Tips-Of-Mine/Docker
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Docker/Controle-A-Distance/Guacamole/docker-compose-traefik.yml
hcornet b2ecf434aa add kestra
2024-07-28 11:00:41 +02:00

172 lines
6.3 KiB
YAML
Raw Blame History

#### NETWORKS
networks:
docker-traefik_front_network:
external: true
back_network:
driver: bridge
attachable: true
#### SERVICES
services:
### guacd
guacd:
container_name: guacamole-guacd
hostname: guacamole-guacd
image: guacamole/guacd:latest
networks:
- back_network
restart: always
volumes:
- ./drive:/drive:rw
- ./record:/var/lib/guacamole/recordings:rw
### postgres
postgres:
container_name: guacamole-postgres
hostname: guacamole-postgres
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: 'P@ssword!Here!123456'
POSTGRES_USER: guacamole_user
TZ: Europe/Paris
image: postgres:15.6-alpine
networks:
- back_network
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
interval: 30s
timeout: 10s
retries: 10
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:ro
- ./data:/var/lib/postgresql/data:rw
### adminer
adminer:
container_name: guacamole-adminer
hostname: guacamole-adminer
depends_on:
- postgres
image: adminer
restart: always
networks:
- back_network
- docker-traefik_front_network
labels:
- "traefik.enable=true"
- "traefik.docker.network=docker-traefik_front_network"
# HTTP
# - "traefik.http.routers.adminer-http.rule=Host(`adminer.10.0.4.29.traefik.me`)"
- "traefik.http.routers.adminer-http.rule=Host(`adminer.tips-of-mine.local`)"
- "traefik.http.routers.adminer-http.entrypoints=http"
# HTTPS
# - "traefik.http.routers.adminer-https.rule=Host(`adminer.10.0.4.29.traefik.me`)"
- "traefik.http.routers.adminer-https.rule=Host(`adminer.tips-of-mine.local`)"
- "traefik.http.routers.adminer-https.entrypoints=https"
- "traefik.http.routers.adminer-https.tls=true"
- "traefik.http.routers.adminer.service=adminer-service"
# Middleware
# Service
- "traefik.http.services.adminer-service.loadbalancer.server.port=8080"
### guacamole
guacamole:
container_name: guacamole-app
hostname: guacamole-app
depends_on:
- guacd
- postgres
environment:
### GUACD
GUACD_HOME: "/opt/guac_home"
GUACD_HOSTNAME: guacd
RECORDING_SEARCH_PATH: "/var/lib/guacamole/recordings"
### PostgreSQL
POSTGRES_HOSTNAME: postgres
POSTGRESQL_PORT: 5432
POSTGRES_DATABASE: guacamole_db
POSTGRES_USER: guacamole_user
POSTGRES_PASSWORD: 'P@ssword!Here!123456'
### Active Directory
# Controler de domaine
# LDAP_HOSTNAME: "10.0.4.4"
# LDAP_PORT: 389
# LDAP_ENCRYPTION_METHOD: "none"
# LDAP_MAX_SEARCH_RESULTS: "10000"
# Recherche des utilisateurs
# LDAP_USER_BASE_DN: "OU=Utilisateurs,OU=Societe,DC=tips-of-mine,DC=local"
# LDAP_USERNAME_ATTRIBUTE: "samAccountName"
# LDAP_USER_SEARCH_FILTER: "(&(objectClass=User)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=GDL-Guacamole-Access,OU=Guacamole,OU=Services,OU=Groupes,OU=Societe,DC=tips-of-mine,DC=local))"
# Utilisateur pour connexion AD
# LDAP_SEARCH_BIND_DN: "CN=Service Guacamole,OU=Services,OU=Societe,DC=tips-of-mine,DC=local"
# LDAP_SEARCH_BIND_PASSWORD: "some_password"
# Recherche des groupes
# LDAP_GROUP_BASE_DN: "OU=Groupes,OU=Societe,DC=tips-of-mine,DC=local"
# LDAP_GROUP_SEARCH_FILTER: "(objectClass=Group)"
# LDAP_GROUP_NAME_ATTRIBUTE: "cn"
# LDAP_MEMBER_AATRIBUTE: "member"
### OpenID
OPENID_AUTHORIZATION_ENDPOINT: https://authentik.tips-of-mine.local/application/o/authorize/
OPENID_CLIENT_ID: f71Je39kparABozs1MLcLURECvQMNy9Fih0linvs
OPENID_ISSUER: https://authentik.tips-of-mine.local/application/o/guacamole/
OPENID_JWKS_ENDPOINT: https://authentik.tips-of-mine.local/application/o/guacamole/jwks/
OPENID_REDIRECT_URI: https://guacamole.tips-of-mine.local
###
# OPENID_AUTHORIZATION_ENDPOINT: https://keycloak.tips-of-mine.local/realms/master/protocol/openid-connect/auth
# OPENID_JWKS_ENDPOINT: https://keycloak.tips-of-mine.local/realms/master/protocol/openid-connect/certs
# OPENID_ISSUER: https://keycloak.tips-of-mine.local/realms/master
# OPENID_CLIENT_ID: guacamole
# OPENID_REDIRECT_URI: https://guacamole.tips-of-mine.local
# Priority
# EXTENSION_PRIORITY: ldap
### Extension Guacamole
# TOTP_ENABLED: "true"
# TOTP_ISSUER: "Guacamole IT Tips-Of-Mine"
# TOTP_DIGITS: 6
# TOTP_PERIOD: 60
# TOTP_MODE: sha1
image: guacamole/guacamole:latest
links:
- guacd
networks:
- docker-traefik_front_network
- back_network
# ports:
## enable next line if not using nginx
## - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /.
## enable next line when using nginx
# - 8080/tcp
restart: always
volumes:
- ./guacamole-config:/config
- ./guac_home:/opt/guac_home
- ./record:/var/lib/guacamole/recordings:ro
- ./drive:/drive:rw
labels:
- "traefik.enable=true"
- "traefik.docker.network=docker-traefik_front_network"
# HTTP
# - "traefik.http.routers.guacamole-http.rule=Host(`guacamole.10.0.4.29.traefik.me`)"
- "traefik.http.routers.guacamole-http.rule=Host(`guacamole.tips-of-mine.local`)"
- "traefik.http.routers.guacamole-http.entrypoints=http"
# HTTPS
# - "traefik.http.routers.guacamole-https.rule=Host(`guacamole.10.0.4.29.traefik.me`)"
- "traefik.http.routers.guacamole-https.rule=Host(`guacamole.tips-of-mine.local`)"
- "traefik.http.routers.guacamole-https.entrypoints=https"
- "traefik.http.routers.guacamole-https.service=guacamole-service"
- "traefik.http.routers.guacamole-https.middlewares=guacamole-addprefix"
- "traefik.http.routers.guacamole-https.tls=true"
# - "traefik.http.routers.guacamole-https.tls.certResolver=le"
# - "traefik.http.routers.guacamole-https.tls.options=default"
# Middleware
# - "traefik.http.middlewares.guacamole-headers.headers.stsincludesubdomains=true"
# - "traefik.http.middlewares.guacamole-headers.headers.stsseconds=315360000"
# - "traefik.http.middlewares.guacamole-headers.headers.forcestsheader=true"
- "traefik.http.middlewares.guacamole-addprefix.addprefix.prefix=/guacamole"
# Service
- "traefik.http.services.guacamole-service.loadbalancer.server.port=8080"
Reference in New Issue View Git Blame Copy Permalink