-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.https.yml
More file actions
87 lines (82 loc) · 2.17 KB
/
Copy pathdocker-compose.https.yml
File metadata and controls
87 lines (82 loc) · 2.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# HTTPS configuration with Caddy reverse proxy
# Automatic TLS certificates via Let's Encrypt
# Generated by install.sh when HTTPS is enabled
services:
sandbox:
build:
context: ./sandbox
dockerfile: Dockerfile
container_name: detach-sandbox
hostname: sandbox
networks:
- detach-network
environment:
- REPO_URL=${REPO_URL:-}
- GIT_NAME=${GIT_NAME:-}
- GIT_EMAIL=${GIT_EMAIL:-}
volumes:
- ./keys/bridge.pub:/tmp/authorized_keys:ro
- ./keys/deploy_key:/home/detach-dev/.ssh/id_ed25519:ro
- ./keys/deploy_key.pub:/home/detach-dev/.ssh/id_ed25519.pub:ro
- sandbox-home:/home/detach-dev
restart: unless-stopped
healthcheck:
test: ["CMD", "pgrep", "sshd"]
interval: 10s
timeout: 5s
retries: 3
bridge:
build:
context: ./bridge
dockerfile: Dockerfile
container_name: detach-bridge
networks:
- detach-network
# No external ports - accessed via Caddy
environment:
- SANDBOX_HOST=sandbox
- SANDBOX_PORT=22
- SSH_KEY_PATH=/app/keys/bridge
- CLAUDE_ARGS=${CLAUDE_ARGS:---dangerously-skip-permissions}
- DETACH_TOKEN=${DETACH_TOKEN:-}
- WEBVIEW_HOST=${DETACH_DOMAIN:-localhost}
- VAPID_PUBLIC_KEY=${VAPID_PUBLIC_KEY:-}
- VAPID_PRIVATE_KEY=${VAPID_PRIVATE_KEY:-}
- VAPID_SUBJECT=${VAPID_SUBJECT:-mailto:admin@detach.it}
- WEB_PUSH_SUBSCRIPTIONS_FILE=/app/data/web-push-subscriptions.json
volumes:
- ./keys/bridge:/app/keys/bridge:ro
- bridge-data:/app/data
depends_on:
sandbox:
condition: service_healthy
restart: unless-stopped
caddy:
build:
context: .
dockerfile: caddy/Dockerfile
container_name: detach-caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy-data:/data
- caddy-config:/config
networks:
- detach-network
depends_on:
- bridge
networks:
detach-network:
driver: bridge
volumes:
sandbox-home:
driver: local
bridge-data:
driver: local
caddy-data:
driver: local
caddy-config:
driver: local