mirror of
https://github.com/Haxxnet/Compose-Examples.git
synced 2025-12-16 20:08:29 +01:00
87 lines
3.4 KiB
YAML
87 lines
3.4 KiB
YAML
services:
|
|
|
|
app:
|
|
image: ghcr.io/l4rm4nd/memelord:latest # pin a minor version series tag instead of latest
|
|
container_name: memelord
|
|
environment:
|
|
# your FQDN or IP; multiple ones supported by comma separation
|
|
- DOMAIN=memelord.example.com
|
|
# set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts
|
|
- SECURE_COOKIES=False
|
|
# define the maximum session age in minutes
|
|
- SESSION_COOKIE_AGE=30
|
|
# decide whether session cookie is invalidated on browser close
|
|
- SESSION_EXPIRE_AT_BROWSER_CLOSE=False
|
|
# define the timezone
|
|
- TZ=Europe/Berlin
|
|
# define comma-separated list of sources for csp frame-ancestors directive
|
|
#- CSP_FRAME_ANCESTORS="'self', https://iframe.example.com, https://iframe2.example.com:5432"
|
|
# ------- OPTIONAL OIDC AUTH --------
|
|
# Set to 'True' to enable OIDC authentication
|
|
#- OIDC_ENABLED=True
|
|
# Decide whether login area triggers automatic OIDC login flow
|
|
#- OIDC_AUTOLOGIN=False
|
|
# Set to 'True' to allow the creation of new users through OIDC
|
|
#- OIDC_CREATE_USER=True
|
|
# The signing algorithm used by the OIDC provider (e.g., RS256, HS256)
|
|
#- OIDC_RP_SIGN_ALGO=RS256
|
|
# URL of the JWKS endpoint for the OIDC provider
|
|
#- OIDC_OP_JWKS_ENDPOINT=https://authentik.example.com/application/o/<slug>/jwks/
|
|
# Client ID for your OIDC RP
|
|
#- OIDC_RP_CLIENT_ID=<client-id>
|
|
# Client secret for your OIDC RP
|
|
#- OIDC_RP_CLIENT_SECRET=<client-secret>
|
|
# Authorization endpoint URL of the OIDC provider
|
|
#- OIDC_OP_AUTHORIZATION_ENDPOINT=https://authentik.example.com/application/o/authorize/
|
|
# Token endpoint URL of the OIDC provider
|
|
#- OIDC_OP_TOKEN_ENDPOINT=https://authentik.example.com/application/o/token/
|
|
# User info endpoint URL of the OIDC provider
|
|
#- OIDC_OP_USER_ENDPOINT=https://authentik.example.com/application/o/userinfo/
|
|
# Length of time it takes for an id token to expire in seconds
|
|
#- OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=900
|
|
# ------- PSQL DB ENVS --------
|
|
#- DB_ENGINE=postgres
|
|
#- POSTGRES_USER=memelord
|
|
#- POSTGRES_PASSWORD=memelord
|
|
#- POSTGRES_DB=memelord
|
|
#- POSTGRES_HOST=db
|
|
#- POSTGRES_PORT=5432
|
|
restart: unless-stopped
|
|
expose:
|
|
- 8000
|
|
ports:
|
|
- 8000:8000
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- ./volume-data/database:/opt/app/database # persistent storage for sqlite3 database
|
|
- ./volume-data/media:/opt/app/media # persistent storage for uploaded media
|
|
#networks:
|
|
# - proxy
|
|
#labels:
|
|
# - traefik.enable=true
|
|
# - traefik.docker.network=proxy
|
|
# - traefik.http.routers.memelord.rule=Host(`memelord.example.com`)
|
|
# - traefik.http.services.memelord.loadbalancer.server.port=8000
|
|
# # Optional part for traefik middlewares
|
|
# - traefik.http.routers.memelord.middlewares=local-ipwhitelist@file
|
|
|
|
# db:
|
|
# container_name: memelord-psql
|
|
# image: postgres:16-alpine
|
|
# restart: unless-stopped
|
|
# expose:
|
|
# - 5432
|
|
# volumes:
|
|
# - ./volume-data/database/psql:/var/lib/postgresql/data/
|
|
# environment:
|
|
# - POSTGRES_USER=memelord
|
|
# - POSTGRES_PASSWORD=memelord
|
|
# - POSTGRES_DB=memelord
|
|
# #networks:
|
|
# # - proxy
|
|
|
|
#networks:
|
|
# proxy:
|
|
# external: true
|