6734e9557b
This takes part of the work being done in #96 that was reverted but still useful. Note Tailwind and Fresh weren't upgraded because there's no security vulnerability in either, and I have found the new versions to be worse in performance. Thos will likely stay at those fixed versions going forward.
59 lines
1.4 KiB
YAML
59 lines
1.4 KiB
YAML
services:
|
|
website:
|
|
image: ghcr.io/bewcloud/bewcloud:v2.6.0
|
|
restart: always
|
|
ports:
|
|
- 127.0.0.1:8000:8000
|
|
mem_limit: '256m'
|
|
env_file:
|
|
- path: .env
|
|
required: true
|
|
volumes:
|
|
- ./data-files:/app/data-files
|
|
- ./bewcloud.config.ts:/app/bewcloud.config.ts
|
|
|
|
postgresql:
|
|
image: postgres:17
|
|
environment:
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD=fake
|
|
- POSTGRES_DB=bewcloud
|
|
restart: always
|
|
volumes:
|
|
- bewcloud-db:/var/lib/postgresql/data
|
|
# NOTE: uncomment below only if you need to connect to the database from outside the container
|
|
# ports:
|
|
# - 127.0.0.1:5432:5432
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
mem_limit: '256m'
|
|
|
|
# NOTE: If you don't want to use the CardDav/CalDav servers, you can comment/remove this service.
|
|
radicale:
|
|
image: tomsquest/docker-radicale:3.5.6.0
|
|
# NOTE: uncomment below only if you need to connect to the CardDav/CalDav servers from outside the container
|
|
# ports:
|
|
# - 127.0.0.1:5232:5232
|
|
init: true
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
cap_add:
|
|
- SETUID
|
|
- SETGID
|
|
- CHOWN
|
|
- KILL
|
|
restart: always
|
|
volumes:
|
|
- ./data-radicale:/data
|
|
- ./radicale-config:/config:ro
|
|
mem_limit: '256m'
|
|
|
|
volumes:
|
|
bewcloud-db:
|
|
driver: local
|