mirror of
https://github.com/zokradonh/kopano-docker
synced 2025-06-06 15:36:40 +00:00
29f06f906c
* block access to internal endpoints * add dedicated vhost for kwmserver mcu api * update docker-compose.yml
30 lines
789 B
YAML
30 lines
789 B
YAML
version: "3.5"
|
|
|
|
services:
|
|
web:
|
|
ports:
|
|
- "8443:8443" # this port should be firewalled off so that only known instances of kwmbridge can connect tot it
|
|
kopano_kwmserver:
|
|
environment:
|
|
- enable_mcu_api=yes
|
|
|
|
kopano_kwmbridge:
|
|
image: ${docker_repo:-zokradonh}/kopano_kwmbridge:${KWMBRIDGE_VERSION:-latest}
|
|
read_only: true
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- kopano_kwmserver
|
|
environment:
|
|
- INSECURE=${INSECURE}
|
|
- oidc_issuer_identifier=https://${FQDN}
|
|
- kwm_server_urls=https://${FQDNCLEANED}:8443
|
|
env_file:
|
|
- kopano_kwmbridge.env
|
|
volumes:
|
|
- /etc/machine-id:/etc/machine-id
|
|
- /etc/machine-id:/var/lib/dbus/machine-id
|
|
- kopanossl/:/kopano/ssl
|
|
network_mode: "host"
|
|
tmpfs:
|
|
- /tmp
|