diff --git a/.env.sample b/.env.sample
index 4f5483aa15940159b3e02b521b0caf4864ed2f31..c48a20436cc74a7c328a7c9c30cf79b30bbeb183 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,12 +1,22 @@
-COMPOSE_FILE=docker-compose.yml
+# For prod
+# COMPOSE_FILE=docker-compose.yml:traefik.yml
+# For local
+COMPOSE_FILE=docker-compose.yml:ports.yml
+NAME=servermon
+HOST=some-host.fqdn
+
+# For local deployment
+PORT=3000
+
+# Variable to change
+
+SECRET_ROOT_USER= # User as the root admin user
+SECRET_ROOT_PASSWORD= # The admin user password (change this after signed in)
+SECRET_ROOT_EMAIL= # The email for the admin user
+SECRET_JWT_SECRET= # Override this for the secret signin JWT tokens for log in
+
+# Instance variable
SECRET_LOCAL_HOSTNAME=0.0.0.0 # The local hostname for the fastify instance
-SECRET_PORT=3000 # The port number for the fastify instance
-SECRET_HOST=!changeme! # Used for i.e. set cors/cookies to your domain name
-SECRET_ROOT_USER=groot # User as the root admin user
-SECRET_ROOT_PASSWORD=iamroot # The admin user password (change this after signed in)
-SECRET_ROOT_EMAIL=groot@hemmelig.app # The email for the admin user
SECRET_FILE_SIZE=4 # Set the total allowed upload file size in mb
SECRET_FORCED_LANGUAGE=fr # Set the default language for the application
-SECRET_JWT_SECRET=!changeme! # Override this for the secret signin JWT tokens for log in
-SECRET_MAX_TEXT_SIZE=256 # The max text size for the secret. Is set in kb. i.e. 256 for 256kb
diff --git a/docker-compose.yml b/docker-compose.yml
index 8712614a7daf04346b62e0a5adc75e8de6211f99..c954f0b76066b52967cfe0633080039f19ff96f3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,20 +10,15 @@ services:
- ./database/:/home/node/hemmelig/database/
environment:
- SECRET_LOCAL_HOSTNAME=${SECRET_LOCAL_HOSTNAME}
- - SECRET_PORT=${SECRET_PORT}
- - SECRET_HOST=${SECRET_HOST}
+ - SECRET_PORT=${PORT}
+ - SECRET_HOST=${HOST}
- SECRET_ROOT_USER=${SECRET_ROOT_USER}
- SECRET_ROOT_PASSWORD=${SECRET_ROOT_PASSWORD}
- SECRET_ROOT_EMAIL=${SECRET_ROOT_EMAIL}
- - SECRET_FILE_SIZE=${SECRET_FILE_SIZE}
- SECRET_FORCED_LANGUAGE=${SECRET_FORCED_LANGUAGE}
- SECRET_JWT_SECRET=${SECRET_JWT_SECRET}
- - SECRET_MAX_TEXT_SIZE=${SECRET_MAX_TEXT_SIZE}
- ports:
- - '3000:3000'
restart: unless-stopped
volumes:
data:
database:
-
diff --git a/ports.yml b/ports.yml
new file mode 100644
index 0000000000000000000000000000000000000000..535bab542f7bfcd7fdb74f777e6befd55f485377
--- /dev/null
+++ b/ports.yml
@@ -0,0 +1,6 @@
+version: "3"
+
+services:
+ hemmelig:
+ ports:
+ - ${PORT}:3000
diff --git a/traefik.yml b/traefik.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f0f3b69d3c83ac9e4211bc5386939fc8b08ec2c2
--- /dev/null
+++ b/traefik.yml
@@ -0,0 +1,18 @@
+version: "3"
+services:
+ kasm:
+ networks:
+ - default
+ - traefik
+ labels:
+ - "traefik.enable=true"
+ - "traefik.docker.network=traefik"
+ - "traefik.http.routers.${NAME}.rule=Host(`${HOST}`)"
+ - "traefik.http.routers.${NAME}.tls.certresolver=myresolver"
+ - "traefik.http.routers.${NAME}.entrypoints=web,websecure"
+ - "traefik.http.services.${NAME}.loadbalancer.server.port=3000"
+ - "traefik.http.services.${NAME}.loadbalancer.server.scheme=https"
+
+networks:
+ traefik:
+ external: true