146 lines
5.4 KiB
YAML
146 lines
5.4 KiB
YAML
version: "3"
|
|
services:
|
|
reverse-proxy:
|
|
image: traefik:v2.3.7
|
|
restart: unless-stopped
|
|
command:
|
|
- --providers.docker
|
|
- --entryPoints.web.address=:80
|
|
- --entrypoints.web.http.redirections.entryPoint.to=websecure
|
|
- --entrypoints.web.http.redirections.entryPoint.scheme=https
|
|
- --entrypoints.web.http.redirections.entrypoint.permanent=true
|
|
- --entryPoints.websecure.address=:443
|
|
- --providers.file.directory=/configs/
|
|
- --certificatesresolvers.myhttpchallenge.acme.tlschallenge=true
|
|
- --certificatesresolvers.myhttpchallenge.acme.email=$ACME_EMAIL
|
|
- --certificatesresolvers.myhttpchallenge.acme.storage=/acme/acme.json
|
|
# uncomment for debugging traefik
|
|
# - --log.level=DEBUG
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
depends_on:
|
|
- back
|
|
- front
|
|
- uploader
|
|
- pusher
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./acme:/acme
|
|
- ./traefik_tls.yaml:/configs/traefik_tls.yml
|
|
- ./.htpasswd:/.htpasswd
|
|
|
|
front:
|
|
restart: unless-stopped
|
|
build:
|
|
context: ../..
|
|
dockerfile: front/Dockerfile
|
|
args:
|
|
BASE_DOMAIN: ${BASE_DOMAIN:-workadventure.localhost}
|
|
|
|
# These should fall back to window.location.host
|
|
PUSHER_URL: /pusher
|
|
UPLOADER_URL: /uploader
|
|
ADMIN_URL: /admin
|
|
MAPS_URL: /maps
|
|
|
|
START_ROOM_URL: "$START_ROOM_URL"
|
|
JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
|
|
JITSI_URL: "$JITSI_URL"
|
|
START_ROOM_URL: "$START_ROOM_URL"
|
|
STUN_SERVER: "$STUN_SERVER"
|
|
TURN_PASSWORD: "$TURN_PASSWORD"
|
|
TURN_SERVER: "$TURN_SERVER"
|
|
TURN_USER: "$TURN_USER"
|
|
MAX_PER_GROUP: $MAX_PER_GROUP
|
|
MAX_USERNAME_LENGTH: $MAX_USERNAME_LENGTH
|
|
labels:
|
|
- "traefik.http.routers.front.rule=Host(`${BASE_DOMAIN}`) && PathPrefix(`/`)"
|
|
- "traefik.http.routers.front.entryPoints=web,websecure"
|
|
- "traefik.http.services.front.loadbalancer.server.port=8000"
|
|
- "traefik.http.routers.front.tls=true"
|
|
- "traefik.http.routers.front.service=front"
|
|
- "traefik.http.routers.front.tls.certresolver=myhttpchallenge"
|
|
# uncomment to enable user/pass basic auth
|
|
# - "traefik.http.routers.front.middlewares=auth"
|
|
# - "traefik.http.middlewares.auth.basicauth.users=${TRAEFIK_BASICAUTH}"
|
|
# - "traefik.http.middlewares.auth.basicauth.usersFile=${TRAEFIK_BASICAUTHFILE}"
|
|
# - "traefik.http.middlewares.auth.basicauth.headerField=X-WebAuth-User"
|
|
|
|
|
|
|
|
pusher:
|
|
restart: unless-stopped
|
|
build:
|
|
context: ../..
|
|
dockerfile: pusher/Dockerfile
|
|
environment:
|
|
SECRET_KEY: yourSecretKey
|
|
SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
|
|
ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
|
|
ADMIN_API_URL: "$ADMIN_API_URL"
|
|
API_URL: back:50051
|
|
JITSI_URL: $JITSI_URL
|
|
JITSI_ISS: $JITSI_ISS
|
|
FEDERATE_PUSHER: $FEDERATE_PUSHER
|
|
labels:
|
|
- "traefik.http.middlewares.strip-pusher-prefix.stripprefix.prefixes=/pusher"
|
|
- "traefik.http.routers.pusher.rule=Host(`${BASE_DOMAIN}`) && PathPrefix(`/pusher`)"
|
|
- "traefik.http.routers.pusher.middlewares=strip-pusher-prefix@docker"
|
|
- "traefik.http.routers.pusher.entryPoints=web,websecure"
|
|
- "traefik.http.services.pusher.loadbalancer.server.port=8080"
|
|
- "traefik.http.routers.pusher.tls=true"
|
|
- "traefik.http.routers.pusher.service=pusher"
|
|
|
|
back:
|
|
restart: unless-stopped
|
|
build:
|
|
context: ../..
|
|
dockerfile: back/Dockerfile
|
|
environment:
|
|
SECRET_KEY: yourSecretKey
|
|
SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
|
|
ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
|
|
ADMIN_API_URL: "$ADMIN_API_URL"
|
|
JITSI_URL: $JITSI_URL
|
|
JITSI_ISS: $JITSI_ISS
|
|
MAX_PER_GROUP: $MAX_PER_GROUP
|
|
labels:
|
|
- "traefik.http.middlewares.strip-api-prefix.stripprefix.prefixes=/api"
|
|
- "traefik.http.routers.back.rule=Host(`${BASE_DOMAIN}`) && PathPrefix(`/api`)"
|
|
- "traefik.http.routers.back.middlewares=strip-api-prefix@docker"
|
|
- "traefik.http.routers.back.entryPoints=web,websecure"
|
|
- "traefik.http.services.back.loadbalancer.server.port=8080"
|
|
- "traefik.http.routers.back.tls=true"
|
|
- "traefik.http.routers.back.service=back"
|
|
|
|
uploader:
|
|
restart: unless-stopped
|
|
build:
|
|
context: ../..
|
|
dockerfile: uploader/Dockerfile
|
|
labels:
|
|
- "traefik.http.middlewares.strip-uploader-prefix.stripprefix.prefixes=/uploader"
|
|
- "traefik.http.routers.uploader.rule=Host(`${BASE_DOMAIN}`) && PathPrefix(`/uploader`)"
|
|
- "traefik.http.routers.uploader.middlewares=strip-uploader-prefix@docker"
|
|
- "traefik.http.routers.uploader.entryPoints=web,websecure"
|
|
- "traefik.http.services.uploader.loadbalancer.server.port=8080"
|
|
- "traefik.http.routers.uploader.tls=true"
|
|
- "traefik.http.routers.uploader.service=uploader"
|
|
|
|
maps:
|
|
restart: unless-stopped
|
|
build:
|
|
context: ../..
|
|
dockerfile: maps/Dockerfile
|
|
volumes:
|
|
- ../../maps:/var/www/html/
|
|
labels:
|
|
- "traefik.http.middlewares.strip-maps-prefix.stripprefix.prefixes=/maps"
|
|
- "traefik.http.routers.maps.rule=Host(`${BASE_DOMAIN}`) && PathPrefix(`/maps`)"
|
|
- "traefik.http.routers.maps.middlewares=strip-maps-prefix@docker"
|
|
- "traefik.http.routers.maps.entryPoints=web,websecure"
|
|
- "traefik.http.services.maps.loadbalancer.server.port=80"
|
|
- "traefik.http.routers.maps.tls=true"
|
|
- "traefik.http.routers.maps.service=maps"
|