From d63a899d757b3f58811b60ed6ce07cfd35bb902d Mon Sep 17 00:00:00 2001 From: David F Date: Thu, 25 Jun 2026 09:49:20 -0400 Subject: [PATCH] Update docker composes to use env values --- docker/docker-compose-full.yml | 70 ++++++++++++++++---------------- docker/docker-compose-psql.yml | 26 ++++++------ docker/docker-compose-sqlite.yml | 10 ++--- 3 files changed, 53 insertions(+), 53 deletions(-) diff --git a/docker/docker-compose-full.yml b/docker/docker-compose-full.yml index 25297c26..cad26ab7 100644 --- a/docker/docker-compose-full.yml +++ b/docker/docker-compose-full.yml @@ -6,57 +6,57 @@ services: restart: unless-stopped environment: # set to true to enable debug mode - - DEBUG=False + - DEBUG=${DEBUG:-False} # your FQDN or IP; multiple ones supported by comma separation - - DOMAIN=vouchervault.example.com + - DOMAIN=${DOMAIN:-vouchervault.example.com} # set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts - - SECURE_COOKIES=False + - SECURE_COOKIES=${SECURE_COOKIES:-False} # define the maximum session age in minutes - - SESSION_COOKIE_AGE=30 + - SESSION_COOKIE_AGE=${SESSION_COOKIE_AGE:-30} # decide whether session cookie is invalidated on browser close - - SESSION_EXPIRE_AT_BROWSER_CLOSE=True + - SESSION_EXPIRE_AT_BROWSER_CLOSE=${SESSION_EXPIRE_AT_BROWSER_CLOSE:-True} # send expiry notification xx days prior expiry - - EXPIRY_THRESHOLD_DAYS=90 + - EXPIRY_THRESHOLD_DAYS=${EXPIRY_THRESHOLD_DAYS:-90} # send a final expiry notification xx days prior expiry - - EXPIRY_LAST_NOTIFICATION_DAYS=7 + - EXPIRY_LAST_NOTIFICATION_DAYS=${EXPIRY_LAST_NOTIFICATION_DAYS:-7} # define the timezone - - TZ=Europe/Berlin + - TZ=${TZ:-Europe/Berlin} # define custom frame-ancestor csp directive - #- CSP_FRAME_ANCESTORS="'self', https://other.example.tld, https://abc.test.tld:5432" - #- SECRET_KEY=MySecureSecretKey - #- PORT=8000 - #- REDIS_URL=redis://redis:6379/0 + #- CSP_FRAME_ANCESTORS=${CSP_FRAME_ANCESTORS:-"'self', https://other.example.tld, https://abc.test.tld:5432"} + #- SECRET_KEY=${SECRET_KEY:-MySecureSecretKey} + #- PORT=${PORT:-8000} + #- REDIS_URL=${REDIS_URL:-redis://redis:6379/0} # ------- OPTIONAL OIDC AUTH -------- # Set to 'True' to enable OIDC authentication - #- OIDC_ENABLED=True + #- OIDC_ENABLED=${OIDC_ENABLED:-True} # Decide whether login area triggers automatic OIDC login flow - #- OIDC_AUTOLOGIN=False + #- OIDC_AUTOLOGIN=${OIDC_AUTOLOGIN:-False} # Set to 'True' to allow the creation of new users through OIDC - #- OIDC_CREATE_USER=True + #- OIDC_CREATE_USER=${OIDC_CREATE_USER:-True} # The signing algorithm used by the OIDC provider (e.g., RS256, HS256) - #- OIDC_RP_SIGN_ALGO=RS256 + #- OIDC_RP_SIGN_ALGO=${OIDC_RP_SIGN_ALGO:-RS256} # URL of the JWKS endpoint for the OIDC provider - #- OIDC_OP_JWKS_ENDPOINT=https://authentik.example.com/application/o/vouchervault/jwks/ + #- OIDC_OP_JWKS_ENDPOINT=${OIDC_OP_JWKS_ENDPOINT:-https://authentik.example.com/application/o/vouchervault/jwks/} # Client ID for your OIDC RP - #- OIDC_RP_CLIENT_ID=vouchervault + #- OIDC_RP_CLIENT_ID=${OIDC_RP_CLIENT_ID:-vouchervault} # Client secret for your OIDC RP - #- OIDC_RP_CLIENT_SECRET=super-secure-secret-key + #- OIDC_RP_CLIENT_SECRET=${OIDC_RP_CLIENT_SECRET:-super-secure-secret-key} # Authorization endpoint URL of the OIDC provider - #- OIDC_OP_AUTHORIZATION_ENDPOINT=https://authentik.example.com/application/o/authorize/ + #- OIDC_OP_AUTHORIZATION_ENDPOINT=${OIDC_OP_AUTHORIZATION_ENDPOINT:-https://authentik.example.com/application/o/authorize/} # Token endpoint URL of the OIDC provider - #- OIDC_OP_TOKEN_ENDPOINT=https://authentik.example.com/application/o/token/ + #- OIDC_OP_TOKEN_ENDPOINT=${OIDC_OP_TOKEN_ENDPOINT:-https://authentik.example.com/application/o/token/} # User info endpoint URL of the OIDC provider - #- OIDC_OP_USER_ENDPOINT=https://authentik.example.com/application/o/userinfo/ + #- OIDC_OP_USER_ENDPOINT=${OIDC_OP_USER_ENDPOINT:-https://authentik.example.com/application/o/userinfo/} # ------- OPTIONAL PSQL DB -------- - #- DB_ENGINE=postgres - #- POSTGRES_USER=vouchervault - #- POSTGRES_PASSWORD=vouchervault - #- POSTGRES_DB=vouchervault - #- POSTGRES_HOST=db - #- POSTGRES_PORT=5432 + #- DB_ENGINE=${DB_ENGINE:-postgres} + #- POSTGRES_USER=${POSTGRES_USER:-vouchervault} + #- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-vouchervault} + #- POSTGRES_DB=${POSTGRES_DB:-vouchervault} + #- POSTGRES_HOST=${POSTGRES_HOST:-db} + #- POSTGRES_PORT=${POSTGRES_PORT:-5432} # ------- CELERY ENVS -------- - #- CELERY_WORKER_CONCURRENCY=4 - #- CELERY_WORKER_PREFETCH_MULTIPLIER=2 + #- CELERY_WORKER_CONCURRENCY=${CELERY_WORKER_CONCURRENCY:-4} + #- CELERY_WORKER_PREFETCH_MULTIPLIER=${CELERY_WORKER_PREFETCH_MULTIPLIER:-2} expose: - 8000 ports: @@ -91,12 +91,12 @@ services: # volumes: # - ./volume-data/database/psql:/var/lib/postgresql/data/ # environment: -# - POSTGRES_USER=vouchervault -# - POSTGRES_PASSWORD=vouchervault -# - POSTGRES_DB=vouchervault +# - POSTGRES_USER=${POSTGRES_USER:-vouchervault} +# - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-vouchervault} +# - POSTGRES_DB=${POSTGRES_DB:-vouchervault} # #networks: # # - proxy - + #networks: # proxy: -# external: true +# external: true \ No newline at end of file diff --git a/docker/docker-compose-psql.yml b/docker/docker-compose-psql.yml index aca22306..88d3d1f4 100644 --- a/docker/docker-compose-psql.yml +++ b/docker/docker-compose-psql.yml @@ -6,20 +6,20 @@ services: restart: unless-stopped environment: # your FQDN or IP; multiple ones supported by comma separation - - DOMAIN=vouchervault.example.com + - DOMAIN=${DOMAIN:-vouchervault.example.com} # set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts - - SECURE_COOKIES=False + - SECURE_COOKIES=${SECURE_COOKIES:-False} # send notifications xx days prior expiry - - EXPIRY_THRESHOLD_DAYS=90 + - EXPIRY_THRESHOLD_DAYS=${EXPIRY_THRESHOLD_DAYS:-90} # define the timezone - - TZ=Europe/Berlin + - TZ=${TZ:-Europe/Berlin} # ------- USE PSQL DB -------- - - DB_ENGINE=postgres - - POSTGRES_USER=vouchervault - - POSTGRES_PASSWORD=vouchervault - - POSTGRES_DB=vouchervault - - POSTGRES_HOST=db - - POSTGRES_PORT=5432 + - DB_ENGINE=${DB_ENGINE:-postgres} + - POSTGRES_USER=${POSTGRES_USER:-vouchervault} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-vouchervault} + - POSTGRES_DB=${POSTGRES_DB:-vouchervault} + - POSTGRES_HOST=${POSTGRES_HOST:-db} + - POSTGRES_PORT=${POSTGRES_PORT:-5432} expose: - 8000 ports: @@ -43,6 +43,6 @@ services: volumes: - ./volume-data/database/psql:/var/lib/postgresql/data/ environment: - - POSTGRES_USER=vouchervault - - POSTGRES_PASSWORD=vouchervault - - POSTGRES_DB=vouchervault + - POSTGRES_USER=${POSTGRES_USER:-vouchervault} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-vouchervault} + - POSTGRES_DB=${POSTGRES_DB:-vouchervault} \ No newline at end of file diff --git a/docker/docker-compose-sqlite.yml b/docker/docker-compose-sqlite.yml index baca4d80..1d1722d4 100644 --- a/docker/docker-compose-sqlite.yml +++ b/docker/docker-compose-sqlite.yml @@ -6,13 +6,13 @@ services: restart: unless-stopped environment: # your FQDN or IP; multiple ones supported by comma separation - - DOMAIN=vouchervault.example.com + - DOMAIN=${DOMAIN:-vouchervault.example.com} # set to True if you use a reverse proxy with tls; enables secure cookie flag and hsts - - SECURE_COOKIES=False + - SECURE_COOKIES=${SECURE_COOKIES:-False} # send notifications xx days prior expiry - - EXPIRY_THRESHOLD_DAYS=90 + - EXPIRY_THRESHOLD_DAYS=${EXPIRY_THRESHOLD_DAYS:-90} # define the timezone - - TZ=Europe/Berlin + - TZ=${TZ:-Europe/Berlin} expose: - 8000 ports: @@ -25,4 +25,4 @@ services: container_name: vouchervault-redis restart: unless-stopped expose: - - 6379 + - 6379 \ No newline at end of file