Fix secrets & network definition

main
c v t 3 years ago
parent e13ac3937a
commit 971ec1e987
  1. 5
      .envrc.sample
  2. 1
      .gitignore
  3. 11
      compose.yml
  4. 5
      helpers.sh

@ -0,0 +1,5 @@
export PASSWORD_STORE_DIR=$(pwd)/../../Infrastructure/infrastructure/credentials/password-store
export DB_ROOT_PASSWD_VERSION=v1
export DOMAIN=nextcloud.swarm.autonomic.zone
export STACK_NAME=nextcloud

1
.gitignore vendored

@ -0,0 +1 @@
/.envrc

@ -6,12 +6,13 @@ services:
depends_on:
- maindb
secrets:
- mysql_root_password
- db_root_password
environment:
- MYSQL_HOST=maindb:3306
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=root
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
- DOMAIN=${DOMAIN}
volumes:
- /mnt/nextcloud:/var/www/html:cached
- /mnt/nextapps:/var/www/html/custom_apps:cached
@ -39,8 +40,9 @@ services:
- "traefik.http.routers.invoiceninja.tls.certresolver=${LETS_ENCRYPT_ENV}"
secrets:
mysql_root_password:
db_root_password:
external: true
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
volumes:
nextcloud:
@ -51,5 +53,4 @@ volumes:
networks:
proxy:
external: true
private:
external: true
internal:

@ -0,0 +1,5 @@
#!/bin/bash
create-secrets () {
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" -
}