forked from ufal/dockerized-nginx-with-shibboleth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
60 lines (55 loc) · 1.62 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
version: '3'
services:
nginx:
image: ghcr.io/ufal/dockerized-nginx-with-shibboleth/nginx-shib:latest
networks:
- dspace-8_dspacenet
restart: unless-stopped
build: ./nginx
ports:
- 8443:8443
volumes:
# generate /ssl/dhparam.pem with openssl dhparam -out dhparam.pem 4096
- ./nginx/locations:/etc/nginx/locations
- ./nginx/ssl:/ssl
- ./nginx/conf/templates:/etc/nginx/templates
environment:
- NGINX_ENVSUBST_FILTER=NGINX_
- NGINX_SHIBAUTHORIZER=${NGINX_SHIBAUTHORIZER:-shibboleth:12344}
- NGINX_SHIBRESPONDER=${NGINX_SHIBRESPONDER:-shibboleth:12345}
- NGINX_TOMCAT
- NGINX_NODE
- NGINX_SERVER_NAMES
- NGINX_RESOLVERS
# this configures client_max_body_size only for the repository /server location
- NGINX_MAX_BODY_SIZE=${NGINX_MAX_BODY_SIZE:-10G}
depends_on:
- shibboleth
shibboleth:
image: ghcr.io/ufal/dockerized-nginx-with-shibboleth/shibboleth:latest
networks:
- dspace-8_dspacenet
restart: unless-stopped
build: ./shibboleth
volumes:
# config (+key material), logs
- ./shibboleth/overrides:/overrides
- ./shibboleth/sp-keys:/sp-keys
- logs:/opt/shibboleth-sp/var/log
environment:
- SHIB_HOSTNAME=${SHIB_HOSTNAME:?SHIB_HOSTNAME must be set}
syslog:
image: cr.fluentbit.io/fluent/fluent-bit:latest
networks:
- dspace-8_dspacenet
restart: unless-stopped
volumes:
- ./fluent-bit/config.conf:/fluent-bit/etc/fluent-bit.conf
- logs:/logs
ports:
- "5140:5140/udp"
volumes:
logs:
networks:
dspace-8_dspacenet:
external: true