forked from l4rm4nd/MemeLord
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
77 lines (75 loc) · 3.1 KB
/
docker-compose.yml
File metadata and controls
77 lines (75 loc) · 3.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
services:
app:
build:
context: .
image: ghcr.io/l4rm4nd/memelord:latest
environment:
# your FQDN or IP; multiple ones supported by comma separation
- DOMAIN=memelord.example.com
# set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts
- SECURE_COOKIES=False
# define the maximum session age in minutes
- SESSION_COOKIE_AGE=30
# decide whether session cookie is invalidated on browser close
- SESSION_EXPIRE_AT_BROWSER_CLOSE=False
# define the timezone
- TZ=Europe/Berlin
# define comma-separated list of sources for csp frame-ancestors directive
#- CSP_FRAME_ANCESTORS="'self', https://iframe.example.com, https://iframe2.example.com:5432"
# ------- OPTIONAL OIDC AUTH --------
# Set to 'True' to enable OIDC authentication
#- OIDC_ENABLED=True
# Decide whether login area triggers automatic OIDC login flow
#- OIDC_AUTOLOGIN=False
# Set to 'True' to allow the creation of new users through OIDC
#- OIDC_CREATE_USER=True
# The signing algorithm used by the OIDC provider (e.g., RS256, HS256)
#- OIDC_RP_SIGN_ALGO=RS256
# URL of the JWKS endpoint for the OIDC provider
#- OIDC_OP_JWKS_ENDPOINT=https://authentik.example.com/application/o/<slug>/jwks/
# Client ID for your OIDC RP
#- OIDC_RP_CLIENT_ID=<client-id>
# Client secret for your OIDC RP
#- OIDC_RP_CLIENT_SECRET=<client-secret>
# Authorization endpoint URL of the OIDC provider
#- OIDC_OP_AUTHORIZATION_ENDPOINT=https://authentik.example.com/application/o/authorize/
# Token endpoint URL of the OIDC provider
#- OIDC_OP_TOKEN_ENDPOINT=https://authentik.example.com/application/o/token/
# User info endpoint URL of the OIDC provider
#- OIDC_OP_USER_ENDPOINT=https://authentik.example.com/application/o/userinfo/
# Length of time it takes for an id token to expire in seconds
#- OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=900
# ------- PSQL DB ENVS --------
#- DB_ENGINE=postgres
#- POSTGRES_USER=memelord
#- POSTGRES_PASSWORD=memelord
#- POSTGRES_DB=memelord
#- POSTGRES_HOST=db
#- POSTGRES_PORT=5432
restart: unless-stopped
expose:
- 8000
ports:
- 8000:8000
volumes:
- ./volume-data/database:/opt/app/database # persistent storage for sqlite3 database
- ./volume-data/media:/opt/app/media # persistent storage for uploaded media
#labels:
# - traefik.enable=true
# - traefik.docker.network=proxy
# - traefik.http.routers.memelord.rule=Host(`memelord.example.com`)
# - traefik.http.services.memelord.loadbalancer.server.port=8000
# # Optional part for traefik middlewares
# - traefik.http.routers.memelord.middlewares=local-ipwhitelist@file
db:
container_name: memelord-psql
image: postgres:16-alpine
restart: unless-stopped
expose:
- 5432
volumes:
- ./volume-data/database/psql:/var/lib/postgresql/data/
environment:
- POSTGRES_USER=memelord
- POSTGRES_PASSWORD=memelord
- POSTGRES_DB=memelord