Split S3 config into compose.s3.yml
This commit is contained in:
parent
0bed30c1bf
commit
205a882653
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment: &s3-env
|
||||
- S3_ENABLED=true
|
||||
- AWS_ACCESS_KEY_ID
|
||||
- AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/aws_secret_access_key
|
||||
- S3_BUCKET
|
||||
- S3_REGION
|
||||
- S3_PROTOCOL
|
||||
- S3_HOSTNAME
|
||||
- S3_ENDPOINT
|
||||
- S3_SIGNATURE_VERSION
|
||||
- S3_OVERRIDE_PATH_STYLE
|
||||
- S3_OPEN_TIMEOUT
|
||||
- S3_READ_TIMEOUT
|
||||
secrets: &s3-secrets
|
||||
- aws_secret_access_key
|
||||
|
||||
streaming:
|
||||
environment: *s3-env
|
||||
secrets: *s3-secrets
|
||||
|
||||
sidekiq:
|
||||
environment: *s3-env
|
||||
secrets: *s3-secrets
|
||||
|
||||
secrets:
|
||||
aws_secret_access_key:
|
||||
name: ${STACK_NAME}_aws_secret_access_key_${SECRET_AWS_SECRET_ACCESS_KEY_VERSION}
|
||||
external: true
|
12
compose.yml
12
compose.yml
|
@ -37,8 +37,6 @@ services:
|
|||
- ALLOW_ACCESS_TO_HIDDEN_SERVICE
|
||||
- ALTERNATE_DOMAINS
|
||||
- AUTHORIZED_FETCH
|
||||
- AWS_ACCESS_KEY_ID
|
||||
- AWS_SECRET_ACCESS_KEY
|
||||
- CACHE_REDIS_HOST
|
||||
- CACHE_REDIS_NAMESPACE
|
||||
- CACHE_REDIS_PORT
|
||||
|
@ -102,16 +100,6 @@ services:
|
|||
- REDIS_NAMESPACE
|
||||
- REDIS_PORT
|
||||
- REDIS_URL
|
||||
- S3_ENABLED
|
||||
- S3_BUCKET
|
||||
- S3_REGION
|
||||
- S3_PROTOCOL
|
||||
- S3_HOSTNAME
|
||||
- S3_ENDPOINT
|
||||
- S3_SIGNATURE_VERSION
|
||||
- S3_OVERRIDE_PATH_STYLE
|
||||
- S3_OPEN_TIMEOUT
|
||||
- S3_READ_TIMEOUT
|
||||
- SAML_ACS_URL
|
||||
- SAML_ATTRIBUTES_STATEMENTS_EMAIL
|
||||
- SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME
|
||||
|
|
|
@ -28,6 +28,7 @@ export DB_PASS=$(cat /run/secrets/db_password)
|
|||
# for sidekiq service bundle exec env var threading
|
||||
file_env "OTP_SECRET"
|
||||
file_env "SECRET_KEY_BASE"
|
||||
file_env "AWS_SECRET_ACCESS_KEY"
|
||||
|
||||
{{ if eq (env "OIDC_ENABLED") "true" }}
|
||||
file_env "OIDC_CLIENT_SECRET"
|
||||
|
|
Loading…
Reference in New Issue