43 lines
1.7 KiB
YAML
43 lines
1.7 KiB
YAML
# ============================================================================
|
|
# TEMPLATE — Dokploy service on dokploy-network behind Traefik.
|
|
# Copy this, replace SVC / HOST / PORT / IMAGE, delete what you don't need.
|
|
# Dokploy deploys as a swarm stack, so BOTH label blocks below are required.
|
|
# See skills/infra-ops/SKILL.md for the full conventions.
|
|
# ============================================================================
|
|
services:
|
|
SVC:
|
|
image: IMAGE
|
|
restart: unless-stopped
|
|
# environment:
|
|
# KEY: ${KEY} # secrets via Dokploy env, never hard-coded
|
|
# volumes:
|
|
# - SVC_data:/data
|
|
networks:
|
|
- dokploy-network # Traefik ingress
|
|
# - SVC_internal # add a bridge for DB / host / tailnet egress
|
|
# --- container-level labels (docker provider) ---
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=dokploy-network"
|
|
- "traefik.http.routers.SVC.rule=Host(`HOST`)"
|
|
- "traefik.http.routers.SVC.entrypoints=websecure"
|
|
- "traefik.http.routers.SVC.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.SVC.loadbalancer.server.port=PORT"
|
|
# --- service-level labels (swarm provider) — mirror of the above ---
|
|
deploy:
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=dokploy-network"
|
|
- "traefik.http.routers.SVC.rule=Host(`HOST`)"
|
|
- "traefik.http.routers.SVC.entrypoints=websecure"
|
|
- "traefik.http.routers.SVC.tls.certresolver=letsencrypt"
|
|
- "traefik.http.services.SVC.loadbalancer.server.port=PORT"
|
|
|
|
# volumes:
|
|
# SVC_data:
|
|
|
|
networks:
|
|
dokploy-network:
|
|
external: true
|
|
# SVC_internal:
|
|
# driver: bridge
|