services: caddy: # This compose file uses caddy-docker-proxy as the reverse proxy for tuwunel! # For more info, visit https://github.com/lucaslorentz/caddy-docker-proxy image: lucaslorentz/caddy-docker-proxy:ci-alpine ports: - 80:80 - 443:443 environment: - CADDY_INGRESS_NETWORKS=caddy networks: - caddy volumes: - /var/run/docker.sock:/var/run/docker.sock - ./data:/data restart: unless-stopped labels: caddy: example.com caddy.0_respond: /.well-known/matrix/server {"m.server":"matrix.example.com:443"} caddy.1_respond: /.well-known/matrix/client {"m.server":{"base_url":"https://matrix.example.com"},"m.homeserver":{"base_url":"https://matrix.example.com"},"org.matrix.msc3575.proxy":{"url":"https://matrix.example.com"}} homeserver: ### If you already built the tuwunel image with 'docker build' or want to use a registry image, ### then you are ready to go. image: jevolk/tuwunel:latest restart: unless-stopped volumes: - db:/var/lib/tuwunel #- ./tuwunel.toml:/etc/tuwunel.toml environment: TUWUNEL_SERVER_NAME: example.com # EDIT THIS TUWUNEL_DATABASE_PATH: /var/lib/tuwunel TUWUNEL_PORT: 6167 TUWUNEL_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB TUWUNEL_ALLOW_REGISTRATION: 'true' TUWUNEL_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed. #TUWUNEL_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true' TUWUNEL_ALLOW_FEDERATION: 'true' TUWUNEL_TRUSTED_SERVERS: '["matrix.org"]' #TUWUNEL_LOG: warn,state_res=warn TUWUNEL_ADDRESS: 0.0.0.0 #TUWUNEL_CONFIG: '/etc/tuwunel.toml' # Uncomment if you mapped config toml above networks: - caddy labels: caddy: matrix.example.com caddy.reverse_proxy: "{{upstreams 6167}}" volumes: db: networks: caddy: external: true