70 lines
2.6 KiB
YAML
70 lines
2.6 KiB
YAML
# https://sdk.collaboraonline.com/docs/installation/CODE_Docker_image.html
|
|
# https://github.com/CollaboraOnline/online
|
|
|
|
name: collabora
|
|
|
|
secrets:
|
|
collabora_username:
|
|
file: ${SECRETSDIR}/collabora_username
|
|
collabora_password:
|
|
file: ${SECRETSDIR}/collabora_password
|
|
|
|
networks:
|
|
traefik-net:
|
|
external: true
|
|
|
|
services:
|
|
collabora:
|
|
image: collabora/code #:22.05.10.1.1
|
|
hostname: collabora
|
|
env_file: .collabora.env
|
|
#user: "${PUID}:${PGID}"
|
|
tty: true
|
|
group_add:
|
|
- "${PGID}"
|
|
cap_add:
|
|
- MKNOD
|
|
networks:
|
|
- traefik-net
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- "${DATADIR}/config:/config"
|
|
restart: unless-stopped
|
|
secrets:
|
|
- collabora_username
|
|
- collabora_password
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-net
|
|
#
|
|
# http middlewares
|
|
# ---------------------------
|
|
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.scheme=https"
|
|
- "traefik.http.middlewares.${APPLICATION_NAME}-https-redirect.redirectscheme.permanent=true"
|
|
#
|
|
# http services
|
|
# -------------
|
|
- "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}"
|
|
#
|
|
# http routers
|
|
# ------------
|
|
# limit router to web ":80" entrypoint (Note: web entrypoint http requests are globally redirected to websecure router in traefik.yml)
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# attach middlewares to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=${APPLICATION_NAME}-https-redirect"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc"
|
|
#
|
|
# limit router to websecure ":443" entrypoint
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# set router to be dedicated to secure requests only for the host specified in match criteria
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true"
|
|
# generate certificates using following certresolver
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=sthomeresolver"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc"
|