version: '3.7' services: traefik: image: "traefik:v2.2" container_name: "traefik" networks: - ocisnet command: - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--certificatesresolvers.ocis.acme.tlschallenge=true" - "--certificatesresolvers.ocis.acme.caserver=https://acme-v02.api.letsencrypt.org/directory" - "--certificatesresolvers.ocis.acme.email=postmaster@${OCIS_DOMAIN}" - "--certificatesresolvers.ocis.acme.storage=/letsencrypt/acme.json" ports: - "80:80" - "443:443" - "8080:8080" volumes: - "letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" ocis: container_name: ocis image: owncloud/ocis:latest tty: true privileged: true stdin_open: true ports: - 9200:9200 - 9125:9125 hostname: ocis networks: - ocisnet environment: OCIS_DOMAIN: ${OCIS_DOMAIN} PROXY_OIDC_ISSUER: https://${IDP_DOMAIN} PROXY_OIDC_INSECURE: "true" PROXY_TLS: "false" GRAPH_OIDC_ENDPOINT: https://${IDP_DOMAIN} REVA_OIDC_ISSUER: https://${IDP_DOMAIN} REVA_LDAP_IDP: https://${IDP_DOMAIN} PHOENIX_OIDC_AUTHORITY: https://${IDP_DOMAIN} PHOENIX_OIDC_METADATA_URL: https://${IDP_DOMAIN}/.well-known/openid-configuration PHOENIX_WEB_CONFIG_SERVER: https://${OCIS_DOMAIN} OCIS_LOG_LEVEL: debug REVA_TRANSFER_EXPIRES: 86400 REVA_FRONTEND_URL: https://${OCIS_DOMAIN} REVA_DATAGATEWAY_URL: https://${OCIS_DOMAIN}/data labels: - "traefik.enable=true" - "traefik.http.services.ocis.loadbalancer.server.port=9200" - "traefik.docker.network=ocisnet" - "traefik.protocol=https" # ssl config - "traefik.http.routers.idp.rule=Host(`${OCIS_DOMAIN}`)" - "traefik.http.routers.ocis.entrypoints=websecure" - "traefik.http.routers.ocis.tls.certresolver=idp" # http -> https forwarding - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - "traefik.http.routers.ocis-redirs.rule=Host(`${OCIS_DOMAIN}`)" - "traefik.http.routers.ocis-redirs.entrypoints=web" - "traefik.http.routers.ocis-redirs.middlewares=redirect-to-https"