|
|
@@ -1,31 +1,38 @@
|
|
|
version: '3.7'
|
|
|
services:
|
|
|
- minio-getkeys:
|
|
|
- container_name: minio-getkeys
|
|
|
- hostname: minio-getkeys
|
|
|
- image: alpine
|
|
|
- user: 0:0 # we need root to read the key/cert
|
|
|
- restart: on-failure:3
|
|
|
- # ToDo: Replace with variable
|
|
|
- volumes:
|
|
|
- - ${CERT_PATH}:/mnt/src:ro
|
|
|
- - ./data/home/.minio/certs:/mnt/dst:rw
|
|
|
- command: >
|
|
|
- sh -c 'apk add --no-cache inotify-tools
|
|
|
- && while true;
|
|
|
- do inotifywait /mnt/src/fullchain.pem --event modify
|
|
|
- && date +%x_%r
|
|
|
- && cp /mnt/src/fullchain.pem /mnt/dst/public.crt
|
|
|
- && cp /mnt/src/key.pem /mnt/dst/private.key
|
|
|
- && chown 1000:1000 /mnt/dst/*.*
|
|
|
- && chmod 600 /mnt/dst/*.*; done'
|
|
|
+# minio-getkeys:
|
|
|
+# container_name: minio-getkeys
|
|
|
+# hostname: minio-getkeys
|
|
|
+# image: alpine
|
|
|
+# user: 0:0 # we need root to read the key/cert
|
|
|
+# restart: on-failure:3
|
|
|
+# # ToDo: Replace with variable
|
|
|
+# volumes:
|
|
|
+# - ${CERT_PATH}:/mnt/src:ro
|
|
|
+# - ./data/home/.minio/certs:/mnt/dst:rw
|
|
|
+# command: >
|
|
|
+# sh -c 'apk add --no-cache inotify-tools
|
|
|
+# && while true;
|
|
|
+# do inotifywait /mnt/src/fullchain.pem --event modify
|
|
|
+# && date +%x_%r
|
|
|
+# && cp /mnt/src/fullchain.pem /mnt/dst/public.crt
|
|
|
+# && cp /mnt/src/key.pem /mnt/dst/private.key
|
|
|
+# && chown 1000:1000 /mnt/dst/*.*
|
|
|
+# && chmod 600 /mnt/dst/*.*; done'
|
|
|
minio:
|
|
|
networks:
|
|
|
- docker-dmz
|
|
|
-# - /opt/docker/reverse-proxy/data/certs/${HOSTNAME}:/home/data/.minio/certs
|
|
|
-# expose 9001
|
|
|
+ volumes:
|
|
|
+ - ${CERT_PATH}${HOSTNAME}:/home/data/.minio/certs
|
|
|
+ expose:
|
|
|
+ - "9001"
|
|
|
+ environment:
|
|
|
+ VIRTUAL_HOST: ${HOSTNAME}
|
|
|
+ LETSENCRYPT_HOST: ${HOSTNAME}
|
|
|
+ LETSENCRYPT_EMAIL: webmaster@${HOSTNAME}
|
|
|
+
|
|
|
networks:
|
|
|
docker-dmz:
|
|
|
external:
|
|
|
- name: docker-dmz
|
|
|
+ name: reverse-proxy
|
|
|
|
