version: '3' services: hedgedoc-db: image: postgres:13.4-alpine container_name: hedgedoc-db environment: - POSTGRES_USER=hedgedoc - POSTGRES_PASSWORD=password - POSTGRES_DB=hedgedoc volumes: - ./data/hedgedoc/database:/var/lib/postgresql/data restart: always hedgedoc: # Make sure to use the latest release from https://hedgedoc.org/latest-release image: quay.io/hedgedoc/hedgedoc:1.9.4 container_name: hedgedoc environment: #- CMD_CSP_ENABLE=false - CMD_DB_URL=postgres://hedgedoc:password@hedgedoc-db:5432/hedgedoc - CMD_PROTOCOL_USESSL=true - CMD_ALLOW_ANONYMOUS=false # anonymous user's can't create notes - CMD_ALLOW_ANONYMOUS_EDITS=true # but they can be invited to edit notes - CMD_ALLOW_FREEURL=true # users can create arbitrary names - CMD_EMAIL=false # only oauth logins - CMD_DOMAIN=${HEDGEDOC_HOSTNAME}.${DOMAIN_NAME} - CMD_OAUTH2_AUTHORIZATION_URL=${AUTH_URL} - CMD_OAUTH2_TOKEN_URL=${TOKEN_URL} - CMD_OAUTH2_USER_PROFILE_URL=${USERINFO_URL} - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username - CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name - CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email - CMD_OAUTH2_CLIENT_ID=hedgedoc - CMD_OAUTH2_PROVIDERNAME=Keycloak - CMD_OAUTH2_CLIENT_SECRET=${HEDGEDOC_CLIENT_SECRET} - CMD_SESSION_SECRET=${HEDGEDOC_SESSION_SECRET} env_file: - ./env.production volumes: - ./data/hedgedoc/uploads:/hedgedoc/public/uploads # ports: #- "3000:3000" restart: always depends_on: - hedgedoc-db - keycloak # add the hedgedoc nginx configuration into the nginx volume nginx: volumes: - ./hedgedoc/nginx.conf:/etc/nginx/templates/hedgedoc.conf.template:ro # add the hedgedoc client secrets to the keycloak-setup volume keycloak: volumes: - ./hedgedoc/keycloak.sh:/keycloak-setup/hedgedoc.sh:ro - ./data/hedgedoc/secrets:/run/secrets/hedgedoc:ro