Replace secrets/configs with mounted files/folders
This commit is contained in:
Colin Hebert
@@ -21,17 +21,14 @@ services:
|
||||
- reverse-proxy
|
||||
volumes:
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/volumes/authelia_config/:/config/
|
||||
configs:
|
||||
- source: authelia_configuration
|
||||
target: /etc/authelia/configuration.yml
|
||||
- source: authelia_access
|
||||
target: /etc/authelia/access.yml
|
||||
- source: authelia_authentication
|
||||
target: /etc/authelia/authentication.yml
|
||||
secrets:
|
||||
- jwt_secret
|
||||
- storage_key
|
||||
- smtp_password
|
||||
# Configuration
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/configs/configuration.yml:/etc/authelia/configuration.yml:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/configs/access.yml:/etc/authelia/access.yml:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/configs/authentication.yml:/etc/authelia/authentication.yml:ro
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/jwt_secret:/run/secrets/jwt_secret:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/storage_key:/run/secrets/storage_key:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/smtp_password:/run/secrets/smtp_password:ro
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
traefik.enable: true
|
||||
@@ -39,19 +36,3 @@ services:
|
||||
networks:
|
||||
reverse-proxy:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
authelia_configuration:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/configs/configuration.yml
|
||||
authelia_access:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/configs/access.yml
|
||||
authelia_authentication:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/configs/authentication.yml
|
||||
|
||||
secrets:
|
||||
jwt_secret:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/jwt_secret
|
||||
storage_key:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/storage_key
|
||||
smtp_password:
|
||||
file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/smtp_password
|
||||
|
||||
@@ -26,8 +26,8 @@ services:
|
||||
volumes:
|
||||
- /var/packages/Docker/var/docker/volumes/:/var/lib/docker/volumes/
|
||||
- ${NASCOMPOSE_SERVICES?}/bootstrap/volumes/portainer_data/:/data/
|
||||
secrets:
|
||||
- portainer_password
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/bootstrap/secrets/portainer_password:/run/secrets/portainer_password:ro
|
||||
depends_on:
|
||||
- docker
|
||||
restart: unless-stopped
|
||||
@@ -39,7 +39,3 @@ networks:
|
||||
name: docker
|
||||
labels:
|
||||
nas-compose.boostrap: true
|
||||
|
||||
secrets:
|
||||
portainer_password:
|
||||
file: ${NASCOMPOSE_SERVICES?}/bootstrap/secrets/portainer_password
|
||||
|
||||
@@ -13,6 +13,9 @@ services:
|
||||
WATCHTOWER_NOTIFICATION_URL: /run/secrets/watchtower_notification_url
|
||||
networks:
|
||||
- docker
|
||||
volumes:
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/docker-monitoring/secrets/notification_url:/run/secrets/watchtower_notification_url:ro
|
||||
secrets:
|
||||
- watchtower_notification_url
|
||||
restart: unless-stopped
|
||||
@@ -20,7 +23,3 @@ services:
|
||||
networks:
|
||||
docker:
|
||||
external: true
|
||||
|
||||
secrets:
|
||||
watchtower_notification_url:
|
||||
file: ${NASCOMPOSE_SERVICES?}/docker-monitoring/secrets/notification_url
|
||||
|
||||
@@ -7,10 +7,7 @@ services:
|
||||
environment:
|
||||
- SUBDOMAINS=${NASCOMPOSE_DUCKDNS_DOMAIN?}
|
||||
- FILE__TOKEN=/run/secrets/duckdns_token
|
||||
secrets:
|
||||
- duckdns_token
|
||||
volumes:
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/dynamic-dns/secrets/duckdns_token:/run/secrets/duckdns_token:ro
|
||||
restart: unless-stopped
|
||||
|
||||
secrets:
|
||||
duckdns_token:
|
||||
file: ${NASCOMPOSE_SERVICES?}/dynamic-dns/secrets/duckdns_token
|
||||
|
||||
@@ -6,18 +6,7 @@ services:
|
||||
networks:
|
||||
macvlan:
|
||||
ipv4_address: ${NASCOMPOSE_MACVLAN_TRAEFIK_IP?}
|
||||
configs:
|
||||
- source: traefik_synology
|
||||
target: /etc/traefik/dynamic/synology.yml
|
||||
- source: traefik_portainer
|
||||
target: /etc/traefik/dynamic/portainer.yml
|
||||
|
||||
networks:
|
||||
macvlan:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
traefik_synology:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/synology.yml
|
||||
traefik_portainer:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/portainer.yml
|
||||
|
||||
@@ -9,24 +9,12 @@ services:
|
||||
networks:
|
||||
- reverse-proxy
|
||||
- docker
|
||||
configs:
|
||||
- source: traefik_static
|
||||
target: /etc/traefik/traefik.yml
|
||||
|
||||
- source: traefik_dynamic
|
||||
target: /etc/traefik/dynamic/traefik.yml
|
||||
- source: traefik_tls
|
||||
target: /etc/traefik/dynamic/tls.yml
|
||||
- source: traefik_hsts
|
||||
target: /etc/traefik/dynamic/hsts.yml
|
||||
|
||||
- source: traefik_authelia
|
||||
target: /etc/traefik/dynamic/authelia.yml
|
||||
- source: traefik_transmission-api
|
||||
target: /etc/traefik/dynamic/transmission-api.yml
|
||||
secrets:
|
||||
- traefik_tls_cert
|
||||
- traefik_tls_key
|
||||
volumes:
|
||||
# Config
|
||||
- ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/:/etc/traefik:ro
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.cert:/run/secrets/traefik_tls_cert:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.key:/run/secrets/traefik_tls_key:ro
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
traefik.enable: true
|
||||
@@ -39,23 +27,3 @@ networks:
|
||||
|
||||
docker:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
traefik_static:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/traefik.yml
|
||||
traefik_dynamic:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/traefik.yml
|
||||
traefik_tls:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/tls.yml
|
||||
traefik_hsts:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/hsts.yml
|
||||
traefik_authelia:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/authelia.yml
|
||||
traefik_transmission-api:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/transmission-api.yml
|
||||
|
||||
secrets:
|
||||
traefik_tls_cert:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.cert
|
||||
traefik_tls_key:
|
||||
file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.key
|
||||
|
||||
@@ -20,9 +20,9 @@ services:
|
||||
- scrobbler
|
||||
volumes:
|
||||
- ${NASCOMPOSE_SERVICES?}/scrobbler/volumes/plaxt_keystore/:/app/keystore/
|
||||
secrets:
|
||||
- trakt_id
|
||||
- trakt_secret
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_id:/run/secrets/trakt_id:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_secret:/run/secrets/trakt_secret:ro
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
traefik.enable: true
|
||||
@@ -34,9 +34,3 @@ networks:
|
||||
|
||||
reverse-proxy:
|
||||
external: true
|
||||
|
||||
secrets:
|
||||
trakt_id:
|
||||
file: ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_id
|
||||
trakt_secret:
|
||||
file: ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_secret
|
||||
|
||||
@@ -20,11 +20,13 @@ services:
|
||||
volumes:
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/volumes/qbittorrent_config/:/config/
|
||||
- ${NASCOMPOSE_DATA?}/torrents/:/data/
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/secrets/wg0.conf:/config/wireguard/wg0.conf:ro
|
||||
# Configuration
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/config/set_port.sh:/bin/set_port.sh:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/config/01-natpmp-install:/etc/cont-init.d/01-natpmp-install:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/config/98-gateway-setup:/etc/cont-init.d/98-gateway-setup:ro
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/config/99-cron-start:/etc/cont-init.d/99-cron-start:ro
|
||||
# Secrets
|
||||
- ${NASCOMPOSE_SERVICES?}/torrents/secrets/wg0.conf:/config/wireguard/wg0.conf:ro
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
traefik.enable: true
|
||||
|
||||
Reference in New Issue
Block a user