forked from mathiasertl/django-ca
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
123 lines (118 loc) · 3.64 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
version: "3.6"
services:
cache:
image: redis:6-alpine
ports:
- "6379"
networks:
- cache
restart: unless-stopped
db:
image: postgres:12-alpine
environment:
POSTGRES_DB:
POSTGRES_DB_FILE:
POSTGRES_PASSWORD:
POSTGRES_PASSWORD_FILE:
POSTGRES_USER:
POSTGRES_USER_FILE:
ports:
- 5432:5432
networks:
- database
restart: unless-stopped
backend:
image: mathiasertl/django-ca:latest
command: ./celery.sh -l ${CELERY_LOG_LEVEL:-warning}
depends_on:
- cache
- db
networks:
- cache
- database
volumes:
- shared_ca_dir:/var/lib/django-ca/certs/ca/shared/
- ocsp_key_dir:/var/lib/django-ca/certs/ocsp/
- shared:/var/lib/django-ca/shared/
environment:
DJANGO_CA_ALLOWED_HOSTS:
DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/shared/secret-key}
DJANGO_CA_CA_DEFAULT_CA:
DJANGO_CA_CA_DEFAULT_HOSTNAME:
DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose}
POSTGRES_DB:
POSTGRES_DB_FILE:
POSTGRES_PASSWORD:
POSTGRES_PASSWORD_FILE:
POSTGRES_USER:
POSTGRES_USER_FILE:
WAIT_FOR_CONNECTIONS: 'db:5432'
restart: unless-stopped
stop_grace_period: 30s
frontend:
image: mathiasertl/django-ca:latest
depends_on:
- cache
- db
ports:
- 8000:8000
networks:
- cache
- database
- frontend
volumes:
- static:/usr/share/django-ca/static/
- shared_ca_dir:/var/lib/django-ca/certs/ca/shared/
- ocsp_key_dir:/var/lib/django-ca/certs/ocsp/
- shared:/var/lib/django-ca/shared/
- nginx_config:/usr/src/django-ca/nginx/
environment:
DJANGO_CA_ALLOWED_HOSTS:
DJANGO_CA_CA_DEFAULT_CA:
DJANGO_CA_CA_DEFAULT_HOSTNAME:
DJANGO_CA_CA_ENABLE_ACME:
DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose}
DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/shared/secret-key}
DJANGO_CA_UWSGI_INI: /usr/src/django-ca/uwsgi/uwsgi.ini
POSTGRES_DB:
POSTGRES_DB_FILE:
POSTGRES_PASSWORD:
POSTGRES_PASSWORD_FILE:
POSTGRES_USER:
POSTGRES_USER_FILE:
WAIT_FOR_CONNECTIONS: 'db:5432'
restart: unless-stopped
stop_signal: SIGINT
webserver:
image: nginx:1.18-alpine
command: /bin/sh -c "envsubst < /etc/nginx/conf.d/${NGINX_TEMPLATE:-default}.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'"
depends_on:
- frontend
environment:
NGINX_HOST: ${DJANGO_CA_CA_DEFAULT_HOSTNAME:-localhost}
NGINX_PORT: ${NGINX_PORT:-80}
NGINX_HTTPS_PORT: ${NGINX_HTTPS_PORT:-443}
NGINX_PRIVATE_KEY:
NGINX_PUBLIC_KEY:
ports:
- 80:80
networks:
- frontend
- public
volumes:
- nginx_config:/etc/nginx/conf.d/
- static:/usr/share/nginx/html/static/
volumes:
shared:
static:
shared_ca_dir:
ocsp_key_dir:
nginx_config:
networks:
public:
frontend:
internal: true
cache:
internal: true
database:
internal: true