mirror of
https://github.com/supabase/supabase.git
synced 2026-05-07 06:27:16 +08:00
53 lines
1.6 KiB
YAML
53 lines
1.6 KiB
YAML
services:
|
|
|
|
# By default, Kong is used as the API gateway and its ports/env are reset
|
|
# below so nginx can terminate TLS in front of it.
|
|
#
|
|
# When running Envoy instead, e.g.:
|
|
# docker compose -f docker-compose.yml -f docker-compose.envoy.yml \
|
|
# -f docker-compose.nginx.yml up -d
|
|
# comment out the `kong:` block below and uncomment the `api-gw:` block
|
|
# (and the matching `depends_on` entry further down) so nginx sits in front
|
|
# of Envoy rather than Kong.
|
|
|
|
#api-gw:
|
|
# ports: !reset []
|
|
|
|
kong:
|
|
ports: !reset []
|
|
environment:
|
|
KONG_PORT_MAPS: "443:8000,443:8443"
|
|
|
|
nginx:
|
|
container_name: supabase-nginx
|
|
image: jonasal/nginx-certbot:6.0.1-nginx1.29.5
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
depends_on:
|
|
#api-gw:
|
|
# condition: service_healthy
|
|
kong:
|
|
condition: service_healthy
|
|
studio:
|
|
condition: service_healthy
|
|
environment:
|
|
PROXY_DOMAIN: ${PROXY_DOMAIN}
|
|
CERTBOT_EMAIL: ${CERTBOT_EMAIL}
|
|
PROXY_AUTH_USERNAME: ${DASHBOARD_USERNAME}
|
|
PROXY_AUTH_PASSWORD: ${DASHBOARD_PASSWORD}
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- |
|
|
printf '%s:%s\n' "$${PROXY_AUTH_USERNAME}" "$$(openssl passwd -apr1 "$${PROXY_AUTH_PASSWORD}")" > /etc/nginx/user_conf.d/dashboard-passwd && \
|
|
envsubst '$${PROXY_DOMAIN}' < /etc/nginx/supabase-nginx.conf.tpl > /etc/nginx/user_conf.d/nginx.conf && \
|
|
/scripts/start_nginx_certbot.sh
|
|
volumes:
|
|
- ./volumes/proxy/nginx/supabase-nginx.conf.tpl:/etc/nginx/supabase-nginx.conf.tpl:ro
|
|
- nginx_letsencrypt:/etc/letsencrypt
|
|
|
|
volumes:
|
|
nginx_letsencrypt:
|