CCCHH/ansible-infra
CCCHH/ansible-infra
3
2
Fork 2
Code Issues 6 Pull requests 5 Wiki Activity Actions
ansible-infra/resources/chaosknoten/pad/docker_compose/compose.yaml.j2
June a11ccaf16c
Some checks failed
/ Ansible Lint (push) Failing after 1m59s
Details
disable digest pinning for our images, since Forgejo cleans them up 
Since Forgejo seems to clean up older tag versions, so older digests,
disable digest pinning for our images.
While generally resulting in undeployable config, with ansible-pull the
breakage is especially noticeable.
2025-10-30 05:50:42 +01:00

66 lines
2.5 KiB
Django/Jinja
Raw Blame History

---
# see https://github.com/hedgedoc/container/blob/master/docker-compose.yml
services:
database:
image: docker.io/library/postgres:15-alpine@sha256:64583b3cb4f2010277bdd9749456de78e5c36f8956466ba14b0b96922e510950
environment:
- "POSTGRES_USER=hedgedoc"
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "POSTGRES_DB=hedgedoc"
volumes:
- database:/var/lib/postgresql/data
restart: unless-stopped
app:
image: quay.io/hedgedoc/hedgedoc:1.10.3@sha256:ca58fd73ecf05c89559b384fb7a1519c18c8cbba5c21a0018674ed820b9bdb73
environment:
- "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
- "CMD_DOMAIN=pad.hamburg.ccc.de"
- "CMD_PROTOCOL_USESSL=true"
- "CMD_HSTS_ENABLE=false"
- "CMD_URL_ADDPORT=false"
- "CMD_ALLOW_FREEURL=true"
- "CMD_ALLOW_EMAIL_REGISTER=false"
- "CMD_ALLOW_ANONYMOUS=false"
- "CMD_ALLOW_ANONYMOUS_EDITS=true"
- "CMD_ALLOW_ANONYMOUS_VIEWS=true"
- "CMD_DEFAULT_PERMISSION=limited"
- "CMD_EMAIL=false"
- "CMD_OAUTH2_USER_PROFILE_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/userinfo"
- "CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username"
- "CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name"
- "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email"
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
- "CMD_OAUTH2_CLIENT_ID=pad"
- "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
- "CMD_OAUTH2_SCOPE=openid email profile"
volumes:
- uploads:/hedgedoc/public/uploads
ports:
- "127.0.0.1:3000:3000"
restart: unless-stopped
depends_on:
- database
hedgedoc-expire:
image: git.hamburg.ccc.de/ccchh/hedgedoc-expire/hedgedoc-expire:latest
# command: "emailcheck"
command: "cron"
environment:
- "POSTGRES_HOSTNAME=database"
- "POSTGRES_USERNAME=hedgedoc"
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
- "SMTP_FROM=pad@hamburg.ccc.de"
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
- "SMTP_USERNAME=pad@hamburg.ccc.de"
- "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
- "URL=https://pad.hamburg.ccc.de"
depends_on:
- database
volumes:
database: {}
uploads: {}
Reference in a new issue View git blame Copy permalink