josedario87
c00d0fb61a
- Add proper Traefik labels with middleware support - Use APP_NAME variable for dynamic naming - Remove port mapping (Traefik handles routing) - Add .env.example with all required variables - Update README with complete variable documentation - Configure docker network to use 'principal' - Add X-Forwarded-Proto header middleware
45 lines
1.5 KiB
YAML
45 lines
1.5 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
app:
|
|
image: ${REG}/${APP_NAME}:latest
|
|
container_name: ${APP_NAME}
|
|
restart: unless-stopped
|
|
environment:
|
|
# Node Environment
|
|
- NODE_ENV=production
|
|
- NUXT_HOST=0.0.0.0
|
|
- NUXT_PORT=3000
|
|
# OAuth Authentik
|
|
- NUXT_OAUTH_AUTHENTIK_CLIENT_ID=${NUXT_OAUTH_AUTHENTIK_CLIENT_ID}
|
|
- NUXT_OAUTH_AUTHENTIK_CLIENT_SECRET=${NUXT_OAUTH_AUTHENTIK_CLIENT_SECRET}
|
|
- NUXT_OAUTH_AUTHENTIK_SERVER_URL=${NUXT_OAUTH_AUTHENTIK_SERVER_URL}
|
|
- NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL=${NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL}
|
|
- NUXT_OAUTH_AUTHENTIK_REDIRECT_URL=${NUXT_OAUTH_AUTHENTIK_REDIRECT_URL}
|
|
# Public URL
|
|
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
|
|
# Session Secret
|
|
- NUXT_SESSION_PASSWORD=${NUXT_SESSION_PASSWORD}
|
|
networks:
|
|
- principal
|
|
labels:
|
|
# Traefik labels
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=principal"
|
|
|
|
# HTTP Router
|
|
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
|
|
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
|
|
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
|
|
|
|
# Service
|
|
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
|
|
|
|
# Middleware (headers para proxy)
|
|
- "traefik.http.routers.${APP_NAME}.middlewares=${APP_NAME}-headers"
|
|
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
|
|
|
networks:
|
|
principal:
|
|
external: true
|