vault-unwrap/docker-compose.yml
2024-07-17 13:01:33 +03:00

49 lines
1.2 KiB
YAML

version: '3'
services:
vault-wrap:
# $IMAGE_PATH и $RELEASE_VERSION определены в .gitlab-ci.yml
image: $IMAGE_PATH/vault-wrap:$RELEASE_VERSION
container_name: vault-wrap
environment:
- ACTION_ADDRESS=${ACTION_ADDRESS:-https://secret.example.ru}
- VAULT_ADDRESS=${VAULT_ADDRESS}
- LISTEN_PORT=8080
- TLS_KEY_FILE=${TLS_KEY_FILE}
- TLS_CERT_FILE=${TLS_CERT_FILE}
- TZ=Europe/Moscow
restart: always
# ports:
# - 1234:8080
build:
context: .
volumes:
- vault-wrap-log:/var/log/vault-wrap
- vault-wrap-conf:/usr/local/share/vault-wrap
logging:
# driver: "syslog"
options:
max-size: "10m"
max-file: "5"
labels:
- "tra.enable=true"
- "tra.http.routers.secret.rule=Host(`secret.example.ru`)"
- "tra.http.services.secret.loadbalancer.server.port=8080"
- "tra.docker.network=reverse-proxy"
- "tra.http.routers.secret.tls=true"
- "tra.http.services.secret.loadbalancer.server.scheme=http"
networks:
- default
- vault-wrap
networks:
default:
name: reverse-proxy
external: true
vault-wrap:
internal: true
volumes:
vault-wrap-log:
vault-wrap-conf: