Skip to content

Commit

Permalink
Merge pull request #17366 from NobodysNightmare/improve-workers-tls
Browse files Browse the repository at this point in the history 
Make it possible to use workers in TLS setup
  • Loading branch information
@NobodysNightmare
NobodysNightmare authored Dec 5, 2024
2 parents 1c217ce + 4d4d286 commit 3151cdd
Showing 1 changed file with 34 additions and 17 deletions.
51 changes: 34 additions & 17 deletions docker/dev/tls/docker-compose.core-override.example.yml
View file
Original file line number Diff line number Diff line change
@@ -1,27 +1,44 @@
# Some containers (e.g. backend and workers) need some variables to be configured properly
x-op-env-override: &environment
OPENPROJECT_CLI_PROXY: "${OPENPROJECT_DEV_URL}"
OPENPROJECT_DEV_EXTRA_HOSTS: "${OPENPROJECT_DEV_HOST}"
OPENPROJECT_HTTPS: true
SSL_CERT_FILE: /etc/ssl/certs/ca-certificates.crt
# uncomment and set all the envs below to integrate keycloak with OpenProject
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_DISPLAY__NAME: Keycloak
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: keycloak.local
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_IDENTIFIER: https://openproject.local
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: <The client secret you copied from keycloak>
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ISSUER: https://keycloak.local/realms/<REALM>
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_AUTHORIZATION__ENDPOINT: /realms/<REALM>/protocol/openid-connect/auth
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_TOKEN__ENDPOINT: /realms/<REALM>/protocol/openid-connect/token
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_USERINFO__ENDPOINT: /realms/<REALM>/protocol/openid-connect/userinfo
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: https://keycloak.local/realms/<REALM>/protocol/openid-connect/logout

services:
backend:
# The backend container needs some variables to be configured properly
environment:
OPENPROJECT_CLI_PROXY: "${OPENPROJECT_DEV_URL}"
OPENPROJECT_DEV_EXTRA_HOSTS: "${OPENPROJECT_DEV_HOST}"
OPENPROJECT_HTTPS: true
SSL_CERT_FILE: /etc/ssl/certs/ca-certificates.crt
# uncomment and set all the envs below to integrate keycloak with OpenProject
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_DISPLAY__NAME: Keycloak
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: keycloak.local
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_IDENTIFIER: https://openproject.local
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: <The client secret you copied from keycloak>
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ISSUER: https://keycloak.local/realms/<REALM>
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_AUTHORIZATION__ENDPOINT: /realms/<REALM>/protocol/openid-connect/auth
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_TOKEN__ENDPOINT: /realms/<REALM>/protocol/openid-connect/token
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_USERINFO__ENDPOINT: /realms/<REALM>/protocol/openid-connect/userinfo
# OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: https://keycloak.local/realms/<REALM>/protocol/openid-connect/logout
<<: *environment
networks:
- external
volumes:
# This volume mount is the usual volume mount for a linux environment.
# It must be amended accordingly to OS.
# Linux
- /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro
# Mac OS
# - ~/.step/certs:/etc/ssl/certs
# - ~/.step/certs:/usr/local/share/ca-certificates

worker:
environment:
<<: *environment
networks:
- external
volumes:
# Linux
- /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro
# Mac OS
# - ~/.step/certs:/etc/ssl/certs
# - ~/.step/certs:/usr/local/share/ca-certificates

backend-test:
# Connect the backend-test container to the same network as the backend for nextcloud HTTP interactions
Expand Down

0 comments on commit 3151cdd

Please sign in to comment.