web-app-skeleton/docker-compose.yml at main · opencloud-eu/web-app-skeleton · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
services:
  opencloud:
    image: ${OC_IMAGE:-opencloudeu/opencloud-rolling:latest}
    networks:
      - opencloud-net
    entrypoint: /bin/sh
    command: ['-c', 'opencloud init || true && opencloud server']
    environment:
      OC_URL: https://host.docker.internal:9200
      OC_INSECURE: true
      OC_LOG_LEVEL: error
      IDM_ADMIN_PASSWORD: admin
      IDM_CREATE_DEMO_USERS: true
      PROXY_ENABLE_BASIC_AUTH: true
      PROXY_TLS: 'false'
      WEB_ASSET_APPS_PATH: /web/apps
    labels:
      traefik.enable: true
      traefik.http.routers.opencloud.tls: true
      traefik.http.routers.opencloud.rule: Host(`host.docker.internal`) && PathPrefix(`/`)
      traefik.http.routers.opencloud.entrypoints: opencloud
      traefik.http.services.opencloud.loadbalancer.server.port: 9200
      traefik.http.routers.opencloud.middlewares: cors
    volumes:
      - opencloud-config:/etc/opencloud
      - ./dev/docker/opencloud/apps.yaml:/etc/opencloud/apps.yaml
      - ./dist:/web/apps/skeleton
    depends_on:
      - traefik

  traefik:
    image: traefik:v3.5.3
    networks:
      opencloud-net:
        aliases:
          - host.docker.internal:9200
    restart: unless-stopped
    entrypoint:
      [
        '/bin/sh',
        '-c',
        "[ -f /certificates/server.key ] && ./entrypoint.sh $$@ || (apk add openssl && openssl req -subj '/CN=opencloud.test' -x509 -sha256 -nodes -days 3650 -newkey rsa:2048 -keyout /certificates/server.key -out /certificates/server.crt && chmod -R 777 /certificates && ./entrypoint.sh $$@)"
      ]
    command:
      - '--pilot.dashboard=false'
      - '--log.level=DEBUG'
      - '--api.dashboard=true'
      - '--api.insecure=true'
      - '--providers.file.directory=/configs'
      - '--providers.docker=true'
      - '--providers.docker.exposedbydefault=false'
      - '--entrypoints.web.address=:80'
      - '--entrypoints.opencloud.address=:9200'
      - '--entrypoints.opencloud-federated.address=:10200'
      - '--entrypoints.websecure.address=:443'
      - '--entrypoints.websecure.http.middlewares=https_config@docker'
      - '--entrypoints.websecure.http.tls.options=default'
    labels:
      traefik.enable: true
      traefik.http.routers.http_catchall.rule: HostRegexp(`{any:.+}`)
      traefik.http.routers.http_catchall.entrypoints: web
      traefik.http.routers.http_catchall.middlewares: https_config
      traefik.http.middlewares.https_config.headers.sslRedirect: true
      traefik.http.middlewares.https_config.headers.stsSeconds: 63072000
      traefik.http.middlewares.https_config.headers.stsIncludeSubdomains: true
      traefik.http.middlewares.cors.headers.accesscontrolallowmethods: '*'
      traefik.http.middlewares.cors.headers.accesscontrolallowheaders: '*'
      traefik.http.middlewares.cors.headers.accesscontrolalloworiginlist: '*'
      traefik.http.middlewares.cors.headers.accesscontrolexposeheaders: '*'
      traefik.http.middlewares.cors.headers.accesscontrolmaxage: 100
      traefik.http.middlewares.cors.headers.addvaryheader: true
    ports:
      - '9200:9200'
    volumes:
      - './dev/docker/traefik/certificates:/certificates'
      - './dev/docker/traefik/configs:/configs'
      - '/var/run/docker.sock:/var/run/docker.sock:ro'

volumes:
  opencloud-config:

networks:
  opencloud-net: