1
0
mirror of https://github.com/pypiserver/pypiserver synced 2024-11-09 16:45:51 +01:00
pypiserver/docker-compose.yml

150 lines
6.6 KiB
YAML
Raw Permalink Normal View History

2018-06-27 03:51:32 +02:00
---
# ######################################################################
# pypiserver docker-compose examples
# ######################################################################
# The below examples illustrate different ways that pypiserver may be
# configured with docker-compose (and by extension, with Docker) to
# serve your python packages.
#
# Most of the configuration options detailed below can be mixed and
# matched as desired.
# ######################################################################
2018-06-27 03:51:32 +02:00
version: "3.3"
2018-06-27 03:51:32 +02:00
services:
# ##################################################################
# Default
# ##################################################################
# The default configuration serves packages from the /data/packages
# directory inside the container. This directory is mounted as a
# volume in the Dockerfile, so it will be persisted, as long as you
# do not remove it with `docker-compose down -v` or
# `docker volume rm`.
# ##################################################################
pypiserver-default:
image: pypiserver/pypiserver:latest
ports:
- "8080:8080"
# ##################################################################
# Authenticated
# ##################################################################
# This config uses a locally created .htpasswd file to authenticate
# access to pypiserver. We assume our .htpasswd file is in a local
# directory `./auth`, which we mount to `/data/auth` in the
# container, and update the `command` from the Dockerfile to look
# for that file for authentication. Note that because we are
# overriding the default `command`, which tells pypiserver where to
# serve packages from, we need to include that part of the command
# in addition to our authentication information.
# ##################################################################
pypiserver-authenticated:
image: pypiserver/pypiserver:latest
volumes:
- type: bind
source: ./auth
target: /data/auth
command: -P /data/auth/.htpasswd -a update,download,list /data/packages
ports:
- "8081:8080"
# ##################################################################
# Serve local packages
# ##################################################################
# This config allows us to manage our package directory locally,
# rather than in a volume managed directly by docker. Note that
# especially if running from a Mac, this may cause performance
# degradations, which can be worked around by using the `consistency`
# setting if desired. Here, we mount a local `./packages` directory
# to `/data/packages`, overriding the standard volume.
# ##################################################################
pypiserver-local-packages:
image: pypiserver/pypiserver:latest
volumes:
- type: bind
source: ./packages
target: /data/packages
ports:
- "8082:8080"
# ##############################################################################
# Authenticated and serve local packages via HTTPS using Traefik
# ##############################################################################
# This one combines the two configurations above and uses Traefik for HTTPS and
# with automatic HTTP redirect.
# Remember to change "your.domain.com" and "your@email.com" with your domain
# and email address respectively.
#
# The pypiserver will be available at: https://your.domain.com
# The Traefik dashboard will be available at: https://your.domain.com/dashboard/
#
# A Traefik user can be added using the htpasswd tool:
# htpasswd -sc traefik/usersfile username
# ##############################################################################
pypiserver-https:
image: pypiserver/pypiserver:latest
volumes:
- type: bind
source: ./auth
target: /data/auth
- type: bind
source: ./packages
target: /data/packages
command: -P /data/auth/.htpasswd -a update,download,list /data/packages
labels:
# Expose container to Traefik
- "traefik.enable=true"
# Configure the route
- "traefik.http.routers.flask.rule=Host(`your.domain.com`)"
# - "traefik.http.routers.flask.rule=Host(`pypi.docker.localhost`)"
- "traefik.http.routers.flask.entrypoints=websecure"
- "traefik.http.routers.flask.tls=true"
- "traefik.http.routers.flask.tls.certresolver=leresolver"
traefik:
image: traefik:v2.1
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik:/etc/traefik:ro"
- "./traefik/acme:/etc/traefik/acme"
command:
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--api.dashboard=true"
- "--certificatesresolvers.leresolver.acme.email=your@email.com"
- "--certificatesresolvers.leresolver.acme.storage=/etc/traefik/acme/acme.json"
- "--certificatesresolvers.leresolver.acme.httpChallenge=true"
- "--certificatesresolvers.leresolver.acme.httpChallenge.entrypoint=web"
ports:
- "80:80"
- "443:443"
labels:
# Expose container to Traefik
- "traefik.enable=true"
# Dashboard
- "traefik.http.routers.traefik.rule=Host(`your.domain.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
# - "traefik.http.routers.traefik.rule=Host(`traefik.docker.localhost`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls=true"
- "traefik.http.routers.traefik.tls.certresolver=leresolver"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=authtraefik"
- "traefik.http.middlewares.authtraefik.basicauth.usersfile=/etc/traefik/usersfile"
# Global redirect to HTTPS
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# Middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"