From 0cc349765ed49dfb59b43d766cdbb6ef67d690b1 Mon Sep 17 00:00:00 2001 From: Lino Silva Date: Sun, 12 Apr 2026 22:18:24 +0100 Subject: [PATCH] feat: Trek compose files --- docker-compose/apps-1/trek/.env | 2 ++ docker-compose/apps-1/trek/compose.yaml | 43 +++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 docker-compose/apps-1/trek/.env create mode 100644 docker-compose/apps-1/trek/compose.yaml diff --git a/docker-compose/apps-1/trek/.env b/docker-compose/apps-1/trek/.env new file mode 100644 index 0000000..9b6cb5d --- /dev/null +++ b/docker-compose/apps-1/trek/.env @@ -0,0 +1,2 @@ +OIDC_CLIENT_SECRET=[[TREKCLIENTSECRET]] +ENCRYPTION_KEY=[[TREKENCRYPTIONKEY]] diff --git a/docker-compose/apps-1/trek/compose.yaml b/docker-compose/apps-1/trek/compose.yaml new file mode 100644 index 0000000..d297f9e --- /dev/null +++ b/docker-compose/apps-1/trek/compose.yaml @@ -0,0 +1,43 @@ +services: + app: + image: mauriceboe/trek:latest + container_name: trek + read_only: true + security_opt: + - no-new-privileges:true + cap_drop: + - ALL + cap_add: + - CHOWN + - SETUID + - SETGID + tmpfs: + - /tmp:noexec,nosuid,size=64m + ports: + - "3000:3000" + environment: + - NODE_ENV=production + - PORT=3000 + - ENCRYPTION_KEY=${ENCRYPTION_KEY} + - TZ=Europe/Lisbon + - LOG_LEVEL=info + - ALLOWED_ORIGINS=https://trek.lino.cooking + - FORCE_HTTPS=true + - TRUST_PROXY=1 + - ALLOW_INTERNAL_NETWORK=trur + - APP_URL=https://trek.lino.cooking + - OIDC_ISSUER=https://auth.lino.cooking + - OIDC_CLIENT_ID=652278a5-b695-4589-9d51-d23cfb2e15dd + - OIDC_CLIENT_SECRET=${OIDC_CLIENT_SECRET} + - OIDC_DISPLAY_NAME=PocketID + - OIDC_ONLY=true + volumes: + - /data/trek/app:/app/data + - /data/trek/uploads:/app/uploads + restart: unless-stopped + healthcheck: + test: ["CMD", "wget", "-qO-", "http://localhost:3000/api/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 15s