Miniflux: change secret storage from env to files
This commit is contained in:
@@ -5,23 +5,26 @@ services:
|
||||
miniflux_app:
|
||||
image: miniflux/miniflux:2.2.10
|
||||
container_name: miniflux_app
|
||||
user: "{{ user_create_result.uid }}:{{ user_create_result.group }}"
|
||||
depends_on:
|
||||
miniflux_postgres:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- "miniflux_network"
|
||||
- "web_proxy_network"
|
||||
volumes:
|
||||
- "{{ secrets_dir }}:/secrets:ro"
|
||||
environment:
|
||||
- DATABASE_URL=postgres://{{ miniflux_postgres_user }}:{{ miniflux_postgres_password }}@miniflux_postgres/{{ miniflux_postgres_database }}?sslmode=disable
|
||||
- DATABASE_URL_FILE=/secrets/miniflux_database_url
|
||||
- RUN_MIGRATIONS=1
|
||||
- CREATE_ADMIN=1
|
||||
- ADMIN_USERNAME={{ miniflux_admin_user }}
|
||||
- ADMIN_PASSWORD={{ miniflux_admin_password }}
|
||||
- ADMIN_USERNAME_FILE=/secrets/miniflux_admin_user
|
||||
- ADMIN_PASSWORD_FILE=/secrets/miniflux_admin_password
|
||||
- BASE_URL=https://miniflux.vakhrushev.me
|
||||
- DISABLE_LOCAL_AUTH=1
|
||||
- OAUTH2_OIDC_DISCOVERY_ENDPOINT=https://auth.vakhrushev.me
|
||||
- OAUTH2_CLIENT_ID={{ miniflux_oidc_client_id }}
|
||||
- OAUTH2_CLIENT_SECRET={{ miniflux_oidc_client_secret }}
|
||||
- OAUTH2_CLIENT_ID_FILE=/secrets/miniflux_oidc_client_id
|
||||
- OAUTH2_CLIENT_SECRET_FILE=/secrets/miniflux_oidc_client_secret
|
||||
- OAUTH2_OIDC_PROVIDER_NAME=Authelia
|
||||
- OAUTH2_PROVIDER=oidc
|
||||
- OAUTH2_REDIRECT_URL=https://miniflux.vakhrushev.me/oauth2/oidc/callback
|
||||
@@ -42,7 +45,7 @@ services:
|
||||
volumes:
|
||||
- {{ postgres_data_dir }}:/var/lib/postgresql/data
|
||||
healthcheck:
|
||||
test: ["CMD", "pg_isready", "-U", "miniflux"]
|
||||
test: ["CMD", "pg_isready", "--username={{ miniflux_postgres_user }}", "--dbname={{ miniflux_postgres_database }}"]
|
||||
interval: 10s
|
||||
start_period: 30s
|
||||
|
||||
|
||||
Reference in New Issue
Block a user