# https://docs.docker.com/compose/environment-variables/ version: "2.4" services: postgres: image: postgres:${POSTGRES_IMAGE_TAG} restart: ${RESTART_POLICY} security_opt: - no-new-privileges:true pids_limit: 100 read_only: true tmpfs: - /tmp - /var/run/postgresql volumes: - ${POSTGRES_DATA_PATH}:/var/lib/postgresql/data environment: # timezone inside container - TZ # necessary Postgres options/variables - POSTGRES_USER - POSTGRES_PASSWORD - POSTGRES_DB networks: - mat_back mattermost: depends_on: - postgres image: mattermost/${MATTERMOST_IMAGE}:${MATTERMOST_IMAGE_TAG} restart: ${RESTART_POLICY} security_opt: - no-new-privileges:true pids_limit: 200 read_only: ${MATTERMOST_CONTAINER_READONLY} tmpfs: - /tmp volumes: - ${MATTERMOST_CONFIG_PATH}:/mattermost/config:rw - ${MATTERMOST_DATA_PATH}:/mattermost/data:rw - ${MATTERMOST_LOGS_PATH}:/mattermost/logs:rw - ${MATTERMOST_PLUGINS_PATH}:/mattermost/plugins:rw - ${MATTERMOST_CLIENT_PLUGINS_PATH}:/mattermost/client/plugins:rw - ${MATTERMOST_BLEVE_INDEXES_PATH}:/mattermost/bleve-indexes:rw # When you want to use SSO with GitLab, you have to add the cert pki chain of GitLab inside Alpine # to avoid Token request failed: certificate signed by unknown authority # (link: https://github.com/mattermost/mattermost-server/issues/13059 and https://github.com/mattermost/docker/issues/34) # - ${GITLAB_PKI_CHAIN_PATH}:/etc/ssl/certs/pki_chain.pem:ro environment: # timezone inside container - TZ # necessary Mattermost options/variables (see env.example) - MM_SQLSETTINGS_DRIVERNAME - MM_SQLSETTINGS_DATASOURCE # necessary for bleve - MM_BLEVESETTINGS_INDEXDIR # additional settings - MM_SERVICESETTINGS_SITEURL - VIRTUAL_HOST=mat.airdog.site - LETSENCRYPT_HOST=mat.airdog.site - LETSENCRYPT_EMAIL=lets@treillis.mailer.me - VIRTUAL_PORT=8065 - ${CALLS_PORT}:${CALLS_PORT}/udp - ${CALLS_PORT}:${CALLS_PORT}/tcp networks: - mat_back - acme-companion_proxy-tier networks: mat_back: acme-companion_proxy-tier: external: true