forked from openmrs/openmrs-distro-referenceapplication
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.ssl.yml
More file actions
31 lines (28 loc) · 1.35 KB
/
docker-compose.ssl.yml
File metadata and controls
31 lines (28 loc) · 1.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
services:
certbot:
image: openmrs/openmrs-reference-application-3-certbot:${TAG:-qa}
environment:
SSL_MODE: ${SSL_MODE:-dev} # "dev" for self-signed certificates, "prod" for Let's Encrypt
SSL_STAGING: ${SSL_STAGING:-false} # Set to "true" to use Let's Encrypt staging environment (for testing)
CERT_WEB_DOMAINS: ${CERT_WEB_DOMAINS:-localhost,127.0.0.1} # Comma-separated list of domains, first is primary
CERT_WEB_DOMAIN_COMMON_NAME: ${CERT_WEB_DOMAIN_COMMON_NAME:-} # Override primary domain (optional)
CERT_CONTACT_EMAIL: ${CERT_CONTACT_EMAIL:-} # Email for Let's Encrypt notifications (required for prod mode)
CERT_RSA_KEY_SIZE: ${CERT_RSA_KEY_SIZE:-4096} # RSA key size for certificates
CERT_PROFILE: ${CERT_PROFILE:-} # Certificate profile: classic, tlsserver, or shortlived (required for IP addresses)
CERTBOT_DATA_PATH: /var/www/certbot
CERT_ROOT_PATH: /etc/letsencrypt
volumes:
- letsencrypt-data:/etc/letsencrypt
- certbot-data:/var/www/certbot
gateway:
environment:
CERT_WEB_DOMAINS: ${CERT_WEB_DOMAINS:-localhost,127.0.0.1}
CERT_WEB_DOMAIN_COMMON_NAME: ${CERT_WEB_DOMAIN_COMMON_NAME:-}
ports:
- "443:443"
volumes:
- letsencrypt-data:/etc/letsencrypt:ro
- certbot-data:/var/www/certbot
volumes:
letsencrypt-data: ~
certbot-data: ~