mirror of
https://github.com/jeffcaldwellca/mkcertWeb.git
synced 2026-01-12 23:59:51 -06:00
60 lines
1.8 KiB
YAML
60 lines
1.8 KiB
YAML
services:
|
|
mkcert-web-ui:
|
|
build: .
|
|
ports:
|
|
- "3000:3000" # HTTP port
|
|
- "3443:3443" # HTTPS port
|
|
environment:
|
|
# Server Configuration
|
|
- PORT=3000
|
|
- HTTPS_PORT=3443
|
|
- HOST=0.0.0.0
|
|
|
|
# SSL/HTTPS Configuration
|
|
- ENABLE_HTTPS=false
|
|
- SSL_DOMAIN=localhost
|
|
- FORCE_HTTPS=false
|
|
|
|
# Application Configuration
|
|
- NODE_ENV=production
|
|
- DEFAULT_THEME=dark
|
|
|
|
# Authentication Configuration (disabled by default)
|
|
- ENABLE_AUTH=false
|
|
- AUTH_USERNAME=admin
|
|
- AUTH_PASSWORD=admin
|
|
- SESSION_SECRET=mkcert-web-ui-secret-key-change-in-production
|
|
|
|
# Rate Limiting Configuration
|
|
- CLI_RATE_LIMIT_WINDOW=900000 # CLI operations window (15 minutes)
|
|
- CLI_RATE_LIMIT_MAX=10 # Max CLI operations per window
|
|
- API_RATE_LIMIT_WINDOW=900000 # API requests window (15 minutes)
|
|
- API_RATE_LIMIT_MAX=100 # Max API requests per window
|
|
- AUTH_RATE_LIMIT_WINDOW=900000 # Auth attempts window (15 minutes)
|
|
- AUTH_RATE_LIMIT_MAX=5 # Max auth attempts per window
|
|
|
|
# OpenID Connect (OIDC) SSO Configuration
|
|
# - ENABLE_OIDC=false
|
|
# - OIDC_ISSUER=
|
|
# - OIDC_CLIENT_ID=
|
|
# - OIDC_CLIENT_SECRET=
|
|
# - OIDC_CALLBACK_URL=
|
|
# - OIDC_SCOPE=openid profile email
|
|
volumes:
|
|
# Persist certificates and data
|
|
- mkcert_certificates:/app/certificates
|
|
- mkcert_data:/app/data
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 40s
|
|
|
|
volumes:
|
|
mkcert_certificates:
|
|
driver: local
|
|
mkcert_data:
|
|
driver: local
|