docker-compose.yml

services:
  bot:
    image: ghcr.io/erisa/cliptok
    depends_on:
      - redis
    env_file:
      - .env
    restart: on-failure
    volumes:
      - type: bind
        source: ./Lists/Private
        target: /app/Lists/Private
      # Comment out the following (And I guess the above?) if you won't use SSH to pull Lists/Private
      - type: bind
        source: ${HOME}/.ssh/known_hosts
        target: /root/.ssh/known_hosts
      - type: bind
        source: ./ssh_key
        target: /root/.ssh/id_ed25519
      # Uncomment the below lines to use your own config file.
      #- type: bind
      #  source: ./config.dev.json
      # target: /app/config.json
    environment:
      # Overrides your configs Redis options for use with Docker Compose
      #  I don't advise changing this unless you have a strange setup
      - REDIS_DOCKER_OVERRIDE=true
  redis:
    image: 'redis:7.2-alpine'
    restart: always
    volumes:
      - type: bind
        source: ./data
        target: /data
    command: --appendonly yes

# You may want to comment out everything below if you're not Erisa.
  redis-exposer:
    image: ghcr.io/erisa/redis-exposer
    restart: always
    env_file:
     - .exposer.env
  cloudflared:
    image: erisamoe/cloudflared
    restart: always
    command: tunnel --no-autoupdate run
    environment:
      - TUNNEL_TOKEN=${CLOUDFLARED_TOKEN}
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    command: --interval 30 --label-enable
    restart: always
  tailscale:
    image: tailscale/tailscale:latest
    volumes:
      - ./data/ts-state:/var/lib/tailscale
    environment:
      - TS_AUTHKEY=${TS_AUTHKEY}
      - TS_STATE_DIR=/var/lib/tailscale
      - TS_USERSPACE=false
      - TS_EXTRA_ARGS=--hostname=cliptok --accept-dns=false --accept-routes=false # i'm not having my tailnet misconfigurations break cliptok
    cap_add:
      - net_admin
      - sys_module
    restart: always
    network_mode: service:bot