mirror of
https://github.com/DRYTRIX/TimeTracker.git
synced 2026-05-17 10:29:49 -05:00
Dries Peeters
55ae923636
- Move docker-compose.* (analytics, https, local-test, remote) to docker/ - Move logrotate.conf.example to docker/
45 lines
1.1 KiB
YAML
45 lines
1.1 KiB
YAML
services:
|
|
# mkcert certificate manager - auto-generates trusted certificates
|
|
mkcert:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/Dockerfile.mkcert
|
|
container_name: timetracker-mkcert
|
|
volumes:
|
|
- ./nginx/ssl:/certs
|
|
- mkcert-ca:/root/.local/share/mkcert
|
|
environment:
|
|
- HOST_IP=${HOST_IP:-192.168.1.100}
|
|
- CERT_DOMAINS=localhost 127.0.0.1 ::1 ${HOST_IP:-192.168.1.100} *.local timetracker.local
|
|
command: /generate-mkcert-certs.sh
|
|
restart: "no"
|
|
|
|
nginx:
|
|
image: nginx:alpine
|
|
container_name: timetracker-nginx
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./nginx/conf.d:/etc/nginx/conf.d:ro
|
|
- ./nginx/ssl:/etc/nginx/ssl:ro
|
|
depends_on:
|
|
mkcert:
|
|
condition: service_completed_successfully
|
|
app:
|
|
condition: service_started
|
|
restart: unless-stopped
|
|
|
|
app:
|
|
ports: [] # nginx handles all ports
|
|
environment:
|
|
- WTF_CSRF_SSL_STRICT=true
|
|
- SESSION_COOKIE_SECURE=true
|
|
- CSRF_COOKIE_SECURE=true
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
mkcert-ca:
|
|
driver: local
|
|
|