summaryrefslogtreecommitdiff
path: root/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/roles/kanidm/templates/stacks/docker-compose.yml')
-rw-r--r--playbooks/roles/kanidm/templates/stacks/docker-compose.yml22
1 files changed, 16 insertions, 6 deletions
diff --git a/playbooks/roles/kanidm/templates/stacks/docker-compose.yml b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
index 7f8bfe2..183d77e 100644
--- a/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
+++ b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
@@ -4,6 +4,8 @@ services:
volumes:
- {{ kanidm_base }}/volumes/data:/data
- {{ letsencrypt_certs }}:/certs:ro
+ ports:
+ - 3636:3636
networks:
- proxy
{% if homelab_build %}
@@ -15,10 +17,24 @@ services:
/sbin/kanidmd server -c /data/server.toml
healthcheck:
disable: true
+{% else %}
+ healthcheck:
+ test: ["CMD-SHELL", "curl --fail -k https://localhost:8443/status"]
+ retries: 1
+ timeout: 2s
+ interval: 30s
{% endif %}
+ environment:
+ - TZ={{ timezone }}
+ - DEPLOYMENT_TIME={{ now() }}
deploy:
mode: replicated
replicas: 1
+ update_config:
+ parallelism: 1
+ order: start-first
+ failure_action: rollback
+ monitor: 5s
labels:
- traefik.enable=true
- traefik.swarm.network=proxy
@@ -28,12 +44,6 @@ services:
- traefik.http.routers.kanidm.entrypoints=websecure
- traefik.http.services.kanidm.loadbalancer.server.port=8443
- traefik.http.services.kanidm.loadbalancer.server.scheme=https
- # ldap
- - traefik.tcp.routers.kanidm-ldaps.tls.passthrough=true
- - traefik.tcp.routers.kanidm-ldaps.rule=HostSNI(`*`)
- - traefik.tcp.routers.kanidm-ldaps.entrypoints=ldaps
- - traefik.tcp.routers.kanidm-ldaps.service=kanidm-ldaps
- - traefik.tcp.services.kanidm-ldaps.loadbalancer.server.port=3636
networks:
proxy:
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-21 19:33:20 +0000