mirror of
https://github.com/opf/openproject.git
synced 2026-06-14 03:30:14 +00:00
Jan Sandbrink
2338b58561
It turns out that the initial approach of overwriting certain configuration from the command-line did not work at all, because Traefik insists on only receiving configuration in one way. Either of config file, command-line or env variables. The best thing to overwrite separately in a docker setup is environment variables, so the configuration has been turned towards environment variables now.
66 lines
2.3 KiB
YAML
66 lines
2.3 KiB
YAML
services:
|
|
traefik:
|
|
image: traefik:latest
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./acme.json:/acme.json
|
|
- step:/step:ro
|
|
restart: unless-stopped
|
|
environment:
|
|
TRAEFIK_LOG_LEVEL: INFO
|
|
TRAEFIK_API_DISABLEDASHBOARDAD: true
|
|
TRAEFIK_PROVIDERS_DOCKER_NETWORK: gateway
|
|
TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT: false
|
|
TRAEFIK_ENTRYPOINTS_WEB_ADDRESS: ":80"
|
|
TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_TO: websecure
|
|
TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS: ":443"
|
|
TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_CERTRESOLVER: step
|
|
TRAEFIK_CERTIFICATESRESOLVERS_STEP_ACME_CASERVER: https://step:9000/acme/acme/directory
|
|
TRAEFIK_CERTIFICATESRESOLVERS_STEP_ACME_TLSCHALLENGE: true
|
|
TRAEFIK_CERTIFICATESRESOLVERS_STEP_ACME_EMAIL: root@localhost
|
|
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_HTTPCHALLENGE_ENTRYPOINT: web
|
|
networks:
|
|
external:
|
|
aliases:
|
|
- traefik.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- openproject.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- openproject-assets.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- nextcloud.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- xwiki.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- gitlab.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- keycloak.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- hocuspocus.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- minio.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- minioadmin.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
- jira-software.${OPENPROJECT_DOCKER_DEV_TLD:-local}
|
|
labels:
|
|
- "traefik.http.routers.traefik.rule=Host(`traefik.${OPENPROJECT_DOCKER_DEV_TLD:-local}`)"
|
|
- "traefik.http.routers.traefik.service=api@internal"
|
|
- "traefik.http.routers.traefik.entrypoints=websecure"
|
|
|
|
step:
|
|
image: smallstep/step-ca:latest
|
|
restart: unless-stopped
|
|
environment:
|
|
- TZ=UTC
|
|
- DOCKER_STEPCA_INIT_NAME=OpenProject Development
|
|
- DOCKER_STEPCA_INIT_DNS_NAMES=step,localhost
|
|
- DOCKER_STEPCA_INIT_PROVISIONER_NAME=openproject
|
|
- DOCKER_STEPCA_INIT_PASSWORD=openproject
|
|
- DOCKER_STEPCA_INIT_ACME=true
|
|
volumes:
|
|
- step:/home/step
|
|
networks:
|
|
- external
|
|
|
|
volumes:
|
|
step:
|
|
|
|
networks:
|
|
external:
|
|
name: gateway
|
|
external: true
|