June
ddab157600
Some checks failed
/ Ansible Lint (push) Failing after 47s
The benefit of digest pinning isn't that great for this project really and it comes at the cost of more issues and additional renovate noise, so just don't anymore. Adjust renovate config accordingly as well.
66 lines
2.3 KiB
Django/Jinja
66 lines
2.3 KiB
Django/Jinja
---
|
|
# see https://github.com/hedgedoc/container/blob/master/docker-compose.yml
|
|
|
|
services:
|
|
database:
|
|
image: docker.io/library/postgres:15-alpine
|
|
environment:
|
|
- "POSTGRES_USER=hedgedoc"
|
|
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
|
|
- "POSTGRES_DB=hedgedoc"
|
|
volumes:
|
|
- database:/var/lib/postgresql/data
|
|
restart: unless-stopped
|
|
|
|
app:
|
|
image: quay.io/hedgedoc/hedgedoc:1.10.3
|
|
environment:
|
|
- "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
|
|
- "CMD_DOMAIN=pad.hamburg.ccc.de"
|
|
- "CMD_PROTOCOL_USESSL=true"
|
|
- "CMD_HSTS_ENABLE=false"
|
|
- "CMD_URL_ADDPORT=false"
|
|
- "CMD_ALLOW_FREEURL=true"
|
|
- "CMD_ALLOW_EMAIL_REGISTER=false"
|
|
- "CMD_ALLOW_ANONYMOUS=false"
|
|
- "CMD_ALLOW_ANONYMOUS_EDITS=true"
|
|
- "CMD_ALLOW_ANONYMOUS_VIEWS=true"
|
|
- "CMD_DEFAULT_PERMISSION=limited"
|
|
- "CMD_EMAIL=false"
|
|
- "CMD_OAUTH2_USER_PROFILE_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/userinfo"
|
|
- "CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username"
|
|
- "CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name"
|
|
- "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email"
|
|
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
|
|
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
|
|
- "CMD_OAUTH2_CLIENT_ID=pad"
|
|
- "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
|
|
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
|
|
- "CMD_OAUTH2_SCOPE=openid email profile"
|
|
volumes:
|
|
- uploads:/hedgedoc/public/uploads
|
|
ports:
|
|
- "127.0.0.1:3000:3000"
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- database
|
|
|
|
hedgedoc-expire:
|
|
image: git.hamburg.ccc.de/ccchh/hedgedoc-expire/hedgedoc-expire:latest
|
|
# command: "emailcheck"
|
|
command: "cron"
|
|
environment:
|
|
- "POSTGRES_HOSTNAME=database"
|
|
- "POSTGRES_USERNAME=hedgedoc"
|
|
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
|
|
- "SMTP_FROM=pad@hamburg.ccc.de"
|
|
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
|
|
- "SMTP_USERNAME=pad@hamburg.ccc.de"
|
|
- "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
|
|
- "URL=https://pad.hamburg.ccc.de"
|
|
depends_on:
|
|
- database
|
|
|
|
volumes:
|
|
database: {}
|
|
uploads: {}
|