|
|
|
|
@ -14,14 +14,27 @@ services: |
|
|
|
|
restart: always |
|
|
|
|
|
|
|
|
|
app: |
|
|
|
|
image: quay.io/hedgedoc/hedgedoc:1.9.7 |
|
|
|
|
image: quay.io/hedgedoc/hedgedoc:1.9.9 |
|
|
|
|
environment: |
|
|
|
|
- CMD_DB_URL=postgres://hedgedoc:hedgedoc@database:5432/hedgedoc |
|
|
|
|
- CMD_DOMAIN=pad.cttue.de |
|
|
|
|
- CMD_PROTOCOL_USESSL=true |
|
|
|
|
- CMD_URL_ADDPORT=false |
|
|
|
|
- CMD_ALLOW_PDF_EXPORT=true |
|
|
|
|
- CMD_ALLOW_FREEURL=true |
|
|
|
|
- CMD_SESSION_SECRET=9yonH247cLTXEqDv9JTGEygBCxk7fHXfYY2ckkhY7n0KPEuzRJ6yfmcUNBVcEJQI |
|
|
|
|
- CMD_ALLOW_EMAIL_REGISTER=false # We have SSO ;) But still allow existing accounts. |
|
|
|
|
# SSO stuff |
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_URL=https://auth.cttue.de/realms/cttue/protocol/openid-connect/userinfo |
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username |
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name |
|
|
|
|
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email |
|
|
|
|
- CMD_OAUTH2_TOKEN_URL=https://auth.cttue.de/realms/cttue/protocol/openid-connect/token |
|
|
|
|
- CMD_OAUTH2_AUTHORIZATION_URL=https://auth.cttue.de/realms/cttue/protocol/openid-connect/auth |
|
|
|
|
- CMD_OAUTH2_CLIENT_ID=hedgedoc |
|
|
|
|
- CMD_OAUTH2_CLIENT_SECRET=qh6WUZW7eZ8JAzDzeS9A1VJKHQ9jUO1o |
|
|
|
|
- CMD_OAUTH2_PROVIDERNAME=Keycloak |
|
|
|
|
- CMD_OAUTH2_SCOPE=openid email profile |
|
|
|
|
# nginx-proxy stuff |
|
|
|
|
- VIRTUAL_HOST=pad.cttue.de |
|
|
|
|
- VIRTUAL_PORT=3000 |
|
|
|
|
|
