91 lines
3.2 KiB
YAML
91 lines
3.2 KiB
YAML
version: '3'
|
|
services:
|
|
database:
|
|
image: git.nixc.us/colin/hedgedoc:production-database
|
|
environment:
|
|
- POSTGRES_USER=hedgedoc
|
|
- POSTGRES_PASSWORD=password
|
|
- POSTGRES_DB=hedgedoc
|
|
volumes:
|
|
- /mnt/tank/persist/nixc.us/hedgedoc/production/db:/var/lib/postgresql/data
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
## - node.labels.role == db
|
|
- node.hostname == ingress.nixc.us
|
|
# - node.labels.mac-rack == true
|
|
labels:
|
|
- "us.nixc.autodeploy=true"
|
|
- "traefik.enable=false"
|
|
networks:
|
|
- default
|
|
# logging:
|
|
# driver: "gelf"
|
|
# options:
|
|
# gelf-address: "udp://log.nixc.us:15124"
|
|
# tag: "hedgedoc_database"
|
|
hedgedoc:
|
|
# Make sure to use the latest release from https://hedgedoc.org/latest-release
|
|
image: git.nixc.us/colin/hedgedoc:production-hedgedoc
|
|
environment:
|
|
# CMD_ALLOW_ANONYMOUS: "true"
|
|
CMD_ALLOW_ANONYMOUS_EDITS: "true"
|
|
CMD_ALLOW_FREEURL: "true"
|
|
CMD_DB_URL: "postgres://hedgedoc:password@hedgedoc_database:5432/hedgedoc"
|
|
CMD_DOMAIN: "hedgedoc.nixc.us"
|
|
# CMD_URL_ADDPORT: "true"
|
|
CMD_PROTOCOL_USESSL: "true"
|
|
CMD_SESSION_SECRET: "kcxFbvEv4gQeeDuXTJJDQ4Vj878C4p2AQFe9Ur33tLeUdQNzGGiQz6NAmEoxjZXH"
|
|
CMD_DB_USERNAME: "hedgedoc"
|
|
CMD_DB_PASSWORD: "password"
|
|
CMD_DB_HOST: "database"
|
|
CMD_DB_PORT: "5432"
|
|
# CMD_LDAP_URL: ldap://lldap_lldap:3890
|
|
# CMD_LDAP_BINDDN: uid=admin,ou=people,dc=nixc,dc=us
|
|
# CMD_LDAP_BINDCREDENTIALS: ehgJHdnbMvz8vEGVSYqRAC2r3WUisLxTRLnuXuXb72DEvhi8Ayzu4CQj9h2sexpX
|
|
# CMD_LDAP_SEARCHBASE: ou=people,dc=nixc,dc=us
|
|
# CMD_LDAP_SEARCHFILTER: '(&(memberOf=cn=hedgedocUsers,ou=groups,dc=nixc,dc=us)(uid={{username}}))'
|
|
# CMD_LDAP_USERIDFIELD: uid
|
|
volumes:
|
|
- /mnt/tank/persist/nixc.us/hedgedoc/production/uploads:/hedgedoc/public/uploads
|
|
# ports:
|
|
# - "3000:3000"
|
|
depends_on:
|
|
- database
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
## - node.labels.role == db
|
|
- node.hostname == ingress.nixc.us
|
|
# - node.labels.mac-rack == true
|
|
labels:
|
|
homepage.group: apps
|
|
homepage.name: hedgedoc
|
|
homepage.href: https://hedgedoc.nixc.us/
|
|
homepage.description: hedgedoc
|
|
us.nixc.autodeploy: "true"
|
|
traefik.enable: "true"
|
|
traefik.http.routers.production_hedgedoc.tls: "true"
|
|
traefik.http.services.production_hedgedoc.loadbalancer.server.port: 3000
|
|
traefik.http.routers.production_hedgedoc.rule: Host(`hedgedoc.nixc.us`)
|
|
traefik.http.routers.production_hedgedoc.entrypoints: websecure
|
|
traefik.http.routers.production_hedgedoc.tls.certresolver: letsencryptresolver
|
|
traefik.http.routers.production_hedgedoc.service: production_hedgedoc
|
|
traefik.docker.network: traefik
|
|
# - 'traefik.http.routers.production_hedgedoc.middlewares=authelia@docker'
|
|
networks:
|
|
- default
|
|
- traefik
|
|
# logging:
|
|
# driver: "gelf"
|
|
# options:
|
|
# gelf-address: "udp://log.nixc.us:15124"
|
|
# tag: "hedgedoc_app"
|
|
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
default:
|
|
external: false |