mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-05-09 16:35:01 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
etherpad-lite/docker-compose-prod.yml
Gerardo Navarro d8476e3400 chore: Enable ssl connection for mariadb
2022-08-21 17:33:21 +02:00

78 lines
No EOL
3.9 KiB
YAML
Raw Blame History

version: "3.8"
# Add this file to extend the docker-compose setup, e.g.:
# docker-compose -f docker-compose-prod.yml --env-file .env.prod build --no-cache
# docker-compose -f docker-compose-prod.yml --env-file .env.prod up -d --build --force-recreate
services:
app_prod:
build:
context: .
environment:
DB_HOST: mariadb_prod
DB_NAME: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_DATABASE:?}
DB_PASS: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_PASSWORD:?}
DB_PORT: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_PORT:-3306}
DB_TYPE: "mysql"
DB_USER: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_USER:?}
ports:
- "${DOCKER_COMPOSE_APP_PROD_PORT_PUBLISHED:-9001}:${DOCKER_COMPOSE_APP_PROD_PORT_TARGET:-9001}"
mariadb_prod:
image: mariadb
# Pass config parameters to the postgres server.
# Find more information below when you need to generate the ssl-relevant file your self
command: --ssl_cert=/var/lib/mysql/server.crt --ssl_key=/var/lib/mysql/server.key
environment:
MARIADB_DATABASE: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_DATABASE:?}
MARIADB_PASSWORD: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_PASSWORD:?}
MARIADB_PORT: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_PORT:-3306}
MARIADB_RANDOM_ROOT_PASSWORD: 'yes'
MARIADB_USER: ${DOCKER_COMPOSE_MARIADB_PROD_ENV_MARIADB_USER:?}
volumes:
# To setup an ssl-enabled postgres server locally, you need to generate a self-signed ssl certificate.
# ```bash
# mkdir -p ./ca
# openssl req -new -text -passout pass:abcd -subj /CN=localhost -out ./ca/server.req -keyout ./ca/privkey.pem
# openssl rsa -in ./ca/privkey.pem -passin pass:abcd -out ./ca/server.key
# openssl req -x509 -in ./ca/server.req -text -key ./ca/server.key -out ./ca/server.crt
# chmod 600 ./ca/server.key
# test $(uname -s) = Linux && chown 70 ./ca/server.key
# ```
#
# Afterwards, the ssl_cert_file and ssl_key_file are mounted into the docker container, see below
- ./ca/server.crt:/var/lib/mysql/server.crt
- ./ca/server.key:/var/lib/mysql/server.key
- mariadb_prod_data:/var/lib/postgresql/data/pgdata
# # If you do not have another postgres database service in this docker-compose, you can add this postgres service.
# # Note: Please use other credentials when using this in production.
# postgres_prod:
# image: postgres:12-alpine
# # Pass config parameters to the postgres server.
# # Find more information below when you need to generate the ssl-relevant file your self
# command: -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
# environment:
# PGDATA: /var/lib/postgresql/data/pgdata
# POSTGRES_DB: ${DOCKER_COMPOSE_POSTGRES_PROD_DB:?}
# POSTGRES_PASSWORD: ${DOCKER_COMPOSE_POSTGRES_PROD_PASSWORD:?}
# POSTGRES_PORT: ${DOCKER_COMPOSE_POSTGRES_PROD_PORT:-5432}
# POSTGRES_USER: ${DOCKER_COMPOSE_POSTGRES_PROD_USER:?}
# volumes:
# # To setup an ssl-enabled postgres server locally, you need to generate a self-signed ssl certificate.
# # ```bash
# # mkdir -p ./ca
# # openssl req -new -text -passout pass:abcd -subj /CN=localhost -out ./ca/server.req -keyout ./ca/privkey.pem
# # openssl rsa -in ./ca/privkey.pem -passin pass:abcd -out ./ca/server.key
# # openssl req -x509 -in ./ca/server.req -text -key ./ca/server.key -out ./ca/server.crt
# # chmod 600 ./ca/server.key
# # test $(uname -s) = Linux && chown 70 ./ca/server.key
# # ```
# #
# # Afterwards, the ssl_cert_file and ssl_key_file are mounted into the docker container, see below
# - ./ca/server.crt:/var/lib/postgresql/server.crt
# - ./ca/server.key:/var/lib/postgresql/server.key
# - postgres_prod_data:/var/lib/postgresql/data/pgdata
volumes:
mariadb_prod_data:
Reference in a new issue View git blame Copy permalink