############################################## # Lageplan — Portainer Stack (Watchtower Auto-Update) # # Setup in Portainer: # 1. Stacks → Add Stack → "Repository" # 2. Git-URL: https://git.purepixel.ch/adminpepe/Lageplan.git # 3. Compose-Pfad: docker-compose.portainer.yml # 4. "GitOps updates" aktivieren # 5. Environment-Variablen setzen (siehe unten) # 6. Deploy # # Danach: Push auf main → Gitea Actions baut Image → # Watchtower erkennt neues Image und startet Container neu # # Benötigte Environment-Variablen: # POSTGRES_USER (default: lageplan) # POSTGRES_PASSWORD (ÄNDERN!) # POSTGRES_DB (default: lageplan) # NEXTAUTH_SECRET (ÄNDERN! — z.B. openssl rand -base64 32) # NEXTAUTH_URL (z.B. https://lageplan.ch) # MINIO_ROOT_USER (default: minioadmin) # MINIO_ROOT_PASSWORD (ÄNDERN!) # MINIO_PUBLIC_URL (z.B. https://s3.example.com) # GITEA_REGISTRY_USER (für Watchtower Registry-Auth) # GITEA_REGISTRY_PASS (für Watchtower Registry-Auth) ############################################## services: # ─── PostgreSQL ──────────────────────────── db: image: postgres:16-alpine restart: unless-stopped environment: POSTGRES_USER: ${POSTGRES_USER:-lageplan} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-lageplan_secret} POSTGRES_DB: ${POSTGRES_DB:-lageplan} volumes: - postgres_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-lageplan}"] interval: 10s timeout: 5s retries: 5 networks: - lageplan # ─── MinIO (S3-kompatibler Objektspeicher) ─ minio: image: minio/minio:latest restart: unless-stopped command: server /data --console-address ":9001" environment: MINIO_ROOT_USER: ${MINIO_ROOT_USER:-minioadmin} MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD:-minioadmin123} volumes: - minio_data:/data ports: - "${MINIO_API_PORT:-9000}:9000" - "${MINIO_CONSOLE_PORT:-9001}:9001" healthcheck: test: ["CMD", "mc", "ready", "local"] interval: 10s timeout: 5s retries: 5 networks: - lageplan # ─── MinIO Bucket Init ───────────────────── minio-init: image: minio/mc:latest depends_on: minio: condition: service_healthy entrypoint: > /bin/sh -c " mc alias set myminio http://minio:9000 $${MINIO_ROOT_USER:-minioadmin} $${MINIO_ROOT_PASSWORD:-minioadmin123}; mc mb myminio/$${MINIO_BUCKET:-lageplan-icons} --ignore-existing; mc anonymous set download myminio/$${MINIO_BUCKET:-lageplan-icons}; echo 'Bucket initialized'; exit 0; " networks: - lageplan # ─── Lageplan Web App ────────────────────── # Image kommt aus Gitea Container Registry (gebaut via Gitea Actions) web: image: git.purepixel.ch/adminpepe/lageplan:latest restart: unless-stopped environment: DATABASE_URL: postgresql://${POSTGRES_USER:-lageplan}:${POSTGRES_PASSWORD:-lageplan_secret}@db:5432/${POSTGRES_DB:-lageplan} NEXTAUTH_URL: ${NEXTAUTH_URL:-https://localhost:3000} NEXTAUTH_SECRET: ${NEXTAUTH_SECRET:-super-secret-key-change-in-production} MINIO_ENDPOINT: minio MINIO_PORT: "9000" MINIO_ACCESS_KEY: ${MINIO_ROOT_USER:-minioadmin} MINIO_SECRET_KEY: ${MINIO_ROOT_PASSWORD:-minioadmin123} MINIO_BUCKET: ${MINIO_BUCKET:-lageplan-icons} MINIO_USE_SSL: "false" MINIO_PUBLIC_URL: ${MINIO_PUBLIC_URL:-http://localhost:9000} ports: - "${WEB_PORT:-3000}:3000" depends_on: db: condition: service_healthy minio: condition: service_healthy networks: - lageplan labels: - "com.centurylinklabs.watchtower.enable=true" # ─── Watchtower (Auto-Restart bei neuen Images) ─ # Überwacht nur Container mit Label com.centurylinklabs.watchtower.enable=true watchtower: image: containrrr/watchtower restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock environment: WATCHTOWER_POLL_INTERVAL: 60 WATCHTOWER_CLEANUP: "true" WATCHTOWER_LABEL_ENABLE: "true" # Gitea Registry Auth REPO_USER: ${GITEA_REGISTRY_USER} REPO_PASS: ${GITEA_REGISTRY_PASS} networks: - lageplan volumes: postgres_data: minio_data: networks: lageplan: driver: bridge