89 lines
2.3 KiB
YAML
89 lines
2.3 KiB
YAML
---
|
|
version: "3.8"
|
|
|
|
services:
|
|
postgres:
|
|
image: postgres:11.6-alpine
|
|
environment:
|
|
- POSTGRES_USER=codimd
|
|
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
|
- POSTGRES_DB=codimd
|
|
volumes:
|
|
- "postgres:/var/lib/postgresql/data"
|
|
secrets:
|
|
- db_password
|
|
networks:
|
|
- internal
|
|
|
|
codimd:
|
|
image: nabo.codimd.dev/hackmdio/hackmd:2.1.0
|
|
environment:
|
|
- CMD_USECDN=false
|
|
- CMD_DB_NAME=codimd
|
|
- CMD_DB_USER=codimd
|
|
- CMD_DB_HOST=postgres
|
|
- CMD_DB_PASSWORD_FILE=/run/secrets/db_password
|
|
- CMD_OAUTH2_PROVIDERNAME
|
|
- CMD_OAUTH2_BASEURL
|
|
- CMD_OAUTH2_CLIENT_ID
|
|
- CMD_OAUTH2_CLIENT_SECRET_FILE=/run/secrets/oauth_key
|
|
- CMD_OAUTH2_AUTHORIZATION_URL
|
|
- CMD_OAUTH2_TOKEN_URL
|
|
- CMD_OAUTH2_USER_PROFILE_URL
|
|
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
|
|
depends_on:
|
|
- postgres
|
|
networks:
|
|
- proxy
|
|
- internal
|
|
volumes:
|
|
- codimd_uploads:/home/hackmd/app/public/uploads
|
|
secrets:
|
|
- db_password
|
|
- oauth_key
|
|
entrypoint: /docker-entrypoint2.sh
|
|
configs:
|
|
- source: entrypoint2_conf
|
|
target: /docker-entrypoint2.sh
|
|
mode: 0555
|
|
deploy:
|
|
restart_policy:
|
|
condition: on-failure
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=proxy"
|
|
- "traefik.http.routers.${STACK_NAME}.tls=true"
|
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
|
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-qO", "-", "http://localhost:3000"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 10
|
|
start_period: 1m
|
|
|
|
volumes:
|
|
postgres:
|
|
codimd_uploads:
|
|
|
|
secrets:
|
|
db_password:
|
|
external: true
|
|
name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
|
|
oauth_key:
|
|
external: true
|
|
name: ${STACK_NAME}_oauth_key_${OAUTH_KEY_VERSION}
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
internal:
|
|
|
|
configs:
|
|
entrypoint2_conf:
|
|
name: ${STACK_NAME}_entrypoint2_${ENTRYPOINT_CONF_VERSION}
|
|
file: entrypoint.sh.tmpl
|
|
template_driver: golang
|