forked from CCCHH/ansible-infra
June
43fac32424
Use a full image source and set and explicit version for all images in Chaosknoten (docker-)compose files. With Renovate now set up, it is feasible to explicitly set versions.
66 lines
2.3 KiB
Django/Jinja
66 lines
2.3 KiB
Django/Jinja
---
|
|
# see https://github.com/hedgedoc/container/blob/master/docker-compose.yml
|
|
|
|
services:
|
|
database:
|
|
image: docker.io/library/postgres:15-alpine
|
|
environment:
|
|
- "POSTGRES_USER=hedgedoc"
|
|
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
|
|
- "POSTGRES_DB=hedgedoc"
|
|
volumes:
|
|
- database:/var/lib/postgresql/data
|
|
restart: unless-stopped
|
|
|
|
app:
|
|
image: quay.io/hedgedoc/hedgedoc:1.10.3
|
|
environment:
|
|
- "CMD_DB_URL=postgres://hedgedoc:{{ secret__hedgedoc_db_password }}@database:5432/hedgedoc"
|
|
- "CMD_DOMAIN=pad.hamburg.ccc.de"
|
|
- "CMD_PROTOCOL_USESSL=true"
|
|
- "CMD_HSTS_ENABLE=false"
|
|
- "CMD_URL_ADDPORT=false"
|
|
- "CMD_ALLOW_FREEURL=true"
|
|
- "CMD_ALLOW_EMAIL_REGISTER=false"
|
|
- "CMD_ALLOW_ANONYMOUS=false"
|
|
- "CMD_ALLOW_ANONYMOUS_EDITS=true"
|
|
- "CMD_ALLOW_ANONYMOUS_VIEWS=true"
|
|
- "CMD_DEFAULT_PERMISSION=limited"
|
|
- "CMD_EMAIL=false"
|
|
- "CMD_OAUTH2_USER_PROFILE_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/userinfo"
|
|
- "CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username"
|
|
- "CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name"
|
|
- "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email"
|
|
- "CMD_OAUTH2_TOKEN_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
|
|
- "CMD_OAUTH2_AUTHORIZATION_URL=https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
|
|
- "CMD_OAUTH2_CLIENT_ID=pad"
|
|
- "CMD_OAUTH2_CLIENT_SECRET={{ secret__hedgedoc_kc_secret }}"
|
|
- "CMD_OAUTH2_PROVIDERNAME=Keycloak"
|
|
- "CMD_OAUTH2_SCOPE=openid email profile"
|
|
volumes:
|
|
- uploads:/hedgedoc/public/uploads
|
|
ports:
|
|
- "127.0.0.1:3000:3000"
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- database
|
|
|
|
hedgedoc-expire:
|
|
image: git.hamburg.ccc.de/ccchh/hedgedoc-expire/hedgedoc-expire:latest
|
|
# command: "emailcheck"
|
|
command: "cron"
|
|
environment:
|
|
- "POSTGRES_HOSTNAME=database"
|
|
- "POSTGRES_USERNAME=hedgedoc"
|
|
- "POSTGRES_PASSWORD={{ secret__hedgedoc_db_password }}"
|
|
- "SMTP_FROM=pad@hamburg.ccc.de"
|
|
- "SMTP_HOSTNAME=cow.hamburg.ccc.de"
|
|
- "SMTP_USERNAME=pad@hamburg.ccc.de"
|
|
- "SMTP_PASSWORD={{ secret__pad_smtp_password }}"
|
|
- "URL=https://pad.hamburg.ccc.de"
|
|
depends_on:
|
|
- database
|
|
|
|
volumes:
|
|
database: {}
|
|
uploads: {}
|