mattermost-docker/docker-compose.nginx.yml

44 lines
1.3 KiB
YAML

version: "2.4"
services:
nginx:
depends_on:
- mattermost
container_name: nginx_mattermost
image: nginx:${NGINX_IMAGE_TAG}
restart: ${RESTART_POLICY}
security_opt:
- no-new-privileges:true
pids_limit: 100
read_only: true
tmpfs:
- /var/run
- /var/cache
- /var/log/nginx
volumes:
- ${NGINX_CONFIG_PATH}:/etc/nginx/conf.d:ro
- ${NGINX_DHPARAMS_FILE}:/dhparams4096.pem
- ${CERT_PATH}:/cert.pem:ro
- ${KEY_PATH}:/key.pem:ro
- shared-webroot:/usr/share/nginx/html
# When you want to use SSO with GitLab, you have to add the cert pki chain of GitLab inside Alpine
# to avoid Token request failed: certificate signed by unknown authority
# (link: https://github.com/mattermost/mattermost-server/issues/13059 and https://github.com/mattermost/docker/issues/34)
# - ${GITLAB_PKI_CHAIN_PATH}:/etc/ssl/certs/pki_chain.pem:ro
environment:
# timezone inside container
- TZ
ports:
- ${HTTPS_PORT}:443
- ${HTTP_PORT}:80
# Shared volume for Let's Encrypt certificate renewal with a webroot
volumes:
shared-webroot:
name: shared-webroot
# This network name is being used for Let's Encrypt certificate renewal
networks:
default:
name: mattermost