zrok/docker/compose/zrok-private-access/compose.yml

services:
  zrok-init:
    image: busybox
    # matches uid:gid of "nobody" in zrok container image
    command: chown -Rc 65534:65534 /mnt/.zrok
    user: root
    volumes:
      - zrok_env:/mnt/.zrok

  zrok-enable:
    image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
    depends_on:
      zrok-init:
        condition: service_completed_successfully
    entrypoint:
      - bash
      - -euc
      - |
        if [[ -n "$(jq '.ziti_identity' ~/.zrok/environment.json 2>/dev/null)" ]]; then
          echo "INFO: zrok environment is already enabled"
          exit 0
        else
          zrok config set apiEndpoint ${ZROK_API_ENDPOINT:-https://api.zrok.io}
          echo "INFO: running: zrok $$(sed -E "s/${ZROK_ENABLE_TOKEN}/************/" <<< $${@})"
          exec zrok "$${@}"
        fi
    command: -- enable --headless --description "${ZROK_ENVIRONMENT_NAME:-docker private access}" ${ZROK_ENABLE_TOKEN}
    volumes:
      - zrok_env:/mnt/.zrok
    environment:
      HOME: /mnt

  zrok-access:
    image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
    command: access private --headless --bind 0.0.0.0:9191 ${ZROK_ACCESS_TOKEN}
    depends_on:
      zrok-enable:
        condition: service_completed_successfully
    ports:
      - 9191:9191  # expose the zrok private access proxy to the Docker host
    volumes:
      - zrok_env:/mnt/.zrok
    environment:
      HOME: /mnt
      PFXLOG_NO_JSON: "true"

  # alternatively, access the zrok private access proxy from another container
  demo-client:
    depends_on:
      - zrok-access
    image: busybox
    entrypoint:
      - sh
      - -c
      - |
        while true; do 
          echo 'INFO: trying wget';
          wget -q -O - http://zrok-access:9191/ip; 
          sleep 3; 
        done

volumes:
  zrok_env:
add Docker Compose projects for public share, private share, and private access 2023-02-15 20:04:26 +01:00			`services:`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`zrok-init:`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`image: busybox`
			`# matches uid:gid of "nobody" in zrok container image`
			`command: chown -Rc 65534:65534 /mnt/.zrok`
			`user: root`
			`volumes:`
			`- zrok_env:/mnt/.zrok`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`zrok-enable:`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`depends_on:`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`zrok-init:`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`condition: service_completed_successfully`
			`entrypoint:`
			`- bash`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`- -euc`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`- \|`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`if [[ -n "$(jq '.ziti_identity' ~/.zrok/environment.json 2>/dev/null)" ]]; then`
			`echo "INFO: zrok environment is already enabled"`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`exit 0`
			`else`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`zrok config set apiEndpoint ${ZROK_API_ENDPOINT:-https://api.zrok.io}`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`echo "INFO: running: zrok $$(sed -E "s/${ZROK_ENABLE_TOKEN}/************/" <<< $${@})"`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`exec zrok "$${@}"`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`fi`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`command: -- enable --headless --description "${ZROK_ENVIRONMENT_NAME:-docker private access}" ${ZROK_ENABLE_TOKEN}`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`volumes:`
			`- zrok_env:/mnt/.zrok`
			`environment:`
			`HOME: /mnt`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00
			`zrok-access:`
			`image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}`
use headless mode (no tty); allow override API endpoint env var 2023-02-22 03:28:02 +01:00			`command: access private --headless --bind 0.0.0.0:9191 ${ZROK_ACCESS_TOKEN}`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`depends_on:`
			`zrok-enable:`
			`condition: service_completed_successfully`
add Docker Compose projects for public share, private share, and private access 2023-02-15 20:04:26 +01:00			`ports:`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`- 9191:9191 # expose the zrok private access proxy to the Docker host`
add Docker Compose projects for public share, private share, and private access 2023-02-15 20:04:26 +01:00			`volumes:`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`- zrok_env:/mnt/.zrok`
add Docker Compose projects for public share, private share, and private access 2023-02-15 20:04:26 +01:00			`environment:`
			`HOME: /mnt`
			`PFXLOG_NO_JSON: "true"`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00
			`# alternatively, access the zrok private access proxy from another container`
			`demo-client:`
			`depends_on:`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`- zrok-access`
add Docker Compose projects for public share, private share, and private access 2023-02-15 20:04:26 +01:00			`image: busybox`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`entrypoint:`
			`- sh`
			`- -c`
			`- \|`
			`while true; do`
			`echo 'INFO: trying wget';`
add docker project for reserved public share 2023-10-20 19:46:36 +02:00			`wget -q -O - http://zrok-access:9191/ip;`
add a container to cross-build on libc 2.28 2023-02-15 23:41:46 +01:00			`sleep 3;`
			`done`

			`volumes:`
			`zrok_env:`