summaryrefslogtreecommitdiff
path: root/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/roles/kanidm/templates/stacks/docker-compose.yml')
-rw-r--r--playbooks/roles/kanidm/templates/stacks/docker-compose.yml34
1 files changed, 34 insertions, 0 deletions
diff --git a/playbooks/roles/kanidm/templates/stacks/docker-compose.yml b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
new file mode 100644
index 0000000..4ce98d2
--- /dev/null
+++ b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml
@@ -0,0 +1,34 @@
+services:
+ kanidm:
+ image: kanidm/server
+ volumes:
+ - {{ kanidm_base }}/volumes/data:/data
+ - {{ traextor_base }}/volumes/certs/letsencrypt:/certs:ro
+ networks:
+ - proxy
+{% if homelab_build %}
+ command:
+ - /bin/sh
+ - -c
+ - |
+ [ ! -f "/certs/{{ kanidm_host }}.pem" ] && sleep 60
+ /sbin/kanidmd server -c /data/server.toml
+ healthcheck:
+ disable: true
+{% endif %}
+ deploy:
+ mode: replicated
+ replicas: 1
+ labels:
+ - traefik.enable=true
+ - traefik.swarm.network=proxy
+ - traefik.http.routers.kanidm.tls=true
+ - traefik.http.routers.kanidm.tls.certResolver=letsencrypt
+ - traefik.http.routers.kanidm.rule=Host(`{{ kanidm_host }}`)
+ - traefik.http.routers.kanidm.entrypoints=websecure
+ - traefik.http.services.kanidm.loadbalancer.server.port=8443
+ - traefik.http.services.kanidm.loadbalancer.server.scheme=https
+
+networks:
+ proxy:
+ external: true
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-21 15:04:20 +0000