Digitalboard/digitalboard.core
5
2
Fork 0
Code Pull requests Releases Packages Activity Actions
digitalboard.core/roles/opencloud/templates/docker-compose.yml.j2
Bert-Jan Fikse 2dc9097707
feat: add oidc provisioning for opencloud 
Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
2026-03-05 15:36:12 +01:00

61 lines
No EOL
2.4 KiB
Django/Jinja
Raw Blame History

services:
opencloud:
image: {{ opencloud_image }}
container_name: {{ opencloud_service_name }}
restart: unless-stopped
entrypoint:
- /bin/sh
command: ["-c", "opencloud init || true; opencloud server"]
volumes:
- {{ opencloud_docker_volume_dir }}/config:/etc/ocis
- {{ opencloud_docker_volume_dir }}/data:/var/lib/ocis
environment:
{% if opencloud_use_ssl %}
OC_URL: "https://{{ opencloud_domain }}"
{% else %}
OC_URL: "http://{{ opencloud_domain }}"
{% endif %}
OC_INSECURE: "true"
OC_LOG_LEVEL: "{{ opencloud_log_level }}"
PROXY_TLS: "false"
{% if opencloud_csp_extra_connect_src | length > 0 %}
PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION: "/etc/ocis/csp-override.yaml"
{% endif %}
IDM_ADMIN_PASSWORD: "{{ opencloud_admin_password }}"
{% if opencloud_oidc_issuer %}
OC_OIDC_ISSUER: "{{ opencloud_oidc_issuer }}"
OC_OIDC_CLIENT_ID: "{{ opencloud_oidc_client_id }}"
{% if opencloud_oidc_client_secret %}
OC_OIDC_CLIENT_SECRET: "{{ opencloud_oidc_client_secret }}"
{% endif %}
PROXY_OIDC_REWRITE_WELLKNOWN: "{{ opencloud_oidc_rewrite_wellknown | string | lower }}"
PROXY_USER_OIDC_CLAIM: "{{ opencloud_oidc_user_claim }}"
PROXY_USER_CS3_CLAIM: "{{ opencloud_oidc_user_cs3_claim }}"
PROXY_AUTOPROVISION_ACCOUNTS: "{{ opencloud_oidc_autoprovision_accounts | string | lower }}"
{% if opencloud_oidc_account_edit_url %}
WEB_OPTION_ACCOUNT_EDIT_LINK_HREF: "{{ opencloud_oidc_account_edit_url }}"
{% endif %}
{% endif %}
networks:
- {{ opencloud_traefik_network }}
{% if opencloud_extra_hosts is defined and opencloud_extra_hosts | length > 0 %}
extra_hosts:
{% for host in opencloud_extra_hosts %}
- "{{ host }}"
{% endfor %}
{% endif %}
labels:
- traefik.enable=true
- traefik.docker.network={{ opencloud_traefik_network }}
- traefik.http.routers.{{ opencloud_service_name }}.rule=Host(`{{ opencloud_domain }}`)
{% if opencloud_use_ssl %}
- traefik.http.routers.{{ opencloud_service_name }}.entrypoints=websecure
- traefik.http.routers.{{ opencloud_service_name }}.tls=true
{% else %}
- traefik.http.routers.{{ opencloud_service_name }}.entrypoints=web
{% endif %}
- traefik.http.services.{{ opencloud_service_name }}.loadbalancer.server.port={{ opencloud_port }}
networks:
{{ opencloud_traefik_network }}:
external: true
View git blame Copy permalink