summaryrefslogtreecommitdiffstats
path: root/docker-compose.yml
blob: 0564288eff95128c2c486be2c0d599b78927adee (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
version: '2'

# Using prebuilt image: docker-compose up -d --no-build

services:

  wekandb:
    image: mongo:3.2.21
    container_name: wekan-db
    restart: always
    command: mongod --smallfiles --oplogSize 128
    networks:
      - wekan-tier
    expose:
      - 27017
    volumes:
      - wekan-db:/data/db
      - wekan-db-dump:/dump

  wekan:
    image: quay.io/wekan/wekan
    container_name: wekan-app
    restart: always
    networks:
      - wekan-tier
    ports:
      # Docker outsideport:insideport
      - 80:8080
    environment:
      - MONGO_URL=mongodb://wekandb:27017/wekan
      - ROOT_URL=http://localhost
      # Wekan Export Board works when WITH_API='true'.
      # If you disable Wekan API with 'false', Export Board does not work.
      - WITH_API=true
      # Optional: Integration with Matomo https://matomo.org that is installed to your server
      # The address of the server where Matomo is hosted. 
      # example: - MATOMO_ADDRESS=https://example.com/matomo
      - MATOMO_ADDRESS=''
      # The value of the site ID given in Matomo server for Wekan
      # example: - MATOMO_SITE_ID=12345
      - MATOMO_SITE_ID=''
      # The option do not track which enables users to not be tracked by matomo
      # example:  - MATOMO_DO_NOT_TRACK=false
      - MATOMO_DO_NOT_TRACK=true
      # The option that allows matomo to retrieve the username:
      # example: MATOMO_WITH_USERNAME=true
      - MATOMO_WITH_USERNAME=false
      # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
      # Setting this to false is not recommended, it also disables all other browser policy protections
      # and allows all iframing etc. See wekan/server/policy.js
      - BROWSER_POLICY_ENABLED=true
      # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
      - TRUSTED_URL=''
      # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
      # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
      - WEBHOOKS_ATTRIBUTES=''
      # Enable the OAuth2 connection
      # example: OAUTH2_ENABLED=true
      - OAUTH2_ENABLED=false
      # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
      # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
      # example: OAUTH2_CLIENT_ID=abcde12345
      - OAUTH2_CLIENT_ID=''
      # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
      # example: OAUTH2_SECRET=54321abcde
      - OAUTH2_SECRET=''
      # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
      # example: OAUTH2_SERVER_URL=https://chat.example.com
      - OAUTH2_SERVER_URL=''
      # OAuth2 Authorization Endpoint. Example: /oauth/authorize
      # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize
      - OAUTH2_AUTH_ENDPOINT=''
      # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
      # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
      - OAUTH2_USERINFO_ENDPOINT=''
      # OAuth2 Token Endpoint. Example: /oauth/token
      # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
      - OAUTH2_TOKEN_ENDPOINT=''
      # LDAP_ENABLE : Enable or not the connection by the LDAP
      # example : LDAP_ENABLE=true
      - LDAP_ENABLE=false
      # LDAP_PORT : The port of the LDAP server
      # example : LDAP_PORT=389
      - LDAP_PORT=389
      # LDAP_HOST : The host server for the LDAP server
      # example : LDAP_HOST=localhost
      - LDAP_HOST=''
      # LDAP_BASEDN : The base DN for the LDAP Tree
      # example : LDAP_BASEDN=ou=user,dc=example,dc=org
      - LDAP_BASEDN=''
      # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
      # example : LDAP_LOGIN_FALLBACK=true
      - LDAP_LOGIN_FALLBACK=false
      # LDAP_RECONNECT : Reconnect to the server if the connection is lost
      # example : LDAP_RECONNECT=false
      - LDAP_RECONNECT=true
      # LDAP_TIMEOUT : Overall timeout, in milliseconds
      # example : LDAP_TIMEOUT=12345
      - LDAP_TIMEOUT=10000
      # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
      # example : LDAP_IDLE_TIMEOUT=12345
      - LDAP_IDLE_TIMEOUT=10000
      # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
      # example : LDAP_CONNECT_TIMEOUT=12345
      - LDAP_CONNECT_TIMEOUT=10000
      # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
      # example : LDAP_AUTHENTIFICATION=true
      - LDAP_AUTHENTIFICATION=false
      # LDAP_AUTHENTIFICATION_USERDN : The search user DN
      # example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
      - LDAP_AUTHENTIFICATION_USERDN=''
      # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
      # example : AUTHENTIFICATION_PASSWORD=admin
      - LDAP_AUTHENTIFICATION_PASSWORD=''
      # LDAP_LOG_ENABLED : Enable logs for the module
      # example : LDAP_LOG_ENABLED=true
      - LDAP_LOG_ENABLED=false
      # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
      # example : LDAP_BACKGROUND_SYNC=true
      - LDAP_BACKGROUND_SYNC=false
      # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
      # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
      - LDAP_BACKGROUND_SYNC_INTERVAL=100
      # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : 
      # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
      - LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
      # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : 
      # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
      - LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
      # LDAP_ENCRYPTION : If using LDAPS
      # example : LDAP_ENCRYPTION=true
      - LDAP_ENCRYPTION=false
      # LDAP_CA_CERT : The certification for the LDAPS server
      # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
      - LDAP_CA_CERT=''
      # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
      # example : LDAP_REJECT_UNAUTHORIZED=true
      - LDAP_REJECT_UNAUTHORIZED=false
      # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
      # example : LDAP_USER_SEARCH_FILTER=
      - LDAP_USER_SEARCH_FILTER=''
      # LDAP_USER_SEARCH_SCOPE : Base (search only in the provided DN), one (search only in the provided DN and one level deep), or subtree (search the whole subtree)
      # example : LDAP_USER_SEARCH_SCOPE=one
      - LDAP_USER_SEARCH_SCOPE=''
      # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
      # example : LDAP_USER_SEARCH_FIELD=uid
      - LDAP_USER_SEARCH_FIELD=''
      # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
      # example : LDAP_SEARCH_PAGE_SIZE=12345
      - LDAP_SEARCH_PAGE_SIZE=0
      # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
      # example : LDAP_SEARCH_SIZE_LIMIT=12345
      - LDAP_SEARCH_SIZE_LIMIT=0
      # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
      # example : LDAP_GROUP_FILTER_ENABLE=true
      - LDAP_GROUP_FILTER_ENABLE=false
      # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
      # example : LDAP_GROUP_FILTER_OBJECTCLASS=group
      - LDAP_GROUP_FILTER_OBJECTCLASS=''
      # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : 
      # example : 
      - LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=''
      # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : 
      # example : 
      - LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=''
      # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : 
      # example : 
      - LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=''
      # LDAP_GROUP_FILTER_GROUP_NAME : 
      # example : 
      - LDAP_GROUP_FILTER_GROUP_NAME=''
      # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
      # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
      - LDAP_UNIQUE_IDENTIFIER_FIELD=''
      # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
      # example : LDAP_UTF8_NAMES_SLUGIFY=false
      - LDAP_UTF8_NAMES_SLUGIFY=true
      # LDAP_USERNAME_FIELD : Which field contains the ldap username
      # example : LDAP_USERNAME_FIELD=username
      - LDAP_USERNAME_FIELD=''
      # LDAP_MERGE_EXISTING_USERS : 
      # example : LDAP_MERGE_EXISTING_USERS=true
      - LDAP_MERGE_EXISTING_USERS=false
      # LDAP_SYNC_USER_DATA : 
      # example : LDAP_SYNC_USER_DATA=true
      - LDAP_SYNC_USER_DATA=false
      # LDAP_SYNC_USER_DATA_FIELDMAP : 
      # example : LDAP_SYNC_USER_DATA_FIELDMAP={\"cn\":\"name\", \"mail\":\"email\"}
      - LDAP_SYNC_USER_DATA_FIELDMAP=''
      # LDAP_SYNC_GROUP_ROLES : 
      # example : 
      - LDAP_SYNC_GROUP_ROLES=''
      # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
      # example : 
      - LDAP_DEFAULT_DOMAIN=''

    depends_on:
      - wekandb

volumes:
  wekan-db:
    driver: local
  wekan-db-dump:
    driver: local

networks:
  wekan-tier:
    driver: bridge