services: vaultwarden: image: vaultwarden/server:latest container_name: vaultwarden restart: unless-stopped networks: - internal environment: DOMAIN: "https://bitwarden.vm.local" DATABASE_URL: "postgres://vaultwarden:vaultwarden@postgres:5432/vaultwarden" volumes: - ./vw-data/:/data/ expose: - 80 extra_hosts: - "postgres:172.18.0.1" deploy: resources: limits: memory: 256M cpus: '0.25' pids: 100 reservations: memory: 128M cpus: '0.10' gitea: image: docker.gitea.com/gitea:latest container_name: gitea environment: - USER_UID=1000 - USER_GID=1000 - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=postgres:5432 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=gitea - GITEA__security__INSTALL_LOCK=true restart: unless-stopped networks: - internal volumes: - ./gitea:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro expose: - 3000 - 22 extra_hosts: - "postgres:172.18.0.1" healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000/api/healthz"] interval: 1m30s timeout: 10s retries: 3 deploy: resources: limits: memory: 512M cpus: '0.50' pids: 100 reservations: memory: 256M cpus: '0.25' nginx: image: nginx:latest container_name: nginx restart: unless-stopped networks: - internal volumes: - ./nginx.conf:/etc/nginx/conf.d/default.conf - ./nginx/certs:/etc/nginx/certs ports: - 0.0.0.0:80:80 - 0.0.0.0:443:443 deploy: resources: limits: memory: 128M cpus: '0.25' pids: 100 reservations: memory: 64M cpus: '0.10' read_only: true tmpfs: - /tmp - /run - /var/cache/nginx networks: internal: driver: bridge ipam: config: - subnet: 172.18.0.0/16 gateway: 172.18.0.1