api: build: context: ./app environment: DATABASE_URL: postgresql+psycopg2://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB} SIGNING_KEY: ${SIGNING_KEY} PUBLIC_HOST: ${PUBLIC_HOST} ADMIN_USERNAME: ${ADMIN_USERNAME} ADMIN_PASSWORD: ${ADMIN_PASSWORD} SESSION_IDLE_SECONDS: 1800 PREWARM_POOL_SIZE: ${PREWARM_POOL_SIZE:-2} UNIVERSAL_POOL_SIZE: ${UNIVERSAL_POOL_SIZE:-5} LOG_LEVEL: ${LOG_LEVEL:-INFO} depends_on: - db volumes: - /var/run/docker.sock:/var/run/docker.sock - ./app/static/service-icons:/app/static/service-icons labels: - traefik.enable=true - traefik.docker.network=portal_net - traefik.http.routers.portal.rule=Host(`${PUBLIC_HOST}`) - traefik.http.routers.portal.entrypoints=websecure - traefik.http.routers.portal.tls=true - traefik.http.routers.portal.tls.certresolver=letsencrypt - traefik.http.routers.portal.priority=1 - traefik.http.services.portal.loadbalancer.server.port=8000 - traefik.http.routers.portal.middlewares=secure-headers@file networks: - portal_net restart: unless-stopped kiosk-image: image: portal-kiosk:latest build: context: ./kiosk profiles: ["build-only"] rdp-proxy-image: image: portal-rdp-proxy:latest build: context: ./rdp-proxy profiles: ["build-only"] universal-runtime-image: image: portal-universal-runtime:latest build: context: ./universal-runtime profiles: ["build-only"] networks: portal_net: name: portal_net volumes: pg_data: