2024-07-08 21:44:40 +00:00
|
|
|
services:
|
|
|
|
|
|
|
|
vouchervault:
|
2024-07-29 02:23:34 +00:00
|
|
|
image: l4rm4nd/vouchervault:1.1.x
|
2024-07-08 21:44:40 +00:00
|
|
|
container_name: vouchervault
|
|
|
|
environment:
|
2024-07-17 22:42:02 +00:00
|
|
|
- DOMAIN=vouchervault.example.com # your FQDN or IP; used to define ALLOWED_HOSTS and CSRF_TRUSTED_ORIGINS
|
|
|
|
- SECURE_COOKIES=False # set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts
|
2024-07-08 21:44:40 +00:00
|
|
|
- EXPIRY_THRESHOLD_DAYS=90 # send notifications xx days prior expiry; default is 30
|
2024-07-29 02:23:34 +00:00
|
|
|
# ------- OPTIONAL OIDC AUTH --------
|
|
|
|
# Set to 'True' to enable OIDC authentication
|
|
|
|
#- OIDC_ENABLED=True
|
|
|
|
# Set to 'True' to allow the creation of new users through OIDC
|
|
|
|
#- OIDC_CREATE_USER=True
|
|
|
|
# The signing algorithm used by the OIDC provider (e.g., RS256, HS256)
|
|
|
|
#- OIDC_RP_SIGN_ALGO=RS256
|
|
|
|
# URL of the JWKS endpoint for the OIDC provider
|
|
|
|
#- OIDC_OP_JWKS_ENDPOINT=https://authentik.example.com/application/o/vouchervault/jwks/
|
|
|
|
# Client ID for your OIDC RP
|
|
|
|
#- OIDC_RP_CLIENT_ID=vouchervault
|
|
|
|
# Client secret for your OIDC RP
|
|
|
|
#- OIDC_RP_CLIENT_SECRET=super-secure-secret-key
|
|
|
|
# Authorization endpoint URL of the OIDC provider
|
|
|
|
#- OIDC_OP_AUTHORIZATION_ENDPOINT=https://authentik.example.com/application/o/authorize/
|
|
|
|
# Token endpoint URL of the OIDC provider
|
|
|
|
#- OIDC_OP_TOKEN_ENDPOINT=https://authentik.example.com/application/o/token/
|
|
|
|
# User info endpoint URL of the OIDC provider
|
|
|
|
#- OIDC_OP_USER_ENDPOINT=https://authentik.example.com/application/o/userinfo/
|
|
|
|
# ------- OTHER OPTIONAL ENVS --------
|
|
|
|
#- SECRET_KEY=ChooseSuperSecretKey # optional; if not defined, a secure secret is auto-generated
|
|
|
|
#- PORT=8000 # optional; only relevant if you use a custom port; used to define CSRF_TRUSTED_ORIGINS
|
|
|
|
#- REDIS_HOST=redis # optional; only change if you use another redis container
|
|
|
|
#- DEBUG=True # # optional; only enable for debugging and dev environments
|
2024-07-08 21:44:40 +00:00
|
|
|
restart: unless-stopped
|
|
|
|
expose:
|
|
|
|
- 8000
|
|
|
|
ports:
|
2024-07-28 00:27:30 +00:00
|
|
|
- 8000:8000
|
2024-07-08 21:44:40 +00:00
|
|
|
volumes:
|
|
|
|
- /etc/localtime:/etc/localtime:ro
|
|
|
|
- /etc/timezone:/etc/timezone:ro
|
|
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vouchervault/database:/opt/app/database
|
|
|
|
#networks:
|
|
|
|
# - proxy
|
|
|
|
#labels:
|
|
|
|
# - traefik.enable=true
|
|
|
|
# - traefik.docker.network=proxy
|
|
|
|
# - traefik.http.routers.vouchervault.rule=Host(`vouchervault.example.com`)
|
|
|
|
# - traefik.http.services.vouchervault.loadbalancer.server.port=8000
|
|
|
|
# # Optional part for traefik middlewares
|
|
|
|
# - traefik.http.routers.vouchervault.middlewares=local-ipwhitelist@file
|
|
|
|
|
|
|
|
redis:
|
|
|
|
container_name: vouchervault-redis
|
|
|
|
image: redis:7.2-alpine
|
|
|
|
restart: unless-stopped
|
|
|
|
#networks:
|
|
|
|
# - proxy
|
|
|
|
|
|
|
|
#networks:
|
|
|
|
# proxy:
|
|
|
|
# external: true
|