Docker compose config with Traefik and Let’s Encrypt certificate
注意! MAIL_URL 中的username和password 要轉成URL編碼
- @ %40
- $ %24
- + %2B
- / %2F
/srv/wekan/docker-compose.yml
services:
wekan:
image: wekanteam/wekan
restart: always
depends_on:
- mongo-init-replica
environment:
- ROOT_URL=https://wekan.example.com
- MONGO_URL=mongodb://mongo:27017/wekan
- MONGO_OPLOG_URL=mongodb://mongo:27017/local?replicaSet=rs0
- MAIL_URL=smtp://username:password@<mail_url>:25/?ignoreTLS=true&tls={rejectUnauthorized:false}
- MAIL_FROM=Wekan Notifications <noreply.wekan@mydomain.com>
- LDAP_AD_SIMPLE_AUTH=true
- LDAP_BASEDN=OU=EXAMPLE,OU=EXAMPLE-USER,DC=example,DC=com
- LDAP_DEFAULT_DOMAIN=example.com
- LDAP_EMAIL_FIELD=postOfficeBox
- LDAP_ENABLE=true
- LDAP_FULLNAME_FIELD=displayName
- LDAP_HOST=192.168.123.123
- LDAP_LOG_ENABLED=true
- LDAP_USER_AUTHENTICATION=true
- LDAP_USER_SEARCH_FIELD=sAMAccountName
- LDAP_USERNAME_FIELD=sAMAccountName
labels:
- "traefik.enable=true"
- "traefik.http.routers.wekan.rule=Host(`wekan.example.com`)"
- "traefik.http.routers.wekan.entrypoints=websecure"
- "traefik.http.routers.wekan.tls=true"
- "traefik.http.routers.wekan.tls.certresolver=letsencrypt"
- "traefik.http.routers.wekan.service=wekan"
- "traefik.http.services.wekan.loadbalancer.server.port=8080"
networks:
- web
mongo:
image: mongo:4.0
command: ["mongod", "--replSet", "rs0", "--smallfiles", "--oplogSize", "128"]
restart: unless-stopped
volumes:
- wekan-mongo-db:/data/db
networks:
- web
mongo-init-replica:
image: mongo:4.0
depends_on:
- mongo
entrypoint: >
bash -c "
for i in $(seq 1 30); do
mongo --host mongo --eval 'rs.initiate({_id: \"rs0\", members: [{_id: 0, host: \"mongo:27017\"}]})' && break
echo 'Retrying rs.initiate in 5 seconds…'
sleep 5
done
"
restart: "no"
volumes:
wekan-mongo-db:
networks:
web:
networks:
web:
external: true
Brassai Kao’s Tech Weave 