git
b7983b30d3
modified: apps/gramps/docker-compose.yml modified: apps/nextcloud/docker-compose.yml modified: apps/passbolt/docker-compose.yml modified: core/docker-compose.yml modified: default-environment.env modified: monitoring/prometheus/docker-compose.yml
80 lines
2.5 KiB
YAML
80 lines
2.5 KiB
YAML
services:
|
|
passbolt-db:
|
|
profiles: ["apps","all","passbolt"]
|
|
container_name: passbolt-db
|
|
image: mariadb:12
|
|
restart: always
|
|
environment:
|
|
MYSQL_RANDOM_ROOT_PASSWORD: "${PASSBOLT_MYSQL_RANDOM_ROOT_PASSWORD}"
|
|
MYSQL_DATABASE: "${PASSBOLT_MYSQL_DATABASE}"
|
|
MYSQL_USER: "${PASSBOLT_MYSQL_USER}"
|
|
MYSQL_PASSWORD: "${PASSBOLT_MYSQL_PASSWORD}"
|
|
volumes:
|
|
- ${PROJECT_ROOT}/apps/passbolt/data/database:/var/lib/mysql
|
|
networks:
|
|
- passbolt
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u\"$$MARIADB_USER\" -p\"$$MARIADB_PASSWORD\" --silent"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 12
|
|
start_period: 60s
|
|
labels:
|
|
- "io.portainer.accesscontrol.public"
|
|
|
|
|
|
passbolt-webapp:
|
|
image: passbolt/passbolt:latest-ce
|
|
profiles: ["apps","all","passbolt"]
|
|
container_name: passbolt-webapp
|
|
#Alternatively you can use rootless:
|
|
restart: always
|
|
depends_on:
|
|
- passbolt-db
|
|
environment:
|
|
APP_FULL_BASE_URL: ${PASSBOLT_APP_FULL_BASE_URL}
|
|
DATASOURCES_DEFAULT_HOST: "${PASSBOLT_DATASOURCES_DEFAULT_HOST}"
|
|
DATASOURCES_DEFAULT_USERNAME: "${PASSBOLT_DATASOURCES_DEFAULT_USERNAME}"
|
|
DATASOURCES_DEFAULT_PASSWORD: "${PASSBOLT_DATASOURCES_DEFAULT_PASSWORD}"
|
|
DATASOURCES_DEFAULT_DATABASE: "${PASSBOLT_DATASOURCES_DEFAULT_DATABASE}"
|
|
PASSBOLT_GPG_SERVER_KEY_FINGERPRINT: "${PASSBOLT_GPG_SERVER_KEY_FINGERPRINT}"
|
|
volumes:
|
|
- ${PROJECT_ROOT}/apps/passbolt/data/gpg:/etc/passbolt/gpg
|
|
- ${PROJECT_ROOT}/apps/passbolt/data/jwt:/etc/passbolt/jwt
|
|
command:
|
|
[
|
|
"/usr/bin/wait-for.sh",
|
|
"-t",
|
|
"0",
|
|
"passbolt-db:3306",
|
|
"--",
|
|
"/docker-entrypoint.sh",
|
|
]
|
|
networks:
|
|
- traefik
|
|
- passbolt
|
|
labels:
|
|
- "traefik.http.routers.passbolt.rule=Host(`passbolt.lan.ddnsgeek.com`)"
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.passbolt.entrypoints=websecure"
|
|
- "traefik.http.routers.passbolt.tls.certresolver=myresolver"
|
|
- "io.portainer.accesscontrol.public"
|
|
- "traefik.docker.network=core_traefik"
|
|
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "curl -fsS http://localhost/healthcheck/status | grep -qx OK"]
|
|
# su -s /bin/sh -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data
|
|
# | grep -q "No error found"
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 6
|
|
start_period: 120s
|
|
|
|
|
|
networks:
|
|
# traefik_reverse_proxy:
|
|
# external: true
|
|
# internal:
|
|
# driver: bridge
|
|
passbolt:
|