services: synapse: image: ghcr.io/polarix-containers/synapse:latest restart: always ports: - 127.0.0.1:8008:8008 - 8448:8448 - 9000:9000 volumes: - ./data:/data:Z - ./log:/var/log/matrix-synapse:Z - ./certs:/certs:Z # - /synapse/mautrix-signal:/mautrix-signal:z # - /synapse/mautrix-discord:/mautrix-discord:z # - /synapse/mautrix-whatsapp:/mautrix-whatsapp:z # - /synapse/mautrix-waluc:/mautrix-waluc:z networks: # - synapse - postgres - valkey # - signal # - nginx depends_on: # - postgres - valkey environment: - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml - TZ=Europe/Vienna user: "3000:3000" # read_only: true security_opt: - "no-new-privileges=true" # cap_drop: # - ALL # cap_add: # - CHOWN # - SETUID # - SETGID valkey: image: ghcr.io/polarix-containers/valkey:8 restart: always volumes: - ./valkey:/data:Z networks: - valkey user: "3010:3010" read_only: true security_opt: - "no-new-privileges=true" cap_drop: - ALL postgres: image: ghcr.io/polarix-containers/postgres:17 networks: - postgres ports: - 5432:5432 environment: - TZ=Europe/Vienna - POSTGRES_INITDB_ARGS=--encoding='UTF8' --lc-collate='C' --lc-ctype='C' - POSTGRES_USER=postgres - POSTGRES_PASSWORD=pRyOLu129w8Tyk80yBkfk volumes: - ./postgres/data:/var/lib/postgresql/data:Z user: "70:70" read_only: false tmpfs: - /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev security_opt: - "no-new-privileges=true" cap_drop: - ALL # cap_add: # - CHOWN # - SETUID # - SETGID signal: image: dock.mau.dev/mautrix/signal restart: always networks: # - signal - postgres - synapse depends_on: - synapse - postgres volumes: - ./signal:/data:Z # user: "1337:1337" read_only: true security_opt: - "no-new-privileges=true" # cap_drop: # - ALL # cap_add: # - SETUID # - SETGID # - CHOWN whatsapp: image: dock.mau.dev/mautrix/whatsapp restart: always networks: - postgres - synapse depends_on: - postgres - synapse volumes: - ./whatsapp:/data:Z read_only: true security_opt: - "no-new-privileges=true" # cap_drop: # - ALL # cap_add: # - SETUID # - SETGID # - CHOWN # - FOWNER discord: image: dock.mau.dev/mautrix/discord restart: always networks: - postgres - synapse depends_on: - synapse - postgres volumes: - ./discord:/data:z read_only: true security_opt: - "no-new-privileges=true" # cap_drop: # - ALL # cap_add: # - SETUID # - SETGID # - CHOWN waluc: image: dock.mau.dev/mautrix/discord restart: always networks: - postgres - synapse depends_on: - synapse - postgres volumes: - ./waluc:/data:z read_only: true security_opt: - "no-new-privileges=true" # cap_drop: # - ALL # cap_add: # - SETUID # - SETGID # - CHOWN networks: synapse: postgres: valkey: # signal: