Fix secrets & network definition

This commit is contained in:
c v t 2020-06-29 14:29:16 +02:00
parent e13ac3937a
commit 971ec1e987
4 changed files with 17 additions and 5 deletions

5
.envrc.sample Normal file
View File

@ -0,0 +1,5 @@
export PASSWORD_STORE_DIR=$(pwd)/../../Infrastructure/infrastructure/credentials/password-store
export DB_ROOT_PASSWD_VERSION=v1
export DOMAIN=nextcloud.swarm.autonomic.zone
export STACK_NAME=nextcloud

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/.envrc

View File

@ -6,12 +6,13 @@ services:
depends_on:
- maindb
secrets:
- mysql_root_password
- db_root_password
environment:
- MYSQL_HOST=maindb:3306
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=root
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
- DOMAIN=${DOMAIN}
volumes:
- /mnt/nextcloud:/var/www/html:cached
- /mnt/nextapps:/var/www/html/custom_apps:cached
@ -39,8 +40,9 @@ services:
- "traefik.http.routers.invoiceninja.tls.certresolver=${LETS_ENCRYPT_ENV}"
secrets:
mysql_root_password:
db_root_password:
external: true
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
volumes:
nextcloud:
@ -51,5 +53,4 @@ volumes:
networks:
proxy:
external: true
private:
external: true
internal:

5
helpers.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
create-secrets () {
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" -
}