Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-04-21 13:37:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
bunkerweb/examples/passbolt/docker-compose.yml
Florian eb12dc03f3
road to 1.6.2 🚀
2025-07-01 23:54:20 +02:00

97 lines
2.9 KiB
YAML
Raw Blame History

services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.2
container_name: bunkerweb
ports:
- "80:8080/tcp"
- "443:8443/tcp"
- "443:8443/udp" # for QUIC
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.2
container_name: bw-scheduler
depends_on:
- bunkerweb
volumes:
- bw-data:/data
environment:
BUNKERWEB_INSTANCES: "bunkerweb"
SERVER_NAME: "www.example.com" # replace with your domain
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
AUTO_LETS_ENCRYPT: "yes"
DISABLE_DEFAULT_SERVER: "yes"
COOKIE_FLAGS: "* SameSite=Lax"
ALLOWED_METHODS: "GET|POST|HEAD|PUT|DELETE"
SERVE_FILES: "no"
USE_CLIENT_CACHE: "yes"
USE_GZIP: "yes"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_URL: "/"
REVERSE_PROXY_HOST: "https://mypassbolt"
# REVERSE_PROXY_HOST: "https://mypassbolt:8080" # For non-root passbolt image
CUSTOM_CONF_MODSEC_CRS_passbolt: |
SecRule REQUEST_FILENAME "@rx ^/locales" "id:1000000,ctl:ruleRemoveById=953100,nolog"
restart: "unless-stopped"
networks:
- bw-universe
# you will need to add a user by hand
# example : docker compose exec mypassbolt su -m -c "/usr/share/php/passbolt/bin/cake passbolt register_user -u <your@email.com> -f <yourname> -l <surname> -r admin" -s /bin/sh www-data
# more info at https://github.com/passbolt/passbolt_docker
mypassbolt:
image: passbolt/passbolt:latest-ce
#Alternatively you can use rootless:
#image: passbolt/passbolt:latest-ce-non-root
restart: unless-stopped
depends_on:
- mydb
volumes:
- gpg_volume:/etc/passbolt/gpg
- jwt_volume:/etc/passbolt/jwt
environment:
APP_FULL_BASE_URL: "https://www.example.com"
DATASOURCES_DEFAULT_HOST: "mydb"
DATASOURCES_DEFAULT_USERNAME: "user"
DATASOURCES_DEFAULT_PASSWORD: "db-user-pwd" # replace with a stronger password (must match MYSQL_PASSWORD)
DATASOURCES_DEFAULT_DATABASE: "passbolt"
command: [ "/usr/bin/wait-for.sh", "-t", "0", "mydb:3306", "--", "/docker-entrypoint.sh" ]
networks:
- passbolt-net
- bw-services
mydb:
image: mariadb:11
volumes:
- db-data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: "db-root-pwd" # replace with a stronger password
MYSQL_DATABASE: "passbolt"
MYSQL_USER: "user"
MYSQL_PASSWORD: "db-user-pwd" # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
networks:
- passbolt-net
volumes:
db-data:
bw-data:
gpg_volume:
jwt_volume:
networks:
bw-universe:
name: bw-universe
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
passbolt-net:
name: passbolt-net
Reference in a new issue View git blame Copy permalink