services: landing: image: ${KIT_LANDING_IMAGE:-ghcr.io/valknarness/kit-ui:latest} container_name: ${KIT_COMPOSE_PROJECT_NAME}_landing restart: unless-stopped networks: - compose_network labels: - 'traefik.enable=${KIT_TRAEFIK_ENABLED}' # HTTP to HTTPS redirect - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-landing-redirect-web-secure.redirectscheme.scheme=https' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-landing-redirect-web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.rule=Host(`${KIT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.entrypoints=web' # HTTPS router - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.rule=Host(`${KIT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.tls.certresolver=resolver' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.entrypoints=web-secure' - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-landing-compress.compress=true' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-landing-compress,security-headers@file' # Service - 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-landing.loadbalancer.server.port=80' - 'traefik.docker.network=${NETWORK_NAME}' # Watchtower - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' vert: image: ${KIT_VERT_IMAGE:-ghcr.io/vert-sh/vert:latest} container_name: ${KIT_COMPOSE_PROJECT_NAME}_vert restart: unless-stopped environment: PUB_HOSTNAME: ${KIT_VERT_TRAEFIK_HOST} PUB_ENV: production PUB_DISABLE_ALL_EXTERNAL_REQUESTS: true networks: - compose_network labels: - 'traefik.enable=${KIT_TRAEFIK_ENABLED}' # HTTP to HTTPS redirect - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-redirect-web-secure.redirectscheme.scheme=https' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-redirect-web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.rule=Host(`${KIT_VERT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.entrypoints=web' # HTTPS router with auth - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.rule=Host(`${KIT_VERT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.tls.certresolver=resolver' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.entrypoints=web-secure' - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-compress.compress=true' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-compress,security-headers@file' # Service - 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-vert.loadbalancer.server.port=80' - 'traefik.docker.network=${NETWORK_NAME}' # Watchtower - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' paint: build: context: . dockerfile: Dockerfile image: minipaint:latest container_name: ${KIT_COMPOSE_PROJECT_NAME}_paint restart: unless-stopped networks: - compose_network labels: - 'traefik.enable=${KIT_TRAEFIK_ENABLED}' # HTTP to HTTPS redirect - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-redirect-web-secure.redirectscheme.scheme=https' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-redirect-web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.rule=Host(`${KIT_PAINT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.entrypoints=web' # HTTPS router - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.rule=Host(`${KIT_PAINT_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.tls.certresolver=resolver' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.entrypoints=web-secure' - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-compress.compress=true' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-compress,security-headers@file' # Service - 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-paint.loadbalancer.server.port=80' - 'traefik.docker.network=${NETWORK_NAME}' # Watchtower - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' pastel_api: image: ${KIT_PASTEL_API_IMAGE:-ghcr.io/valknarness/pastel-api:latest} container_name: ${KIT_COMPOSE_PROJECT_NAME}_pastel_api restart: unless-stopped networks: - compose_network labels: - 'traefik.enable=${KIT_TRAEFIK_ENABLED}' # HTTP to HTTPS redirect - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-redirect-web-secure.redirectscheme.scheme=https' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-api-redirect-web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`) && PathPrefix(`/api`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.entrypoints=web' # HTTPS router - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`) && PathPrefix(`/api`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.tls.certresolver=resolver' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.entrypoints=web-secure' - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-compress.compress=true' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-api-compress,security-headers@file' # Service - 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-pastel-api.loadbalancer.server.port=3000' - 'traefik.docker.network=${NETWORK_NAME}' # Watchtower - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' pastel_ui: image: ${KIT_PASTEL_UI_IMAGE:-ghcr.io/valknarness/pastel-ui:latest} container_name: ${KIT_COMPOSE_PROJECT_NAME}_pastel_ui restart: unless-stopped networks: - compose_network labels: - 'traefik.enable=${KIT_TRAEFIK_ENABLED}' # HTTP to HTTPS redirect - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-redirect-web-secure.redirectscheme.scheme=https' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-redirect-web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.entrypoints=web' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.priority=1' # HTTPS router - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`)' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.tls.certresolver=resolver' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.entrypoints=web-secure' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.priority=1' - 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-compress.compress=true' - 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-compress,security-headers@file' # Service - 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui.loadbalancer.server.port=3000' - 'traefik.docker.network=${NETWORK_NAME}' # Watchtower - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' networks: compose_network: name: ${NETWORK_NAME} external: true