# This file allows you to run mattermost within your docker swarm mode cluster # for more informations check: https://docs.docker.com/engine/swarm/ # # Simply run: # # `docker stack up [STACK NAME] -c docker-stack-traefik.yml` # # In this case `mm` is going to be stack name, so the command will be: # # `docker stack up mm -c docker-stack-traefik.yml` # # From now on all the services that belong to this stack will be prefixed with `mm_` # this file defines 3 services, these are going to be mm_db, mm_app and mm_web, # each of these names is the service's hostname as well, they can communicate # with each other easily by using the hostname instead of the ip or exposing ports to the host. # # As a side note, images tagged as latest are pulled by default, # that means there's no need to use `image:latest` # # use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features. # see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3 # and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33 # and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading version: '3.3' networks: # network for App <-> DB transactions mm-in: driver: overlay internal: true # this network faces the outside world mm-out: driver: overlay internal: false volumes: mm-dbdata: traefik-certs: services: db: # use official mattermost prod-db image image: mattermost/mattermost-prod-db networks: - mm-in volumes: # use a named-volume for data persistency - mm-dbdata:/var/lib/postgresql/data - /etc/localtime:/etc/localtime:ro environment: - POSTGRES_USER=mmuser - POSTGRES_PASSWORD=mmuser_password - POSTGRES_DB=mattermost # uncomment the following to enable backup # - AWS_ACCESS_KEY_ID=XXXX # - AWS_SECRET_ACCESS_KEY=XXXX # - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH # - AWS_REGION=us-east-1 deploy: restart_policy: condition: on-failure app: # use official mattermost prod-app image image: mattermost/mattermost-prod-app networks: - mm-in - mm-out volumes: - /var/lib/mattermost/config:/mattermost/config:rw - /var/lib/mattermost/data:/mattermost/data:rw - /var/lib/mattermost/logs:/mattermost/logs:rw - /etc/localtime:/etc/localtime:ro environment: # use service's hostname - DB_HOST=mm_db # talk to the port within the overlay network # without (over)exposing ports - DB_PORT_NUMBER=5432 - MM_USERNAME=mmuser - MM_PASSWORD=mmuser_password - MM_DBNAME=mattermost # pass the edition to be used, default is enterprise # setting this env var will make the app use the team edition - edition=team # in case your config is not in default location # - MM_CONFIG=/mattermost/config/config.json deploy: labels: - "traefik.backend.loadbalancer.sticky=true" - "traefik.backend.loadbalancer.swarm=true" # the backend service needs a name - "traefik.backend=mmapp" # network is prefixed `mm_` as well - "traefik.docker.network=mm_mm-out" # generate a TLS cert for this domain - "traefik.entrypoints=https" - "traefik.frontend.passHostHeader=true" # add your domain below here - "traefik.frontend.rule=Host:mattermost.domain.com" - "traefik.port=80" restart_policy: condition: on-failure web: # use official traefik image image: traefik ports: - "80:80" # you can view the traefik's dashboard in http://localhost:8080 - "8080:8080" - "443:443" networks: - mm-out command: --acme --acme.email="[ADD YOUR EMAIL HERE]" --acme.entrypoint=https --acme.onhostrule --acme.storage="acme/certs.json" --acme.acmelogging --web --docker --docker.domain=docker.localhost --docker.swarmmode --docker.watch --logLevel=DEBUG volumes: # traefik needs the docker socket in order to work properly - /var/run/docker.sock:/var/run/docker.sock # no traefik config file is being used # you can deep further in the traefik docs # http://docs.traefik.io/user-guide/examples/ - /dev/null:/traefik.toml # use a named-volume for certs persistency - traefik-certs:/acme deploy: restart_policy: condition: on-failure