-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml.jsonnet
40 lines (37 loc) · 1.23 KB
/
docker-compose.yml.jsonnet
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
local ddb = import 'ddb.docker.libjsonnet';
local pp = std.extVar("jsonnet.docker.expose.port_prefix");
local chain = std.extVar("project.chain");
local compose_network_name = std.extVar("docker.compose.network_name");
local domain_ext = std.extVar("core.domain.ext");
local domain_sub = std.extVar("core.domain.sub");
local domain = std.join('.', [domain_sub, domain_ext]);
ddb.Compose() {
services: {
intermediate: ddb.Image("gficentreouest/alpine-cfssl") +
ddb.VirtualHost(80, domain) + {
environment+: [
"CFSSL_CSR=csr_intermediate_ca.json",
"CFSSL_CONFIG=ca_intermediate_config.json",
"DB_DISABLED=1"
] + if chain then ["CA_ROOT_URI=http://root." + compose_network_name] else [],
ports: [pp + "80:80"],
expose: [80],
[if chain then "depends_on"]: ["root"],
volumes+: [
"intermediate:/etc/cfssl",
"intermediate_trust:/cfssl_trust"
]
},
[if chain then "root"]: ddb.Image("gficentreouest/alpine-cfssl") + {
environment+: [
"CFSSL_CSR=csr_root_ca.json",
"CFSSL_CONFIG=ca_root_config.json",
"DB_DISABLED=1"
],
volumes+: [
"root:/etc/cfssl",
"root_trust:/cfssl_trust"
]
}
}
}