blob: cf641da72ec9e09ea53dd3057d55c72476b94af5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
version: '3'
name: sandcastles
services:
root-ca:
image: smallstep/step-ca:0.25.0
volumes:
- './volumes/root-ca:/home/step'
environment:
- DOCKER_STEPCA_INIT_NAME=Letterbook Sandcastles
- DOCKER_STEPCA_INIT_DNS_NAMES=root-ca.castle,root-ca,localhost
- DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT=true
ports:
- "9000:9000"
networks:
default:
aliases:
- root-ca.castle
proxy:
image: traefik:v2.5
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./volumes/proxy/:/etc/traefik/
ports:
- '80:80'
- '443:443'
networks:
default:
aliases:
- dashboard.castle # the traefik monitoring dashboard
- host.castle # proxy to a service running on the docker host
fingerprint: # get the fingerprint of the CA root certificate, so you can add it to system trust stores
profiles:
- trust
image: smallstep/step-cli:0.25.0
volumes:
- './volumes/root-ca/certs:/home/step/certs:ro'
command:
- step
- certificate
- fingerprint
- /home/step/certs/root_ca.crt
networks:
default:
fediverse:
|
