53 lines
1.8 KiB
YAML
53 lines
1.8 KiB
YAML
services:
|
|
trilium:
|
|
image: ${TRILIUM_IMAGE}
|
|
container_name: trilium
|
|
restart: unless-stopped
|
|
hostname: ${TRILIUM_HOSTNAME}
|
|
|
|
environment:
|
|
TZ: ${TZ}
|
|
|
|
volumes:
|
|
- ${TRILIUM_DATA_PATH}:/home/node/trilium-data:Z
|
|
|
|
expose:
|
|
- "${TRILIUM_HTTP_PORT}"
|
|
|
|
networks:
|
|
- proxy
|
|
|
|
labels:
|
|
traefik.enable: "true"
|
|
traefik.docker.network: "${TRAEFIK_DOCKER_NETWORK}"
|
|
|
|
# Router HTTPS - dominio principal
|
|
traefik.http.routers.trilium.rule: "Host(`${TRILIUM_DOMAIN_1}`)"
|
|
traefik.http.routers.trilium.entrypoints: "${TRAEFIK_ENTRYPOINT_SECURE}"
|
|
traefik.http.routers.trilium.tls: "true"
|
|
traefik.http.routers.trilium.tls.certresolver: "${TRAEFIK_CERTRESOLVER}"
|
|
|
|
# Router HTTPS - dominio secundario (sin redirección)
|
|
traefik.http.routers.trilium-alt.rule: "Host(`${TRILIUM_DOMAIN_2}`)"
|
|
traefik.http.routers.trilium-alt.entrypoints: "${TRAEFIK_ENTRYPOINT_SECURE}"
|
|
traefik.http.routers.trilium-alt.tls: "true"
|
|
traefik.http.routers.trilium-alt.tls.certresolver: "${TRAEFIK_CERTRESOLVER}"
|
|
traefik.http.routers.trilium-alt.service: "trilium@docker"
|
|
|
|
# Servicio interno
|
|
traefik.http.services.trilium.loadbalancer.server.port: "${TRILIUM_HTTP_PORT}"
|
|
|
|
# Middleware solo de headers (sin Authentik)
|
|
traefik.http.routers.trilium.middlewares: "trilium-sec@docker"
|
|
|
|
traefik.http.middlewares.trilium-sec.headers.stsSeconds: "31536000"
|
|
traefik.http.middlewares.trilium-sec.headers.stsIncludeSubdomains: "true"
|
|
traefik.http.middlewares.trilium-sec.headers.stsPreload: "true"
|
|
traefik.http.middlewares.trilium-sec.headers.contentTypeNosniff: "true"
|
|
traefik.http.middlewares.trilium-sec.headers.frameDeny: "true"
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
|