-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
39 lines (37 loc) · 1.37 KB
/
docker-compose.yml
File metadata and controls
39 lines (37 loc) · 1.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
services:
ghvault:
build: .
container_name: ghvault
restart: unless-stopped
ports:
- "8080:8080"
volumes:
# Persist backups
- ghvault-backups:/home/ghvault/backups
# Persist configuration and token
- ghvault-config:/home/ghvault/.config/ghvault
environment:
# Optional: Override the built-in OAuth client ID with your own
# GHVAULT_OAUTH_CLIENT_ID: your-client-id
# Server address (set server.password when binding anything other than 127.0.0.1)
GHVAULT_SERVER_ADDRESS: ":8080"
# Required when exposing the server beyond localhost
GHVAULT_SERVER_PASSWORD: "please-change-me"
# Required when the OS keyring is unavailable (e.g. Docker/headless)
GHVAULT_SECRET: "generate-a-long-random-string-and-store-it-safely"
# Scheduled backups (set to true and configure cron)
# GHVAULT_SCHEDULE_ENABLED: "true"
# GHVAULT_SCHEDULE_CRON: "0 2 * * *" # Daily at 2 AM
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/health"]
interval: 30s
timeout: 3s
retries: 3
start_period: 5s
# To authenticate in Docker:
# 1. Run: docker compose exec ghvault ghvault login --headless
# 2. Open the verification URL in your browser
# 3. Enter the code shown in the terminal
volumes:
ghvault-backups:
ghvault-config: