blob: c8cbf933c3b3b11e90a2030aa02b8d2173caf48e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
version: '3'
name: sandcastles
services:
root-ca:
container_name: root_ca.castle
image: smallstep/step-ca:0.25.0
volumes:
- './volumes/root-ca:/home/step'
environment:
- DOCKER_STEPCA_INIT_NAME=Letterbook Sandcastles
- DOCKER_STEPCA_INIT_DNS_NAMES=root-ca.castle,root-ca,localhost
- DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT=true
- DOCKER_STEPCA_INIT_ACME=true
ports:
- "9000:9000"
networks:
default:
aliases:
- root-ca.castle
proxy:
container_name: dashboard.castle
labels:
- traefik.enable=false
image: traefik-sandcastle
build:
dockerfile: proxy.Dockerfile
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./volumes/proxy/:/etc/traefik/
ports:
- '80:80'
- '443:443'
networks:
default:
aliases:
- dashboard.castle # the traefik monitoring dashboard
- host.castle # proxy to a service running on the docker host
fingerprint: # get the fingerprint of the CA root certificate, so you can add it to system trust stores
profiles:
- trust
image: smallstep/step-cli:0.25.0
volumes:
- './volumes/root-ca/certs:/home/step/certs:ro'
command:
- step
- certificate
- fingerprint
- /home/step/certs/root_ca.crt
networks:
default:
fediverse:
|
