version: '3' services: web: image: ministicraft/heimdall depends_on: - db environment: - TZ=Europe/Paris - PUID=1000 - PGID=1000 - DB_CONNECTION=pgsql - DB_HOST=db - DB_DATABASE=heimdall - DB_USERNAME=user - DB_PASSWORD=pwd - APP_URL=https://www.arnaud-pc.fr - FORCE_HTTPS=true - APP_DEBUG=true volumes: - heimdall_config:/config deploy: resources: limits: cpus: '0.5' memory: 200M reservations: cpus: '0.1' memory: 50M networks: - dmz - heimdall db: image: postgres:latest environment: - POSTGRES_USER=user - POSTGRES_PASSWORD=pwd - POSTGRES_DB=heimdall volumes: - postgres_data:/var/lib/postgresql/data deploy: resources: limits: cpus: '0.5' memory: 200M reservations: cpus: '0.1' memory: 50M networks: - heimdall gatekeeper: image: keycloak/keycloak-gatekeeper networks: - heimdall - dmz command: | --discovery-url=https://auth.arnaud-pc.fr/auth/realms/cloud --client-id=heimdall_proxy --client-secret=secret --listen=:3000 --redirection-url=https://www.arnaud-pc.fr --enable-refresh-tokens=true --encryption-key=key --upstream-url=https://web:443 --enable-default-deny=true --resources="uri=/*" --skip-upstream-tls-verify=true deploy: resources: limits: cpus: '0.25' memory: 50M reservations: cpus: '0.1' memory: 10M labels: - "traefik.enable=true" - "traefik.frontend.rule=Host:www.arnaud-pc.fr" - "traefik.port=3000" - "traefik.docker.network=dmz" - "traefik.backend.loadbalancer.swarm=true" networks: heimdall: driver: overlay dmz: external: name: dmz volumes: heimdall_config: driver: convoy postgres_data: driver: convoy nginx: driver: convoy