|
|
|
version: '3'
|
|
|
|
services:
|
|
|
|
hedgedoc-db:
|
|
|
|
image: postgres:13.4-alpine
|
|
|
|
container_name: hedgedoc-db
|
|
|
|
environment:
|
|
|
|
- POSTGRES_USER=hedgedoc
|
|
|
|
- POSTGRES_PASSWORD=password
|
|
|
|
- POSTGRES_DB=hedgedoc
|
|
|
|
volumes:
|
|
|
|
- ./data/hedgedoc/database:/var/lib/postgresql/data
|
|
|
|
restart: always
|
|
|
|
|
|
|
|
hedgedoc:
|
|
|
|
# Make sure to use the latest release from https://hedgedoc.org/latest-release
|
|
|
|
image: quay.io/hedgedoc/hedgedoc:1.9.4
|
|
|
|
container_name: hedgedoc
|
|
|
|
environment:
|
|
|
|
#- CMD_CSP_ENABLE=false
|
|
|
|
- CMD_DB_URL=postgres://hedgedoc:password@hedgedoc-db:5432/hedgedoc
|
|
|
|
- CMD_PROTOCOL_USESSL=true
|
|
|
|
- CMD_ALLOW_ANONYMOUS=false # anonymous user's can't create notes
|
|
|
|
- CMD_ALLOW_ANONYMOUS_EDITS=true # but they can be invited to edit notes
|
|
|
|
- CMD_ALLOW_FREEURL=true # users can create arbitrary names
|
|
|
|
- CMD_EMAIL=false # only oauth logins
|
|
|
|
- CMD_DOMAIN=${HEDGEDOC_HOSTNAME}.${DOMAIN_NAME}
|
|
|
|
- CMD_OAUTH2_AUTHORIZATION_URL=${AUTH_URL}
|
|
|
|
- CMD_OAUTH2_TOKEN_URL=${TOKEN_URL}
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_URL=${USERINFO_URL}
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
|
|
|
|
- CMD_OAUTH2_CLIENT_ID=hedgedoc
|
|
|
|
- CMD_OAUTH2_PROVIDERNAME=Keycloak
|
|
|
|
- CMD_OAUTH2_CLIENT_SECRET=${HEDGEDOC_CLIENT_SECRET}
|
|
|
|
- CMD_SESSION_SECRET=${HEDGEDOC_SESSION_SECRET}
|
|
|
|
env_file:
|
|
|
|
- ./env.production
|
|
|
|
volumes:
|
|
|
|
- ./data/hedgedoc/uploads:/hedgedoc/public/uploads
|
|
|
|
# ports:
|
|
|
|
#- "3000:3000"
|
|
|
|
restart: always
|
|
|
|
depends_on:
|
|
|
|
- hedgedoc-db
|
|
|
|
- keycloak
|
|
|
|
|
|
|
|
# add the hedgedoc nginx configuration into the nginx volume
|
|
|
|
nginx:
|
|
|
|
volumes:
|
|
|
|
- ./hedgedoc/nginx.conf:/etc/nginx/templates/hedgedoc.conf.template:ro
|
|
|
|
|
|
|
|
# add the hedgedoc client secrets to the keycloak-setup volume
|
|
|
|
keycloak:
|
|
|
|
volumes:
|
|
|
|
- ./hedgedoc/keycloak.sh:/keycloak-setup/hedgedoc.sh:ro
|