69 lines
No EOL
2.8 KiB
Django/Jinja
69 lines
No EOL
2.8 KiB
Django/Jinja
services:
|
|
opencloud:
|
|
image: {{ opencloud_image }}
|
|
container_name: {{ opencloud_service_name }}
|
|
restart: unless-stopped
|
|
entrypoint:
|
|
- /bin/sh
|
|
command: ["-c", "opencloud init || true; opencloud server"]
|
|
volumes:
|
|
- {{ opencloud_docker_volume_dir }}/config:/etc/ocis
|
|
- {{ opencloud_docker_volume_dir }}/data:/var/lib/ocis
|
|
environment:
|
|
{% if opencloud_use_ssl %}
|
|
OC_URL: "https://{{ opencloud_domain }}"
|
|
{% else %}
|
|
OC_URL: "http://{{ opencloud_domain }}"
|
|
{% endif %}
|
|
OC_INSECURE: "true"
|
|
OC_LOG_LEVEL: "{{ opencloud_log_level }}"
|
|
PROXY_TLS: "false"
|
|
{% if opencloud_csp_extra_connect_src | length > 0 %}
|
|
PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION: "/etc/ocis/csp-override.yaml"
|
|
{% endif %}
|
|
IDM_ADMIN_PASSWORD: "{{ opencloud_admin_password }}"
|
|
{% if opencloud_oidc_issuer %}
|
|
OC_OIDC_ISSUER: "{{ opencloud_oidc_issuer }}"
|
|
OC_OIDC_CLIENT_ID: "{{ opencloud_oidc_client_id }}"
|
|
{% if opencloud_oidc_client_secret %}
|
|
OC_OIDC_CLIENT_SECRET: "{{ opencloud_oidc_client_secret }}"
|
|
{% endif %}
|
|
PROXY_OIDC_REWRITE_WELLKNOWN: "{{ opencloud_oidc_rewrite_wellknown | string | lower }}"
|
|
PROXY_USER_OIDC_CLAIM: "{{ opencloud_oidc_user_claim }}"
|
|
PROXY_USER_CS3_CLAIM: "{{ opencloud_oidc_user_cs3_claim }}"
|
|
PROXY_AUTOPROVISION_ACCOUNTS: "{{ opencloud_oidc_autoprovision_accounts | string | lower }}"
|
|
{% if opencloud_oidc_account_edit_url %}
|
|
WEB_OPTION_ACCOUNT_EDIT_LINK_HREF: "{{ opencloud_oidc_account_edit_url }}"
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if opencloud_use_s3_storage %}
|
|
STORAGE_USERS_DRIVER: "decomposeds3"
|
|
STORAGE_USERS_DECOMPOSEDS3_ENDPOINT: "{{ opencloud_s3_endpoint }}"
|
|
STORAGE_USERS_DECOMPOSEDS3_REGION: "{{ opencloud_s3_region }}"
|
|
STORAGE_USERS_DECOMPOSEDS3_ACCESS_KEY: "{{ opencloud_s3_access_key }}"
|
|
STORAGE_USERS_DECOMPOSEDS3_SECRET_KEY: "{{ opencloud_s3_secret_key }}"
|
|
STORAGE_USERS_DECOMPOSEDS3_BUCKET: "{{ opencloud_s3_bucket }}"
|
|
{% endif %}
|
|
networks:
|
|
- {{ opencloud_traefik_network }}
|
|
{% if opencloud_extra_hosts is defined and opencloud_extra_hosts | length > 0 %}
|
|
extra_hosts:
|
|
{% for host in opencloud_extra_hosts %}
|
|
- "{{ host }}"
|
|
{% endfor %}
|
|
{% endif %}
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network={{ opencloud_traefik_network }}
|
|
- traefik.http.routers.{{ opencloud_service_name }}.rule=Host(`{{ opencloud_domain }}`)
|
|
{% if opencloud_use_ssl %}
|
|
- traefik.http.routers.{{ opencloud_service_name }}.entrypoints=websecure
|
|
- traefik.http.routers.{{ opencloud_service_name }}.tls=true
|
|
{% else %}
|
|
- traefik.http.routers.{{ opencloud_service_name }}.entrypoints=web
|
|
{% endif %}
|
|
- traefik.http.services.{{ opencloud_service_name }}.loadbalancer.server.port={{ opencloud_port }}
|
|
|
|
networks:
|
|
{{ opencloud_traefik_network }}:
|
|
external: true |