services: tranquil-pds: build: context: . dockerfile: Dockerfile image: tranquil-pds:latest restart: unless-stopped environment: SERVER_HOST: "0.0.0.0" volumes: - ./config.toml:/etc/tranquil-pds/config.toml:ro - blob_data:/var/lib/tranquil/blobs depends_on: db: condition: service_healthy healthcheck: test: ["CMD", "wget", "-q", "--spider", "http://localhost:3000/xrpc/_health"] interval: 30s timeout: 10s retries: 3 start_period: 10s deploy: resources: limits: memory: 1G reservations: memory: 256M db: image: postgres:18-alpine restart: unless-stopped environment: POSTGRES_USER: tranquil_pds POSTGRES_PASSWORD: "CHANGE-ME" POSTGRES_DB: pds volumes: # In memory of @mrrp.lol when Lewis had "/data" here and the account got nuked on restart including rotation key :( - postgres_data:/var/lib/postgresql healthcheck: test: ["CMD-SHELL", "pg_isready -U tranquil_pds -d pds"] interval: 10s timeout: 5s retries: 5 start_period: 10s deploy: resources: limits: memory: 512M reservations: memory: 128M nginx: image: nginx:1.29-alpine restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro - ./certs:/etc/nginx/certs:ro - acme_challenge:/var/www/acme:ro depends_on: - tranquil-pds healthcheck: test: ["CMD", "nginx", "-t"] interval: 30s timeout: 10s retries: 3 certbot: image: certbot/certbot:v5.2.2 volumes: - ./certs:/etc/letsencrypt - acme_challenge:/var/www/acme entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew --webroot -w /var/www/acme; sleep 12h & wait $${!}; done'" prometheus: image: prom/prometheus:v3.8.0 restart: unless-stopped ports: - "127.0.0.1:9090:9090" volumes: - ./observability/prometheus.yaml:/etc/prometheus/prometheus.yaml:ro - prometheus_data:/prometheus command: - '--config.file=/etc/prometheus/prometheus.yaml' - '--storage.tsdb.path=/prometheus' - '--storage.tsdb.retention.time=30d' deploy: resources: limits: memory: 256M volumes: postgres_data: blob_data: prometheus_data: acme_challenge: