32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
# Macmini WebDAV stack — exposes https://macmini.nixc.us (auth at tunnel, not in Python).
|
|
# Server (ingress) is assumed configured for this domain and key.
|
|
#
|
|
# What works:
|
|
# - WebDAV: no auth in app; uploads go to ./webdav-data. Rebuild after app changes: --build.
|
|
# - Tunnel: uses ~/.ssh/ca-userkey (same key as all other tunnel clients).
|
|
# - Auth: TUNNEL_AUTH_USER/PASS (genghis/genghis) = HTTP Basic at the tunnel; WebDAV behind it is open.
|
|
# - network_mode: service:webdav so tunnel forwards to localhost:80 inside the webdav container.
|
|
#
|
|
services:
|
|
webdav:
|
|
build: ./webdav
|
|
restart: always
|
|
volumes:
|
|
- ./webdav-data:/data
|
|
|
|
tunnel-client:
|
|
image: git.nixc.us/colin/better-argo-tunnels:client-production-arm64
|
|
restart: always
|
|
environment:
|
|
TUNNEL_SERVER: "ingress.nixc.us:2222"
|
|
TUNNEL_DOMAIN: "macmini.nixc.us"
|
|
TUNNEL_PORT: "80"
|
|
TUNNEL_KEY: "/keys/client_key"
|
|
TUNNEL_AUTH_USER: "genghis"
|
|
TUNNEL_AUTH_PASS: "genghis"
|
|
volumes:
|
|
- ~/.ssh/ca-userkey:/keys/client_key:ro
|
|
depends_on:
|
|
- webdav
|
|
network_mode: "service:webdav"
|