2025-11-08 20:54:48 +01:00
|
|
|
services:
|
|
|
|
|
tandoor:
|
|
|
|
|
image: ${TANDOOR_IMAGE:-vabene1111/recipes:latest}
|
|
|
|
|
container_name: ${TANDOOR_COMPOSE_PROJECT_NAME}_app
|
|
|
|
|
restart: unless-stopped
|
|
|
|
|
environment:
|
|
|
|
|
# Django settings
|
|
|
|
|
SECRET_KEY: ${TANDOOR_SECRET_KEY}
|
|
|
|
|
ALLOWED_HOSTS: ${TANDOOR_TRAEFIK_HOST}
|
|
|
|
|
TIMEZONE: ${TIMEZONE:-Europe/Berlin}
|
|
|
|
|
|
|
|
|
|
# Database configuration
|
|
|
|
|
DB_ENGINE: django.db.backends.postgresql
|
|
|
|
|
POSTGRES_HOST: ${CORE_DB_HOST}
|
|
|
|
|
POSTGRES_PORT: ${CORE_DB_PORT}
|
|
|
|
|
POSTGRES_USER: ${DB_USER}
|
|
|
|
|
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
|
|
|
|
POSTGRES_DB: ${TANDOOR_DB_NAME}
|
|
|
|
|
|
|
|
|
|
# Application settings
|
|
|
|
|
ENABLE_SIGNUP: ${TANDOOR_ENABLE_SIGNUP:-0}
|
|
|
|
|
REVERSE_PROXY_AUTH: ${TANDOOR_REVERSE_PROXY_AUTH:-0}
|
|
|
|
|
|
|
|
|
|
# Email configuration (IONOS SMTP)
|
|
|
|
|
EMAIL_HOST: ${EMAIL_SMTP_HOST}
|
|
|
|
|
EMAIL_PORT: ${EMAIL_SMTP_PORT}
|
|
|
|
|
EMAIL_HOST_USER: ${EMAIL_SMTP_USER}
|
|
|
|
|
EMAIL_HOST_PASSWORD: ${EMAIL_SMTP_PASSWORD}
|
|
|
|
|
EMAIL_USE_TLS: ${TANDOOR_EMAIL_USE_TLS:-0}
|
|
|
|
|
EMAIL_USE_SSL: ${TANDOOR_EMAIL_USE_SSL:-1}
|
|
|
|
|
DEFAULT_FROM_EMAIL: ${EMAIL_FROM}
|
|
|
|
|
|
|
|
|
|
# Gunicorn settings
|
|
|
|
|
GUNICORN_MEDIA: ${TANDOOR_GUNICORN_MEDIA:-0}
|
|
|
|
|
|
|
|
|
|
# Optional features
|
|
|
|
|
COMMENT_PREF_DEFAULT: ${TANDOOR_COMMENT_PREF_DEFAULT:-1}
|
|
|
|
|
SHOPPING_MIN_AUTOSYNC_INTERVAL: ${TANDOOR_SHOPPING_MIN_AUTOSYNC_INTERVAL:-5}
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- tandoor_staticfiles:/opt/recipes/staticfiles
|
|
|
|
|
- tandoor_mediafiles:/opt/recipes/mediafiles
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- postgres
|
|
|
|
|
|
|
|
|
|
networks:
|
|
|
|
|
- compose_network
|
|
|
|
|
|
|
|
|
|
labels:
|
|
|
|
|
- 'traefik.enable=${TANDOOR_TRAEFIK_ENABLED}'
|
|
|
|
|
# HTTP to HTTPS redirect
|
|
|
|
|
- 'traefik.http.middlewares.${TANDOOR_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.middlewares=${TANDOOR_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.rule=Host(`${TANDOOR_TRAEFIK_HOST}`)'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
|
|
|
|
# HTTPS router
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${TANDOOR_TRAEFIK_HOST}`)'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
|
|
|
|
- 'traefik.http.middlewares.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
|
|
|
|
|
- 'traefik.http.routers.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
|
|
|
|
|
# Service
|
2025-11-08 21:07:02 +01:00
|
|
|
- 'traefik.http.services.${TANDOOR_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=80'
|
2025-11-08 20:54:48 +01:00
|
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
|
|
|
# Watchtower
|
|
|
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
tandoor_staticfiles:
|
|
|
|
|
name: ${TANDOOR_COMPOSE_PROJECT_NAME}_staticfiles
|
|
|
|
|
tandoor_mediafiles:
|
|
|
|
|
name: ${TANDOOR_COMPOSE_PROJECT_NAME}_mediafiles
|
|
|
|
|
|
|
|
|
|
networks:
|
|
|
|
|
compose_network:
|
|
|
|
|
name: ${NETWORK_NAME}
|
|
|
|
|
external: true
|
