version: '3.8' services: # --- Coolify 核心管理服務 --- coolify: image: ghcr.io/coollabsio/coolify:latest container_name: coolify restart: always environment: - APP_ID=core - APP_ENV=production - APP_NAME=Coolify - APP_KEY=${MY_APP_KEY} - DB_HOST=coolify-db - DB_PORT=5432 - DB_USERNAME=coolify - DB_PASSWORD=${MY_DB_PASS} - DB_DATABASE=coolify - REDIS_HOST=coolify-redis - REDIS_PASSWORD=${MY_REDIS_PASS} # 重要:開啟調度器,確保它能管理 Docker - COOLIFY_SCHEDULER_ENABLED=true volumes: - /var/run/docker.sock:/var/run/docker.sock - /mnt/data/External/coolify_web/coolify_data:/data/coolify - /mnt/data/External/coolify_web/coolify_ssh:/var/www/html/storage/app/ssh ports: # 這是 Coolify 的管理後台 UI # 為了安全,我們這裡只映射到宿主機的高位端口,或者您可以註解掉,完全走 NPM - "7900:8080" depends_on: - coolify-db - coolify-redis networks: - coolify-infra - webproxy # 加入您的跨 Stack 網橋 # --- Coolify 內建代理 (Traefik) --- # 我們手動定義它,是為了強制它加入 webproxy 網路,並且不讓它佔用宿主機 80/443 coolify-proxy: image: traefik:latest container_name: coolify-proxy restart: always command: - "--api.dashboard=true" - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" # 關鍵:Traefik 在容器內部監聽 80,但不映射到宿主機 - "--entrypoints.web.address=:80" volumes: - /var/run/docker.sock:/var/run/docker.sock networks: - coolify-infra - webproxy # 這樣 NPM 才能轉發流量給它 ports: # 這裡故意不映射 80:80 和 443:443 # 只映射一個監控面板 port 供 debug (可選) - "7800:8080" # --- 資料庫依賴 --- coolify-db: image: postgres:15-alpine container_name: coolify-db restart: always environment: - POSTGRES_USER=coolify - POSTGRES_PASSWORD=${MY_DB_PASS} - POSTGRES_DB=coolify volumes: - coolify-db-data:/var/lib/postgresql/data networks: - coolify-infra coolify-redis: image: redis:alpine container_name: coolify-redis restart: always command: redis-server --requirepass ${MY_REDIS_PASS} volumes: - coolify-redis-data:/data networks: - coolify-infra # --- 網路設定 --- networks: coolify-infra: driver: bridge webproxy: external: true name: webproxy # --- 數據卷 --- volumes: coolify-db-data: coolify-redis-data: