-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-mariadb.yml
52 lines (52 loc) · 1.63 KB
/
docker-compose-mariadb.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
services:
mariadb:
restart: 'always'
# @see https://hub.docker.com/r/bitnami/mariadb
image: bitnami/mariadb:11.6
ports:
- 3306:3306
environment:
MARIADB_ROOT_PASSWORD:
depends_on:
- certbot-mariadb
volumes:
- ./data/mysql:/bitnami/mariadb
- ./data/mysql_certificates:/etc/mysql/certificates:ro
- ./mariadb/conf/ssl.cnf:/opt/bitnami/mariadb/conf/my_custom.cnf:ro
networks:
- dbs
# official certbot to retrieve our ssl certificate (stops after retrieval)
certbot-mariadb:
restart: 'no'
image: certbot/dns-cloudflare
networks:
- dbs
environment:
MYSQL_DOMAIN:
volumes:
- ./data/certbot_mysql:/etc/letsencrypt
- ./data/mysql_certificates:/mysql_certificates
- ./mariadb/certbot/deploy_mariadb.sh:/usr/local/bin/deploy_mariadb.sh
- ./.cloudflare.ini:/root/cloudflare.ini
command: >-
certonly --dns-cloudflare
--non-interactive
--keep-until-expiring
--dns-cloudflare-credentials /root/cloudflare.ini
--dns-cloudflare-propagation-seconds 15
--email [email protected]
--agree-tos --no-eff-email
-d ${MYSQL_DOMAIN}
--deploy-hook /usr/local/bin/deploy_mariadb.sh
# handles re-triggering the certbot container using cron
certbot-mariadb-cron:
build: ./build/docker-certbot-cron/
image: kontextwork/certbot-cron
networks:
- dbs
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
CERTBOT_SERVICE_NAME: ${CERTBOT_SERVICE_NAME:-certbot-mariadb-cron_1}
COMPOSE_PROJECT_NAME: '${COMPOSE_PROJECT_NAME}'
restart: 'always'