bitpoll/docker-compose.yml

---

services:
  nginx:
    image: ghcr.io/nginx/nginx-unprivileged:${NGINX_TAG:?NGINX_TAG is not configured}
    restart: unless-stopped
    depends_on:
      - bitpoll
    read_only: true
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ./data/config/nginx-templates:/etc/nginx/templates:ro
      - static:/var/www
    tmpfs:
      - /etc/nginx/conf.d:uid=101,gid=101
      - /tmp
      - /var/cache/nginx
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL
    networks:
      - appnet
      - dokploy-network
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=dokploy-network"

      - "traefik.http.services.bitpoll-nginx.loadbalancer.server.port=8080" # set port the container listenes to
      - "traefik.http.services.bitpoll-nginx.loadbalancer.server.scheme=http"

      - "traefik.http.routers.bitpoll-nginx-web.rule=Host(`${PUBLIC_DOMAIN}`)"
      - "traefik.http.routers.bitpoll-nginx-web.service=bitpoll-nginx@docker"
      - "traefik.http.routers.bitpoll-nginx-web.entrypoints=web"
      - "traefik.http.routers.bitpoll-nginx-web.middlewares=redirect-to-https@file"

      - "traefik.http.routers.bitpoll-nginx-websecure.rule=Host(`${PUBLIC_DOMAIN}`)" # change hostname!
      - "traefik.http.routers.bitpoll-nginx-websecure.service=bitpoll-nginx@docker"
      - "traefik.http.routers.bitpoll-nginx-websecure.entrypoints=websecure"
      - "traefik.http.routers.bitpoll-nginx-websecure.tls=true"
      - "traefik.http.routers.bitpoll-nginx-websecure.tls.options=modern@file"
      - "traefik.http.routers.bitpoll-nginx-websecure.tls.certresolver=hetzner"
      - "traefik.http.routers.bitpoll-nginx-websecure.tls.domains[0].main=${TLS_DOMAIN}"
      - "traefik.http.routers.bitpoll-nginx-websecure.middlewares=secHeaders@file, hsts-header@file"

  bitpoll:
    image: ghcr.io/fsinfuhh/bitpoll:${BITPOLL_TAG:?BITPOLL_TAG is not configured}
    restart: unless-stopped
    depends_on:
      db:
        condition: service_healthy
    environment:
      BITPOLL_SECRET_KEY: ${BITPOLL_SECRET_KEY?:BITPOLL_SECRET_KEY is required!}
      BITPOLL_FIELD_ENCRYPTION_KEY: ${BITPOLL_FIELD_ENCRYPTION_KEY?:BITPOLL_FIELD_ENCRYPTION_KEY is required!}
      BITPOLL_DB_PASSWORD: ${BITPOLL_DB_PASSWORD?:BITPOLL_DB_PASSWORD is required!}
    networks:
      - appnet
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - static:/opt/static
      - ./data/config/bitpoll:/opt/config
      - log:/opt/log

  db:
    image: postgres:${POSTGRES_TAG:?POSTGRES_TAG is not configured}
    restart: unless-stopped
    environment:
      POSTGRES_USER: bitpoll
      POSTGRES_DB: bitpoll
      POSTGRES_PASSWORD: ${BITPOLL_DB_PASSWORD?:BITPOLL_DB_PASSWORD is required!}
    healthcheck:
      interval: 30s
      retries: 5
      start_period: 20s
      test:
      - CMD-SHELL
      - pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}
      timeout: 5s
    networks:
      - appnet
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - db:/var/lib/postgresql/data:rw

volumes:
  static:
    driver: local
  log:
    driver: local
  db:
    driver: local

networks:
  appnet:
  dokploy-network:
    # external: true