container-server/services/cartracker/docker-compose.yml

49 lines
3 KiB
YAML

# https://github.com/hargata/lubelog/pkgs/container/lubelogger
# https://docs.lubelogger.com/
# https://docs.lubelogger.com/Advanced/OpenID
# https://docs.lubelogger.com/Advanced/Postgres
# https://docs.lubelogger.com/Advanced/Environment%20Variables
# Set EnableAuth and OpenIDConfig__DisableRegularLogin to false to create admin user.
# Go to settings and enable auth, enter credentials to create admin/root user.
# Set variables to true afterwards
services:
cartracker:
image: ghcr.io/hargata/lubelogger:v1.3.8
container_name: cartracker
restart: "${RESTART:-no}"
domainname: ${BASE_DOMAIN}
environment:
- LC_ALL=de_DE.UTF-8
- LANG=de_DE.UTF-8
- MailConfig__EmailServer=post.${BASE_DOMAIN}
- MailConfig__EmailFrom=cars@${BASE_DOMAIN}
- MailConfig__Port=25
- OpenIDConfig__Name=authentik # Name of the OpenID Connect Provider
- OpenIDConfig__ClientId=${CARTRACKER_OIDC_ID} # Client Id to Authenticate with the Provider
- OpenIDConfig__ClientSecret=${CARTRACKER_OIDC_SECRET} # Client Secret to Authenticate with the Provider
- OpenIDConfig__AuthURL=${CARTRACKER_OIDC_URL_AUTH} # Authorization URL to the Provider's Login Page
- OpenIDConfig__TokenURL=${CARTRACKER_OIDC_URL_TOKEN} # URL to retrieve user JWT from the Provider
- OpenIDConfig__LogOutURL=${CARTRACKER_OIDC_URL_LOGOUT} # Log Out URL for OIDC Provider, required if DisableRegularLogin=true.
- OpenIDConfig__RedirectURL=https://cars.${BASE_DOMAIN}/Login/RemoteAuth # https://<yourlubeloggerdomain.com>/Login/RemoteAuth(must be HTTPS)
- OpenIDConfig__Scope=email # The scope for retrieving the user's email claim(usually it's just 'email')
- OpenIDConfig__ValidateState=false # true/false(default: false) - whether LubeLogger should validate state.
- OpenIDConfig__UsePKCE=true # true/false(default: false) - whether LubeLogger should use PKCE
- OpenIDConfig__DisableRegularLogin=true # true/false(default: false) - auto re-direct user to OIDC login.
- EnableAuth=true # true/false(default: false) - whether authentication is enabled by default.
volumes:
- ${BASE_DIR:-/srv}/cartracker/config:/App/config
- ${BASE_DIR:-/srv}/cartracker/data:/App/data
- ${BASE_DIR:-/srv}/cartracker/translations:/App/wwwroot/translations
- ${BASE_DIR:-/srv}/cartracker/documents:/App/wwwroot/documents
- ${BASE_DIR:-/srv}/cartracker/images:/App/wwwroot/images
- ${BASE_DIR:-/srv}/cartracker/log:/App/log
- ${BASE_DIR:-/srv}/cartracker/keys:/root/.aspnet/DataProtection-Keys
networks:
- proxy
- mail