services: db: image: mariadb:10.11 restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: SuperSecretRoot123! MYSQL_DATABASE: filerun MYSQL_USER: filerun MYSQL_PASSWORD: SuperSecretFileRun456! volumes: - ./db_data:/var/lib/mysql networks: - internal filerun: image: filerun/filerun:8.1.arm64v8 restart: unless-stopped environment: FR_DB_HOST: db FR_DB_PORT: 3306 FR_DB_NAME: filerun FR_DB_USER: filerun FR_DB_PASS: SuperSecretFileRun456! APACHE_RUN_USER: www-data APACHE_RUN_USER_ID: 33 APACHE_RUN_GROUP: www-data APACHE_RUN_GROUP_ID: 33 # Critical: enable proxy support in FileRun! FR_USE_PROXY: "true" volumes: - ./filerun_html:/var/www/html - ./user_data:/user-files networks: - internal - traefik_default depends_on: - db labels: - "traefik.enable=true" - "traefik.docker.network=traefik_default" # Create redirect middleware to HTTPS - "traefik.http.middlewares.filerun-redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.filerun-redirect.redirectscheme.permanent=true" # FileRun headers (required behind proxy) - "traefik.http.middlewares.filerun-headers.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.middlewares.filerun-headers.headers.customrequestheaders.X-Forwarded-Host=filerun.rozic-dev.com" # HTTP Router → redirect to HTTPS - "traefik.http.routers.filerun-http.entrypoints=web" - "traefik.http.routers.filerun-http.rule=Host(`filerun.rozic-dev.com`)" - "traefik.http.routers.filerun-http.middlewares=filerun-redirect@docker" # HTTPS Router - "traefik.http.routers.filerun-https.entrypoints=websecure" - "traefik.http.routers.filerun-https.rule=Host(`filerun.rozic-dev.com`)" - "traefik.http.routers.filerun-https.tls=true" - "traefik.http.routers.filerun-https.tls.certresolver=letsencrypt" - "traefik.http.routers.filerun-https.middlewares=filerun-headers@docker" # Backend service - "traefik.http.services.filerun.loadbalancer.server.port=80" networks: internal: driver: bridge traefik_default: external: true