Compose-Examples/examples/hedgedoc/docker-compose.yml

69 lines
2.6 KiB
YAML
Raw Normal View History

2023-09-12 15:07:48 +00:00
version: '3'
services:
database:
image: postgres:13.4-alpine
container_name: hedgedoc-db
environment:
- POSTGRES_USER=hedgedoc
- POSTGRES_PASSWORD=password
- POSTGRES_DB=hedgedoc
volumes:
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/hedgedoc/database:/var/lib/postgresql/data
restart: always
#networks:
# - proxy
app:
2024-09-01 18:38:28 +00:00
image: quay.io/hedgedoc/hedgedoc:1.10.0
2023-09-12 15:07:48 +00:00
container_name: hedgedoc-app
environment:
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
- CMD_DOMAIN=collab.example.com
- CMD_URL_ADDPORT=false
- CMD_PROTOCOL_USESSL=true
- CMD_SESSION_SECRET="discolor-subtitle-seducing-result-ceramics" # define secret
- CMD_ALLOW_EMAIL_REGISTER="false" # disallow registration
- CMD_EMAIL="false" # disallow login; only guest notes
2024-08-13 09:50:49 +00:00
# ------- OAUTH SSO -------
# see https://docs.goauthentik.io/integrations/services/hedgedoc/
#- CMD_ALLOW_ANONYMOUS_EDITS=False
#- CMD_OAUTH2_USER_PROFILE_URL=https://authentik.example.com/application/o/userinfo/
#- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
#- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
#- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
#- CMD_OAUTH2_TOKEN_URL=https://authentik.example.com/application/o/token/
#- CMD_OAUTH2_AUTHORIZATION_URL=https://authentik.example.com/application/o/authorize/
#- CMD_OAUTH2_CLIENT_ID=<ID>
#- CMD_OAUTH2_CLIENT_SECRET=<SECRET>
#- CMD_OAUTH2_PROVIDERNAME=Authentik
#- CMD_OAUTH2_SCOPE=openid email profile
2023-09-12 15:07:48 +00:00
volumes:
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/hedgedoc/uploads:/hedgedoc/public/uploads
ports:
- 3000:3000/tcp
expose:
- 3000
restart: always
depends_on:
- database
#networks:
# - proxy
#labels:
# - traefik.enable=true
# - traefik.docker.network=proxy
# - traefik.http.routers.hedgedoc.rule=Host(`collab.example.com`)
# - traefik.http.routers.hedgedoc.service=hedgedoc
2023-09-12 15:07:48 +00:00
# - traefik.http.services.hedgedoc.loadbalancer.server.port=3000
# - traefik.http.routers.hedgedoc.middlewares=local-ipwhitelist@file
# # prevent unauthorized access to the /metrics endpoint
# - traefik.http.routers.hedgedoc-metrics.rule=Host(`collab.example.com`) && PathPrefix(`/metrics`)
# - traefik.http.routers.hedgedoc-metrics.service=hedgedoc
# - traefik.http.services.hedgedoc-metrics.loadbalancer.server.port=3000
# - traefik.http.routers.hedgedoc-metrics.middlewares=local-ipwhitelist@file
2023-09-12 15:07:48 +00:00
#networks:
# proxy:
# external: true