-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdocker-compose.yml
68 lines (65 loc) · 2.18 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
version: "3.7"
networks:
dns:
secrets:
CF_Email:
file: secrets/CF_Email.txt
# external: true
CF_Token:
file: secrets/CF_Token.txt
# external: true
SYNO_Username:
file: secrets/SYNO_Username.txt
# external: true
SYNO_Password:
file: secrets/SYNO_Password.txt
# external: true
services:
acme:
image: "markdumay/synology-tls:2.8.6"
# Override Synology's default 'db' driver to ensure logs are visible
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
networks:
dns:
volumes:
# make ACME data persistent (optional)
- ./data/acme:/acme.sh
# make log data persistent to simplify monitoring (optional)
- ./data/log:/var/log
deploy:
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
window: 120s
secrets:
- CF_Email
- CF_Token
- SYNO_Username
- SYNO_Password
environment:
# Set to core domain in .env (e.g. example.com), wildcard is added automatically
- DOMAIN=${DOMAIN}
# Set to 'production' in .env to request real certificate, defaults to staging (appends '--test' parameter)
- TARGET=${TARGET}
# Set to 'true' in .env to force renew a cert immediately (appends '--force' parameter)
- FORCE_RENEW=${FORCE_RENEW}
# Deployment settings (using Synology hook)
- DEPLOY_HOOK=${DEPLOY_HOOK}
- SYNO_Certificate=${SYNO_Certificate}
- SYNO_Create=1
- SYNO_Hostname=${SYNO_Hostname}
- SYNO_Port=${SYNO_Port}
# Notification settings (using Slack hook)
- NOTIFY_HOOK=${NOTIFY_HOOK}
- NOTIFY_LEVEL=${NOTIFY_LEVEL}
- SLACK_CHANNEL=${SLACK_CHANNEL}
- SLACK_USERNAME=${SLACK_USERNAME}
# Cron schedule
- CRON_SCHEDULE=${CRON_SCHEDULE}
# Run acme.sh in Daemon mode
command: daemon