forked from Nixius/authelia
64 lines
2.1 KiB
YAML
64 lines
2.1 KiB
YAML
# =============================================================================
|
|
# CUSTOMER STACK TEMPLATE
|
|
# =============================================================================
|
|
# This is the Docker Swarm stack that gets deployed for each paying customer.
|
|
# It defines what product/service they receive when they subscribe.
|
|
#
|
|
# REPLACE the `web` service image (currently traefik/whoami as a placeholder)
|
|
# with the actual application you are selling.
|
|
#
|
|
# Template variables (injected at deploy time by swarm/client.go):
|
|
# {{.ID}} - customer's username (used for unique resource naming)
|
|
# {{.Subdomain}} - customer's subdomain (same as ID by default)
|
|
# {{.Domain}} - base domain (e.g. bc.a250.ca)
|
|
# {{.TraefikNetwork}} - Traefik overlay network name
|
|
#
|
|
# Each customer gets their stack at: https://{{.Subdomain}}.{{.Domain}}
|
|
# Access is restricted to the owning user via Authelia forward-auth.
|
|
# =============================================================================
|
|
|
|
version: "3.8"
|
|
|
|
services:
|
|
web:
|
|
image: traefik/whoami:latest
|
|
environment:
|
|
WHOAMI_NAME: "{{.Subdomain}}"
|
|
networks:
|
|
- traefik_net
|
|
deploy:
|
|
replicas: 1
|
|
labels:
|
|
traefik.enable: "true"
|
|
traefik.docker.network: "atlas_{{.TraefikNetwork}}"
|
|
traefik.http.routers.customer-{{.ID}}-web.rule: "Host(`{{.Subdomain}}.{{.Domain}}`)"
|
|
traefik.http.routers.customer-{{.ID}}-web.entrypoints: "websecure"
|
|
traefik.http.routers.customer-{{.ID}}-web.tls: "true"
|
|
traefik.http.routers.customer-{{.ID}}-web.middlewares: "authelia-auth@swarm"
|
|
traefik.http.services.customer-{{.ID}}-web.loadbalancer.server.port: "80"
|
|
restart_policy:
|
|
condition: on-failure
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
command: redis-server --appendonly yes
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- backend
|
|
deploy:
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: on-failure
|
|
|
|
networks:
|
|
traefik_net:
|
|
external: true
|
|
name: "atlas_{{.TraefikNetwork}}"
|
|
backend:
|
|
driver: overlay
|
|
|
|
volumes:
|
|
redis_data:
|
|
driver: local
|