-
Notifications
You must be signed in to change notification settings - Fork 83
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
40 lines (39 loc) · 1.64 KB
/
Copy pathdocker-compose.yml
File metadata and controls
40 lines (39 loc) · 1.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
services:
webobsidian:
build: .
image: webobsidian:latest
container_name: webobsidian
restart: unless-stopped
ports:
# ${HTTP_PORT:-8787} on the host → 8787 in the container.
# Set HTTP_BIND=127.0.0.1 in .env to expose only to localhost (reverse proxy).
- "${HTTP_BIND:-0.0.0.0}:${HTTP_PORT:-8787}:8787"
environment:
# Set an initial password (otherwise set it on first-run in the UI)
WEBOBSIDIAN_PASSWORD: ${WEBOBSIDIAN_PASSWORD:-}
# File-watch mode: auto (native + polling fallback) | polling. See .env.example.
WEBOBSIDIAN_WATCH: ${WEBOBSIDIAN_WATCH:-auto}
# Proxy trust. Default "true" (trust immediate hop) so X-Forwarded-Proto
# HTTPS cookie detection works behind a reverse proxy. Not a rate-limit risk
# (limiter keys on the TCP socket addr, not X-Forwarded-For). Set "false" only
# for a directly-exposed instance with no proxy. See .env.example.
TRUST_PROXY: ${TRUST_PROXY:-true}
VAULT_PATH: /vault
DATA_DIR: /data
ALLOWED_ROOTS: /vault
NODE_ENV: production
volumes:
# Your vault on the host (VAULT_HOST_PATH in .env) → /vault in the container.
# Defaults to the bundled sample vault so `docker compose up` works immediately.
- ${VAULT_HOST_PATH:-./sample-vault}:/vault
# Persisted settings.json + search index
- webobsidian-data:/data
healthcheck:
test: ["CMD", "wget", "-qO-", "http://localhost:8787/healthz"]
interval: 30s
timeout: 5s
retries: 3
# Allow time for the initial vault index on first boot (large vaults).
start_period: 90s
volumes:
webobsidian-data: