From 7c5f73e60a1ba5c43b102619eb9c6b1f240b78bb Mon Sep 17 00:00:00 2001
From: Elian Loraux <elian.loraux@tetras-libre.fr>
Date: Thu, 20 Jun 2024 14:59:09 +0200
Subject: [PATCH] separate ports and traefik
---
.env.sample | 26 ++++++++++++++++++--------
docker-compose.yml | 9 ++-------
ports.yml | 6 ++++++
traefik.yml | 18 ++++++++++++++++++
4 files changed, 44 insertions(+), 15 deletions(-)
create mode 100644 ports.yml
create mode 100644 traefik.yml
diff --git a/.env.sample b/.env.sample
index 4f5483a..c48a204 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,12 +1,22 @@
-COMPOSE_FILE=docker-compose.yml
+# For prod
+# COMPOSE_FILE=docker-compose.yml:traefik.yml
+# For local
+COMPOSE_FILE=docker-compose.yml:ports.yml
+NAME=servermon
+HOST=some-host.fqdn
+
+# For local deployment
+PORT=3000
+
+# Variable to change
+
+SECRET_ROOT_USER= # User as the root admin user
+SECRET_ROOT_PASSWORD= # The admin user password (change this after signed in)
+SECRET_ROOT_EMAIL= # The email for the admin user
+SECRET_JWT_SECRET= # Override this for the secret signin JWT tokens for log in
+
+# Instance variable
SECRET_LOCAL_HOSTNAME=0.0.0.0 # The local hostname for the fastify instance
-SECRET_PORT=3000 # The port number for the fastify instance
-SECRET_HOST=!changeme! # Used for i.e. set cors/cookies to your domain name
-SECRET_ROOT_USER=groot # User as the root admin user
-SECRET_ROOT_PASSWORD=iamroot # The admin user password (change this after signed in)
-SECRET_ROOT_EMAIL=groot@hemmelig.app # The email for the admin user
SECRET_FILE_SIZE=4 # Set the total allowed upload file size in mb
SECRET_FORCED_LANGUAGE=fr # Set the default language for the application
-SECRET_JWT_SECRET=!changeme! # Override this for the secret signin JWT tokens for log in
-SECRET_MAX_TEXT_SIZE=256 # The max text size for the secret. Is set in kb. i.e. 256 for 256kb
diff --git a/docker-compose.yml b/docker-compose.yml
index 8712614..c954f0b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,20 +10,15 @@ services:
- ./database/:/home/node/hemmelig/database/
environment:
- SECRET_LOCAL_HOSTNAME=${SECRET_LOCAL_HOSTNAME}
- - SECRET_PORT=${SECRET_PORT}
- - SECRET_HOST=${SECRET_HOST}
+ - SECRET_PORT=${PORT}
+ - SECRET_HOST=${HOST}
- SECRET_ROOT_USER=${SECRET_ROOT_USER}
- SECRET_ROOT_PASSWORD=${SECRET_ROOT_PASSWORD}
- SECRET_ROOT_EMAIL=${SECRET_ROOT_EMAIL}
- - SECRET_FILE_SIZE=${SECRET_FILE_SIZE}
- SECRET_FORCED_LANGUAGE=${SECRET_FORCED_LANGUAGE}
- SECRET_JWT_SECRET=${SECRET_JWT_SECRET}
- - SECRET_MAX_TEXT_SIZE=${SECRET_MAX_TEXT_SIZE}
- ports:
- - '3000:3000'
restart: unless-stopped
volumes:
data:
database:
-
diff --git a/ports.yml b/ports.yml
new file mode 100644
index 0000000..535bab5
--- /dev/null
+++ b/ports.yml
@@ -0,0 +1,6 @@
+version: "3"
+
+services:
+ hemmelig:
+ ports:
+ - ${PORT}:3000
diff --git a/traefik.yml b/traefik.yml
new file mode 100644
index 0000000..f0f3b69
--- /dev/null
+++ b/traefik.yml
@@ -0,0 +1,18 @@
+version: "3"
+services:
+ kasm:
+ networks:
+ - default
+ - traefik
+ labels:
+ - "traefik.enable=true"
+ - "traefik.docker.network=traefik"
+ - "traefik.http.routers.${NAME}.rule=Host(`${HOST}`)"
+ - "traefik.http.routers.${NAME}.tls.certresolver=myresolver"
+ - "traefik.http.routers.${NAME}.entrypoints=web,websecure"
+ - "traefik.http.services.${NAME}.loadbalancer.server.port=3000"
+ - "traefik.http.services.${NAME}.loadbalancer.server.scheme=https"
+
+networks:
+ traefik:
+ external: true
--
GitLab