-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.sample.yml
128 lines (121 loc) · 3.83 KB
/
docker-compose.sample.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
services:
# Lighthouse Notes Server - API Server for Lighthouse Notes
server:
image: ghcr.io/lighthousenotes/server:latest
container_name: lighthousenotes-server
links:
- postgresql
- meilisearch
- redis
environment:
- AllowedHosts=*
- Authentication__Authority=https://idp.example.com/realms/master
- Authentication__Audience=account
- ConnectionStrings__Database=Host=postgresql;Database=lighthousenotes;Username=lighthousenotes;Password=CHANGEME
- ConnectionStrings__Redis=redis
- Logging__LogLevel__Default=Warning
- Logging__LogLevel__Microsoft.AspNetCore=Warning
- Logging__LogLevel__Microsoft.Hosting.Lifetime=Warning
- Sqids__MinLength=10
- Sqids__Alphabet=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
- Minio__Endpoint=s3.example.com
- Minio__BucketName=lighthousenotes
- Minio__NetworkEncryption=true
- Minio__AccessKey=CHAGEME
- Minio__SecretKey=CHAGEME
- Meilisearch__Url=http://meilisearch:7700
- Meilisearch__Key=CHAGEME
- Urls=http://server:6000
- WebApp=https://app.example.com
restart: unless-stopped
# Secure Web Application Gateway - Nginx & Let's Encrypt
swag:
image: lscr.io/linuxserver/swag:latest
container_name: swag
links:
- server
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
- URL=example.com
- VALIDATION=http
- SUBDOMAINS=api,idp,s3
- ONLY_SUBDOMAINS=true
volumes:
- ./data/swag:/config
ports:
- 443:443
- 80:80
restart: unless-stopped
# Keycloak - Open Source Identity and Access Management For Modern Applications and Services
keycloak:
build:
dockerfile: ./Dockerfile
container_name: keycloak
depends_on:
- postgresql
environment:
- KC_DB=postgres
- KC_DB_URL=jdbc:postgresql://postgresql/keycloak
- KC_DB_USER=keycloak
- KC_DB_PASSWORD=CHANGEME
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=CHANGEME
- KC_HOSTNAME=idp.example.com
- KC_PROXY_HEADERS=xforwarded
command: start --optimized
restart: unless-stopped
# PostgreSQL Database - Open-source relational database
postgresql:
image: postgres
container_name: postgresql
volumes:
- ./postgres:/var/lib/postgresql/data
- ./init.sql:/docker-entrypoint-initdb.d/init.sql
environment:
- POSTGRES_ROOT_PASSWORD=CHANGEME
restart: unless-stopped
# Minio - Object Storage
minio:
image: minio/minio:latest
container_name: minio
ports:
- 9000:9000
- 9001:9001
volumes:
- ./data/minio:/data
- ./data/swag/etc/letsencrypt/live/idp.example.com/fullchain.pem:/root/.minio/certs/public.crt
- ./data/swag/etc/letsencrypt/live/idp.example.com/privkey.pem:/root/.minio/certs/private.key
- ./data/swag/etc/letsencrypt/live/idp.example.com/fullchain.pem:/root/.minio/certs/CAs/public.crt
- ./data/swag/etc/letsencrypt/live/idp.example.com/privkey.pem:/root/.minio/certs/CAs/private.key
environment:
- MINIO_SERVER_URL=https://s3.example.com:9000
- MINIO_ROOT_USER=minio
- MINIO_ROOT_PASSWORD=CHANGEME
command: server /data --console-address ":9001"
restart: unless-stopped
# Redis - in-memory data structure store,
redis:
image: redis
container_name: redis
volumes:
- ./data/redis:/data
command: ["redis-server"]
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 30s
retries: 3
restart: unless-stopped
# Meilisearch - flexible and powerfull search
meilisearch:
container_name: meilisearch
image: getmeili/meilisearch:v1.6
environment:
- MEILI_MASTER_KEY=CHANGEME
volumes:
- ./data/meilisearch:/data.ms
restart: unless-stopped