commit de6be2b1422efc0b163516479bda215c41e8d180 Author: 3wc <3wc.git@doesthisthing.work> Date: Thu Sep 24 19:25:27 2020 +0200 Initial import diff --git a/.envrc.sample b/.envrc.sample new file mode 100644 index 0000000..e9e96a1 --- /dev/null +++ b/.envrc.sample @@ -0,0 +1,6 @@ +export SERVICE=rocketchat +export DOMAIN=rocketchat.example.com +export STACK_NAME=rocketchat +export LETS_ENCRYPT_ENV=production + +# https://docs.rocket.chat/guides/administrator-guides/settings-via-env-vars diff --git a/README.md b/README.md new file mode 100644 index 0000000..41f9b8e --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ + +# SSO + +https://docs.rocket.chat/guides/administrator-guides/authentication/open-id-connect/keycloak diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..3b9cd55 --- /dev/null +++ b/compose.yml @@ -0,0 +1,102 @@ +--- +version: '3.8' + +services: + rocketchat: + image: rocketchat/rocket.chat:latest + command: > + bash -c + "for i in `seq 1 30`; do + node main.js && + s=$$? && break || s=$$?; + echo \"Tried $$i times. Waiting 5 secs...\"; + sleep 5; + done; (exit $$s)" + volumes: + - "rocketchat_uploads:/app/uploads" + environment: + - PORT=3000 + - ROOT_URL=https://${DOMAIN} + - MONGO_URL=mongodb://mongo:27017/rocketchat + - MONGO_OPLOG_URL=mongodb://mongo:27017/local + - MAIL_URL=smtp://smtp.email +# - HTTP_PROXY=http://proxy.domain.com +# - HTTPS_PROXY=http://proxy.domain.com + networks: + - internal + - proxy + depends_on: + - mongo + deploy: + restart_policy: + condition: on-failure + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.routers.${STACK_NAME}.tls=true" + - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" + - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" + + mongo: + image: mongo:3.6 + volumes: + - mongo:/data/db + #- ./data/dump:/dump + command: mongod --smallfiles --oplogSize 128 --replSet rs0 + networks: + - internal + labels: + - "traefik.enable=false" + + # this container's job is just run the command to initialize the replica set. + # it will run the command and remove himself (it will not stay running) + mongo-init-replica: + image: mongo:4.0 + command: > + bash -c + "for i in `seq 1 30`; do + mongo mongo/rocketchat --eval \" + rs.initiate({ + _id: 'rs0', + members: [ { _id: 0, host: 'localhost:27017' } ]})\" && + s=$$? && break || s=$$?; + echo \"Tried $$i times. Waiting 5 secs...\"; + sleep 5; + done; (exit $$s)" + depends_on: + - mongo + networks: + - internal + + # hubot, the popular chatbot (add the bot user first and change the password before starting this image) + #hubot: + # image: rocketchat/hubot-rocketchat:latest + # restart: unless-stopped + # environment: + # - ROCKETCHAT_URL=rocketchat:3000 + # - ROCKETCHAT_ROOM=GENERAL + # - ROCKETCHAT_USER=bot + # - ROCKETCHAT_PASSWORD=botpassword + # - BOT_NAME=bot + # # you can add more scripts as you'd like here, they need to be installable by npm + # - EXTERNAL_SCRIPTS=hubot-help,hubot-seen,hubot-links,hubot-diagnostics + # depends_on: + # - rocketchat + # labels: + # - "traefik.enable=false" + # volumes: + # - hubot_scripts:/home/hubot/scripts + # # this is used to expose the hubot port for notifications on the host on port 3001, e.g. for hubot-jenkins-notifier + # #ports: + # # - 3001:8080 + +networks: + proxy: + external: true + internal: + +volumes: + rocketchat_uploads: + mongo: