ansible/roles/hedgedoc/templates/docker-compose.yml.j2

version: "3"
services:
  database:
    image: postgres:13.4-alpine
    environment:
      - POSTGRES_USER={{ hedgedoc_dbuser }}
      - POSTGRES_PASSWORD={{ hedgedoc_dbpass }}
      - POSTGRES_DB={{ hedgedoc_dbname }}
    volumes:
      - ./database:/var/lib/postgresql/data
    restart: unless-stopped
  app:
    image: quay.io/hedgedoc/hedgedoc:1.9.3
    environment:
      - CMD_DOMAIN={{ hedgedoc_domain }}
      - CMD_PROTOCOL_USESSL=true
      - CMD_ALLOW_ANONYMOUS=false
      - CMD_ALLOW_ANONYMOUS_EDITS=true
      - CMD_ALLOW_FREEURL=true
      - CMD_SESSION_SECRET={{ hedgedoc_secret }}
      - CMD_HSTS_ENABLE=true
      - CMD_HSTS_MAX_AGE=2592000
      - CMD_HSTS_INCLUDE_SUBDOMAINS=true
      - CMD_HSTS_PRELOAD=true
      - CMD_CSP_ENABLE=true
      - CMD_DB_URL=postgres://{{ hedgedoc_dbuser }}:{{ hedgedoc_dbpass }}@database:5432/{{ hedgedoc_dbname }}
      - CMD_LDAP_URL={{ ldap_uri }}
      - CMD_LDAP_BINDDN={{ ldap_binddn }}
      - CMD_LDAP_BINDCREDENTIALS={{ ldap_bindpw }}
      - CMD_LDAP_SEARCHBASE={{ ldap_base }}
      - CMD_LDAP_SEARCHFILTER=(uid={{ '{{' }}username{{ '}}' }})
      - CMD_LDAP_SEARCHATTRIBUTES=cn,uid
      - CMD_LDAP_USERIDFIELD=uid
      - CMD_LDAP_USERNAMEFIELD=cn
      - CMD_LDAP_TLS_CA=/etc/ssl/certs/ca-certificates.crt
      - CMD_EMAIL=false
    volumes:
      - /etc/hosts:/etc/hosts:ro
      - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro
      - ./uploads:/hedgedoc/public/uploads
    ports:
      - "127.0.0.1:3000:3000"
    restart: unless-stopped
    depends_on:
      - database
hackmd: use docker instead of native setup 2022-09-02 21:11:04 +02:00			`version: "3"`
			`services:`
			`database:`
			`image: postgres:13.4-alpine`
			`environment:`
			`- POSTGRES_USER={{ hedgedoc_dbuser }}`
			`- POSTGRES_PASSWORD={{ hedgedoc_dbpass }}`
			`- POSTGRES_DB={{ hedgedoc_dbname }}`
			`volumes:`
			`- ./database:/var/lib/postgresql/data`
			`restart: unless-stopped`
			`app:`
			`image: quay.io/hedgedoc/hedgedoc:1.9.3`
			`environment:`
			`- CMD_DOMAIN={{ hedgedoc_domain }}`
			`- CMD_PROTOCOL_USESSL=true`
			`- CMD_ALLOW_ANONYMOUS=false`
			`- CMD_ALLOW_ANONYMOUS_EDITS=true`
			`- CMD_ALLOW_FREEURL=true`
			`- CMD_SESSION_SECRET={{ hedgedoc_secret }}`
			`- CMD_HSTS_ENABLE=true`
			`- CMD_HSTS_MAX_AGE=2592000`
			`- CMD_HSTS_INCLUDE_SUBDOMAINS=true`
			`- CMD_HSTS_PRELOAD=true`
			`- CMD_CSP_ENABLE=true`
			`- CMD_DB_URL=postgres://{{ hedgedoc_dbuser }}:{{ hedgedoc_dbpass }}@database:5432/{{ hedgedoc_dbname }}`
			`- CMD_LDAP_URL={{ ldap_uri }}`
			`- CMD_LDAP_BINDDN={{ ldap_binddn }}`
			`- CMD_LDAP_BINDCREDENTIALS={{ ldap_bindpw }}`
			`- CMD_LDAP_SEARCHBASE={{ ldap_base }}`
			`- CMD_LDAP_SEARCHFILTER=(uid={{ '{{' }}username{{ '}}' }})`
			`- CMD_LDAP_SEARCHATTRIBUTES=cn,uid`
			`- CMD_LDAP_USERIDFIELD=uid`
			`- CMD_LDAP_USERNAMEFIELD=cn`
			`- CMD_LDAP_TLS_CA=/etc/ssl/certs/ca-certificates.crt`
			`- CMD_EMAIL=false`
			`volumes:`
			`- /etc/hosts:/etc/hosts:ro`
			`- /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro`
			`- ./uploads:/hedgedoc/public/uploads`
			`ports:`
			`- "127.0.0.1:3000:3000"`
			`restart: unless-stopped`
			`depends_on:`
			`- database`