version: "3.9" services: nomadnet: image: ghcr.io/markqvist/nomadnet:master container_name: nomadnet restart: always volumes: - /mnt/HoardingCow_docker_data/Nomadnet:/root/.nomadnetwork - /mnt/HoardingCow_docker_data/Reticulum:/root/.reticulum # Reticulum transport must be reachable directly (NOT through Traefik) ports: - "4242:4242" synapse: image: ghcr.io/element-hq/synapse:latest container_name: synapse restart: always volumes: - /mnt/HoardingCow_docker_data/Matrix/data:/data networks: - coms_net - coms_backend depends_on: synapse-db: condition: service_healthy labels: - "traefik.enable=true" - "traefik.http.routers.matrix-http.rule=Host(`matrix.lazyworkhorse.net`)" - "traefik.http.routers.matrix-http.entrypoints=web" - "traefik.http.routers.matrix-http.middlewares=redirect-to-https" - "traefik.http.routers.matrix-https.rule=Host(`matrix.lazyworkhorse.net`)" - "traefik.http.routers.matrix-https.entrypoints=websecure" - "traefik.http.routers.matrix-https.tls=true" - "traefik.http.routers.matrix-https.tls.certresolver=njalla" - "traefik.http.services.matrix-https.loadbalancer.server.port=8008" - "traefik.docker.network=coms_net" synapse-db: image: postgres:17-alpine container_name: synapse-db restart: always environment: - POSTGRES_USER=synapse - POSTGRES_PASSWORD=${SYNAPSE_DB_PASSWORD} - POSTGRES_DB=synapse - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C volumes: - /mnt/HoardingCow_docker_data/Matrix/db:/var/lib/postgresql/data networks: - coms_backend healthcheck: test: ["CMD-SHELL", "pg_isready -U synapse"] interval: 5s timeout: 5s retries: 10 synapse-admin: image: awesometechnologies/synapse-admin:latest container_name: synapse-admin restart: always networks: - coms_net labels: - "traefik.enable=true" - "traefik.http.routers.synapse-admin-http.rule=Host(`synadm.lazyworkhorse.net`)" - "traefik.http.routers.synapse-admin-http.entrypoints=web" - "traefik.http.routers.synapse-admin-http.middlewares=redirect-to-https" - "traefik.http.routers.synapse-admin-https.rule=Host(`synadm.lazyworkhorse.net`)" - "traefik.http.routers.synapse-admin-https.entrypoints=websecure" - "traefik.http.routers.synapse-admin-https.tls=true" - "traefik.http.routers.synapse-admin-https.tls.certresolver=njalla" - "traefik.http.services.synapse-admin.loadbalancer.server.port=80" # rbrowser: # build: # context: https://github.com/fr33n0w/rBrowser.git#main # container_name: rbrowser # restart: unless-stopped # user: "1000:1000" # depends_on: # - nomadnet # volumes: # # share Reticulum identity + network state # - /mnt/HoardingCow_docker_data/Reticulum:/home/appuser/.reticulum # networks: # - traefik-net # labels: # - "traefik.enable=true" # # # HTTP → HTTPS # - "traefik.http.routers.rns-http.rule=Host(`nomad.lazyworkhorse.net`)" # - "traefik.http.routers.rns-http.entrypoints=web" # - "traefik.http.routers.rns-http.middlewares=redirect-to-https" # # # HTTPS protected by Authelia # - "traefik.http.routers.rns-https.rule=Host(`nomad.lazyworkhorse.net`)" # - "traefik.http.routers.rns-https.entrypoints=websecure" # - "traefik.http.routers.rns-https.tls=true" # - "traefik.http.routers.rns-https.tls.certresolver=njalla" # - "traefik.http.routers.rns-https.middlewares=authelia-auth" # # - "traefik.http.services.rns.loadbalancer.server.port=5000" networks: coms_net: external: true name: coms_net coms_backend: driver: bridge name: coms_backend