all secrets
This commit is contained in:
parent
ec4612f648
commit
68a66a5e58
14
.env.sample
14
.env.sample
|
@ -52,13 +52,13 @@ GITHUB_TOKEN=xyz
|
||||||
|
|
||||||
# ====================================
|
# ====================================
|
||||||
# these secrets will be autogenerated/managed by abra and docker"
|
# these secrets will be autogenerated/managed by abra and docker"
|
||||||
SECRET_POSTGRES_PASSWORD_VERSION=v1
|
postgres_password_secret_version=v1
|
||||||
SECRET_SECRET_KEY_BASE_VERSION=v1
|
secret_key_base_secret_version=v1
|
||||||
SECRET_SIGNING_SALT_VERSION=v1
|
signing_salt_secret_version=v1
|
||||||
SECRET_ENCRYPTION_SALT_VERSION=v1
|
encryption_salt_secret_version=v1
|
||||||
SECRET_MEILI_MASTER_KEY_VERSION=v1
|
meili_master_key_secret_version=v1
|
||||||
SECRET_SEEDS_PW_VERSION=v1
|
seeds_pw_secret_version=v1
|
||||||
SECRET_LIVEBOOK_PASSWORD_VERSION=v1
|
livebook_password_secret_version=v1
|
||||||
|
|
||||||
# ====================================
|
# ====================================
|
||||||
# You should not have to edit any of the following ones:
|
# You should not have to edit any of the following ones:
|
||||||
|
|
45
compose.yml
45
compose.yml
|
@ -14,6 +14,15 @@ services:
|
||||||
- POSTGRES_DB=bonfire_db
|
- POSTGRES_DB=bonfire_db
|
||||||
- PUBLIC_PORT=443
|
- PUBLIC_PORT=443
|
||||||
- HOSTNAME
|
- HOSTNAME
|
||||||
|
- MEILI_MASTER_KEY_FILE=/run/secrets/meili_master_key
|
||||||
|
secrets:
|
||||||
|
- postgres_password
|
||||||
|
- secret_key_base
|
||||||
|
- signing_salt
|
||||||
|
- encryption_salt
|
||||||
|
- meili_master_key
|
||||||
|
- seeds_pw
|
||||||
|
- livebook_password
|
||||||
volumes:
|
volumes:
|
||||||
- upload-data:/opt/app/data/uploads
|
- upload-data:/opt/app/data/uploads
|
||||||
networks:
|
networks:
|
||||||
|
@ -43,20 +52,24 @@ services:
|
||||||
|
|
||||||
db:
|
db:
|
||||||
image: ${DB_DOCKER_IMAGE}
|
image: ${DB_DOCKER_IMAGE}
|
||||||
volumes:
|
|
||||||
- db-data:/var/lib/postgresql/data
|
|
||||||
environment:
|
environment:
|
||||||
# - POSTGRES_PASSWORD
|
# - POSTGRES_PASSWORD
|
||||||
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
|
||||||
- POSTGRES_USER=postgres
|
- POSTGRES_USER=postgres
|
||||||
- POSTGRES_DB=bonfire_db
|
- POSTGRES_DB=bonfire_db
|
||||||
|
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
||||||
|
secrets:
|
||||||
|
- postgres_password
|
||||||
|
volumes:
|
||||||
|
- db-data:/var/lib/postgresql/data
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
secrets:
|
|
||||||
- postgres_password
|
|
||||||
|
|
||||||
bonfire_search:
|
bonfire_search:
|
||||||
image: getmeili/meilisearch:latest
|
image: getmeili/meilisearch:latest
|
||||||
|
environment:
|
||||||
|
- MEILI_MASTER_KEY_FILE=/run/secrets/meili_master_key
|
||||||
|
secrets:
|
||||||
|
- meili_master_key
|
||||||
volumes:
|
volumes:
|
||||||
- "search-data:/data.ms"
|
- "search-data:/data.ms"
|
||||||
networks:
|
networks:
|
||||||
|
@ -75,4 +88,22 @@ networks:
|
||||||
secrets:
|
secrets:
|
||||||
postgres_password:
|
postgres_password:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION}
|
name: ${STACK_NAME}_postgres_password_${postgres_password_secret_version}
|
||||||
|
secret_key_base:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_secret_key_base_${secret_key_base_secret_version}
|
||||||
|
signing_salt:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_signing_salt_${signing_salt_secret_version}
|
||||||
|
encryption_salt:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_encryption_salt_${encryption_salt_secret_version}
|
||||||
|
meili_master_key:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_meili_master_key_${meili_master_key_secret_version}
|
||||||
|
seeds_pw:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_seeds_pw_${seeds_pw_secret_version}
|
||||||
|
livebook_password:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_livebook_password_${livebook_password_secret_version}
|
||||||
|
|
Loading…
Reference in New Issue