# tuwunel - Behind Traefik Reverse Proxy

services:
  homeserver:
    ### If you already built the conduduwit image with 'docker build' or want to use the Docker Hub image,
    ### then you are ready to go.
    image: jevolk/tuwunel:latest
    restart: unless-stopped
    volumes:
      - db:/var/lib/tuwunel
      #- ./tuwunel.toml:/etc/tuwunel.toml
    networks:
      - proxy
    environment:
      TUWUNEL_SERVER_NAME: your.server.name.example # EDIT THIS
      TUWUNEL_DATABASE_PATH: /var/lib/tuwunel
      TUWUNEL_PORT: 6167 # should match the loadbalancer traefik label
      TUWUNEL_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
      TUWUNEL_ALLOW_REGISTRATION: 'true'
      TUWUNEL_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
      #TUWUNEL_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
      TUWUNEL_ALLOW_FEDERATION: 'true'
      TUWUNEL_TRUSTED_SERVERS: '["matrix.org"]'
      #TUWUNEL_LOG: warn,state_res=warn
      TUWUNEL_ADDRESS: 0.0.0.0
      #TUWUNEL_CONFIG: '/etc/tuwunel.toml' # Uncomment if you mapped config toml above

      # We need some way to serve the client and server .well-known json. The simplest way is via the TUWUNEL_WELL_KNOWN
      # variable / config option, there are multiple ways to do this, e.g. in the tuwunel.toml file, and in a separate
      # see the override file for more information about delegation
      TUWUNEL_WELL_KNOWN: |
        {
        client=https://your.server.name.example,
        server=your.server.name.example:443
        }
    #cpuset: "0-4" # Uncomment to limit to specific CPU cores
    ulimits: # tuwunel uses quite a few file descriptors, and on some systems it defaults to 1024, so you can tell docker to increase it
      nofile:
        soft: 1048567
        hard: 1048567

    ### Uncomment if you want to use your own Element-Web App.
    ### Note: You need to provide a config.json for Element and you also need a second
    ###       Domain or Subdomain for the communication between Element and tuwunel
    ### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
    # element-web:
    #     image: vectorim/element-web:latest
    #     restart: unless-stopped
    #     volumes:
    #         - ./element_config.json:/app/config.json
    #     networks:
    #         - proxy
    #     depends_on:
    #         - homeserver

volumes:
  db:

networks:
  # This is the network Traefik listens to, if your network has a different
  # name, don't forget to change it here and in the docker-compose.override.yml
  proxy:
    external: true

# vim: ts=2:sw=2:expandtab