Add self-contained Docker Compose stacks for pivoine.art infrastructure

Migrated 11 services from monolithic docker-compose project into independent stacks, each with dedicated databases, minimal .env configuration, and bind-mount data volumes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 22:41:50 +01:00
commit f21e0611b4
36 changed files with 896 additions and 0 deletions
--- a/mattermost/compose.yml
+++ b/mattermost/compose.yml
@@ -0,0 +1,68 @@
+---
+services:
+  mattermost:
+    image: mattermost/mattermost-team-edition:latest
+    container_name: mattermost
+    security_opt:
+      - no-new-privileges:true
+    pids_limit: 200
+    tmpfs:
+      - /tmp
+    environment:
+      TZ: ${TIMEZONE:-Europe/Amsterdam}
+      MM_SQLSETTINGS_DRIVERNAME: postgres
+      MM_SQLSETTINGS_DATASOURCE: postgres://mattermost:mattermost@mattermost_db:5432/mattermost?sslmode=disable&connect_timeout=10
+      MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
+      MM_SERVICESETTINGS_SITEURL: https://${TRAEFIK_HOST}
+      MM_SERVICESETTINGS_ENABLELOCALMODE: "true"
+      MM_EMAILSETTINGS_ENABLESMTPAUTH: "false"
+      MM_EMAILSETTINGS_SMTPSERVER: mailpit
+      MM_EMAILSETTINGS_SMTPPORT: "1025"
+      MM_EMAILSETTINGS_CONNECTIONSECURITY: ""
+      MM_EMAILSETTINGS_FEEDBACKNAME: Mattermost
+    volumes:
+      - ../.data/mattermost/config:/mattermost/config:rw
+      - ../.data/mattermost/data:/mattermost/data:rw
+      - ../.data/mattermost/plugins:/mattermost/plugins:rw
+      - ../.data/mattermost/client-plugins:/mattermost/client/plugins:rw
+      - ../.data/mattermost/bleve:/mattermost/bleve-indexes:rw
+    depends_on:
+      db:
+        condition: service_healthy
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.middlewares.mattermost-redirect-web-secure.redirectscheme.scheme=https"
+      - "traefik.http.routers.mattermost-web.middlewares=mattermost-redirect-web-secure"
+      - "traefik.http.routers.mattermost-web.rule=Host(`${TRAEFIK_HOST}`)"
+      - "traefik.http.routers.mattermost-web.entrypoints=web"
+      - "traefik.http.routers.mattermost-web-secure.rule=Host(`${TRAEFIK_HOST}`)"
+      - "traefik.http.routers.mattermost-web-secure.tls.certresolver=resolver"
+      - "traefik.http.routers.mattermost-web-secure.entrypoints=web-secure"
+      - "traefik.http.routers.mattermost-web-secure.middlewares=security-headers@file"
+      - "traefik.http.services.mattermost-web-secure.loadbalancer.server.port=8065"
+      - "traefik.docker.network=${NETWORK_NAME}"
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - compose_network
+  db:
+    image: postgres:16-alpine
+    container_name: mattermost_db
+    environment:
+      POSTGRES_DB: mattermost
+      POSTGRES_USER: mattermost
+      POSTGRES_PASSWORD: mattermost
+    volumes:
+      - ../.data/mattermost/db:/var/lib/postgresql/data
+    restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    networks:
+      - compose_network
+networks:
+  compose_network:
+    name: ${NETWORK_NAME}
+    external: true