48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
---
|
|
services:
|
|
redlib:
|
|
# image: quay.io/redlib/redlib:latest
|
|
image: redlib:pr-509
|
|
build:
|
|
context: https://github.com/chowder/redlib.git#feature/tls-openssl
|
|
dockerfile_inline: |
|
|
FROM rust:1.75-alpine AS builder
|
|
RUN apk add --no-cache musl-dev openssl-dev g++ make
|
|
WORKDIR /usr/src/redlib
|
|
COPY . .
|
|
RUN cargo build --release
|
|
|
|
FROM alpine:3.19
|
|
RUN apk add --no-cache ca-certificates openssl libgcc
|
|
COPY --from=builder /usr/src/redlib/target/release/redlib /usr/local/bin/redlib
|
|
USER nobody
|
|
EXPOSE 8080
|
|
CMD ["redlib"]
|
|
restart: unless-stopped
|
|
container_name: "redlib"
|
|
user: nobody
|
|
read_only: true
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
# - seccomp=seccomp-redlib.json
|
|
cap_drop:
|
|
- ALL
|
|
environment:
|
|
- REDLIB_DEFAULT_THEME=dracula
|
|
- REDLIB_DEFAULT_SHOW_NSFW=on
|
|
- REDLIB_DEFAULT_HIDE_AWARDS=on
|
|
- REDLIB_DEFAULT_USE_HLS=on
|
|
- REDLIB_DEFAULT_BLUR_SPOILER=on
|
|
networks:
|
|
public:
|
|
ipv4_address: 192.168.240.51
|
|
labels:
|
|
caddy: redlib.${DOMAIN_LOCAL}
|
|
caddy.reverse_proxy: "{{ upstreams 8080 }}"
|
|
ports:
|
|
- "8082:8080"
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
|
|
interval: 5m
|
|
timeout: 3s
|