From 41e67d0392afbd1d37186cb9f918ceee2f60ad7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?SALVI=20J=C3=A9r=C3=A9mie?= <jeremie.salvi@grandbesancon.fr>
Date: Fri, 30 Aug 2024 17:36:09 +0200
Subject: [PATCH] add docker compose

---
 docker-compose.yml | 62 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 docker-compose.yml

diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..201a846
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,62 @@
+services:
+  passbolt_db:
+    image: "mariadb:11"
+    container_name: "Passbolt_db"
+    hostname: "passbolt_db"
+    restart: "unless-stopped"
+    user: "2008:2008"
+    environment:
+      MYSQL_RANDOM_ROOT_PASSWORD: "true"
+      MYSQL_DATABASE: "passboltdb"
+      MYSQL_USER: "passboltadm"
+      MYSQL_PASSWORD_FILE: "${DB_PASS}"
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/data/docker/passbolt-prod-2/db-data:/var/lib/mysql:rw"
+    networks:
+      - "passbolt"
+
+  passbolt:
+    image: "passbolt/passbolt:latest-ce-non-root"
+    container_name: "Passbolt"
+    hostname: "passbolt"
+    restart: "unless-stopped"
+    #user: "10005:10005"
+    depends_on:
+      - "passbolt_db"
+    environment:
+      APP_FULL_BASE_URL: "https://passbolt.unixyourbrain.org"
+      DATASOURCES_DEFAULT_HOST: "passbolt_db"
+      DATASOURCES_DEFAULT_DATABASE: "passboltdb"
+      DATASOURCES_DEFAULT_USERNAME: "passboltadm"
+      DATASOURCES_DEFAULT_PASSWORD_FILE: "DB_PASS"
+    command: 
+      [
+        "/usr/bin/wait-for.sh", 
+        "-t", 
+        "0", 
+        "passbolt_db:3306", 
+        "--", 
+        "/docker-entrypoint.sh" 
+      ]
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/data/docker/passbolt-prod-2/gpg:/etc/passbolt/gpg:ro"
+      - "/data/docker/passbolt-prod-2/jwt:/etc/passbolt/jwt:ro"
+    ports:
+      - 10.0.0.1:2008:8080
+    #  - 443:443
+    #Alternatively for non-root images:
+    # - 80:8080
+    # - 443:4433
+    networks:
+      - "passbolt"
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.passbolt.entrypoints: "websecure"
+      traefik.http.routers.passbolt.rule: "Host(`passbolt.unixyourbrain.org`)"
+      traefik.http.routers.passbolt.middlewares: "sslheader@file"
+      traefik.http.routers.passbolt.tls: "true"
+      traefik.http.routers.passbolt.tls.certresolver: "letsencrypt"
+      traefik.http.services.passbolt.loadbalancer.server.port: "8080"
+      traefik.http.services.passbolt.loadbalancer.server.scheme: "http"