2023-02-21 19:07:28 +01:00
|
|
|
services:
|
2023-10-30 18:19:35 +01:00
|
|
|
zrok-init:
|
2023-02-21 19:07:28 +01:00
|
|
|
image: busybox
|
2024-05-21 18:47:10 +02:00
|
|
|
# matches uid:gid of "ziggy" in zrok container image
|
|
|
|
command: chown -Rc 2171:2171 /mnt/.zrok
|
2023-02-21 19:07:28 +01:00
|
|
|
user: root
|
|
|
|
volumes:
|
|
|
|
- zrok_env:/mnt/.zrok
|
2023-10-30 18:19:35 +01:00
|
|
|
|
2023-11-28 17:23:45 +01:00
|
|
|
# enable zrok environment
|
2023-02-21 19:07:28 +01:00
|
|
|
zrok-enable:
|
2023-10-30 18:19:35 +01:00
|
|
|
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
2023-02-21 19:07:28 +01:00
|
|
|
depends_on:
|
2023-10-30 18:19:35 +01:00
|
|
|
zrok-init:
|
2023-02-21 19:07:28 +01:00
|
|
|
condition: service_completed_successfully
|
2023-11-28 17:23:45 +01:00
|
|
|
entrypoint: zrok-enable.bash
|
2023-02-21 19:07:28 +01:00
|
|
|
volumes:
|
2023-11-28 17:23:45 +01:00
|
|
|
- zrok_env:/mnt
|
2023-02-21 19:07:28 +01:00
|
|
|
environment:
|
2024-07-08 17:24:22 +02:00
|
|
|
HOME: /mnt
|
2023-11-28 17:23:45 +01:00
|
|
|
ZROK_ENABLE_TOKEN:
|
|
|
|
ZROK_API_ENDPOINT:
|
|
|
|
ZROK_ENVIRONMENT_NAME: docker-private-share
|
2023-10-30 18:19:35 +01:00
|
|
|
|
|
|
|
zrok-share:
|
|
|
|
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
2024-07-08 17:24:22 +02:00
|
|
|
restart: unless-stopped
|
|
|
|
entrypoint: zrok-share.bash
|
2023-02-21 19:07:28 +01:00
|
|
|
depends_on:
|
|
|
|
zrok-enable:
|
|
|
|
condition: service_completed_successfully
|
|
|
|
volumes:
|
2023-11-28 17:23:45 +01:00
|
|
|
- zrok_env:/mnt
|
2023-02-21 19:07:28 +01:00
|
|
|
environment:
|
2024-07-08 17:24:22 +02:00
|
|
|
# internal configuration
|
|
|
|
HOME: /mnt # zrok homedir in container
|
|
|
|
|
|
|
|
# most relevant options
|
|
|
|
ZROK_UNIQUE_NAME: # name is used to construct frontend domain name, e.g. "myapp" in "myapp.share.zrok.io"
|
|
|
|
ZROK_BACKEND_MODE: # web, caddy, drive, proxy
|
|
|
|
ZROK_TARGET: # backend target, is a path in container filesystem unless proxy mode
|
|
|
|
ZROK_INSECURE: # "--insecure" if proxy target has unverifiable TLS server certificate
|
|
|
|
ZROK_BASIC_AUTH: # username:password
|
|
|
|
ZROK_PERMISSION_MODE: # if "closed" allow only your account and additional accounts in ZROK_ACCESS_GRANTS
|
|
|
|
ZROK_ACCESS_GRANTS: # space-separated list of additional zrok account emails to grant access in closed permission mode
|
|
|
|
|
|
|
|
# least relevant options
|
|
|
|
ZROK_VERBOSE: # "--verbose"
|
|
|
|
ZROK_SHARE_OPTS: # additional arguments to "zrok reserve private" command
|
|
|
|
ZROK_FRONTEND_MODE: reserved-private
|
|
|
|
PFXLOG_NO_JSON: "true" # suppress JSON logging format
|
2023-02-21 19:07:28 +01:00
|
|
|
|
2023-11-28 17:23:45 +01:00
|
|
|
# demo server you can share with zrok
|
2023-02-21 19:07:28 +01:00
|
|
|
zrok-test:
|
2023-10-30 18:19:35 +01:00
|
|
|
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
|
2023-02-21 19:07:28 +01:00
|
|
|
command: test endpoint --address 0.0.0.0 # 9090
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
zrok_env:
|