-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose-prod.yml
More file actions
64 lines (61 loc) · 1.91 KB
/
docker-compose-prod.yml
File metadata and controls
64 lines (61 loc) · 1.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
services:
eft-application:
image: ghcr.io/puzzle/unilu-pruefungsabfrage:${TAG}
container_name: unilu-pruefungsabfrage
hostname: unilu-pruefungsabfrage
ports:
- "8448:8448"
- "8443:8443"
networks:
eft_network:
aliases:
- edview.unilu.ch
environment:
KS_PW: ${KS_PW}
KS_TYPE: ${KS_TYPE:-PKCS12}
KEY_ALIAS: ${KEY_ALIAS:-unilu-eft}
KS_NAME: ${KS_NAME:-httpd.keystore.p12}
SB_PROFILE: prod
volumes:
- type: bind
source: ./${SEC_LOCATION:-shibboleth/secrets/prod}/${KS_NAME:-httpd.keystore.p12}
target: /secrets/${KS_NAME:-httpd.keystore.p12}
read_only: true
- type: bind
source: ${RESOURCE_LOCATION}
target: /resources
read_only: true
shibboleth-service-provider:
image: ghcr.io/puzzle/unilu-pruefungsabfrage-shibboleth-sp:${TAG}
container_name: unilu-pruefungsabfrage-shibboleth-sp
hostname: unilu-pruefungsabfrage-shibboleth-sp
ports:
- "443:443"
networks:
- eft_network
environment:
LOG_LEVEL: warn
volumes:
- type: bind
source: ./${SEC_LOCATION:-shibboleth/secrets/prod}/httpd.crt.pem
target: /etc/pki/tls/certs/httpd.crt.pem
read_only: true
- type: bind
source: ./${SEC_LOCATION:-shibboleth/secrets/prod}/httpd.key.pem
target: /etc/pki/tls/private/httpd.key.pem
read_only: true
- type: bind
source: ./${SEC_LOCATION:-shibboleth/secrets/prod}/sp.crt.pem
target: /etc/shibboleth/sp.crt.pem
read_only: true
- type: bind
source: ./${SEC_LOCATION:-shibboleth/secrets/prod}/sp.key.pem
target: /etc/shibboleth/sp.key.pem
read_only: true
- type: bind
source: ./shibboleth/secrets/SWITCHaaiRootCA.crt.pem
target: /etc/shibboleth/SWITCHaaiRootCA.crt.pem
read_only: true
networks:
eft_network:
driver: bridge