Comment variables and remove proxy handling (already done by the base
java image)
This commit is contained in:
parent
679e68f5c9
commit
5cc2802dea
|
@ -1 +1 @@
|
|||
Subproject commit 8cfe263f274b066e8021e5f821ef6fd465f645f9
|
||||
Subproject commit df3e7fd52e5758d54c0dcad522260b1416d92884
|
|
@ -163,8 +163,7 @@ _EOF
|
|||
}
|
||||
|
||||
env {
|
||||
JAVA_OPTS = "-Djava.awt.headless=true -Dlogback.configurationFile=/local/logback.xml
|
||||
[[- if has .proxy "address" ]] -Dhttp.proxyHost=[[ (urlParse .proxy.address).Hostname ]] -Dhttp.proxyPort=[[ (urlParse .proxy.address).Port ]] -Dhttps.proxyHost=[[ (urlParse .proxy.address).Hostname ]] -Dhttps.proxyPort=[[ (urlParse .proxy.address).Port ]] -Dhttp.nonProxyHosts=[[ join .proxy.no_proxy "|" ]][[ end ]]"
|
||||
JAVA_OPTS = "-Dlogback.configurationFile=/local/logback.xml"
|
||||
[[ template "common/proxy_env.tpl" . ]]
|
||||
[[ template "common/env.tpl" .unifi.controller.env ]]
|
||||
}
|
||||
|
|
|
@ -1,43 +1,88 @@
|
|||
---
|
||||
|
||||
# Unifi controller has several components :
|
||||
# - The controller itself (which also include the inform, the guest_portal and the stun service)
|
||||
# - A small nginx proxy to expose all the various web service of unifi through a single port
|
||||
# - A mongodb server (optional, can use an external mongodb)
|
||||
# - A firmware downloader helper : this is because the Unifi Controller can't use an outbound web proxy
|
||||
|
||||
unifi:
|
||||
|
||||
# This is for the web management console
|
||||
controller:
|
||||
|
||||
# The driver to use (docker or podman)
|
||||
driver: docker
|
||||
|
||||
# The image for the controller
|
||||
image: danielberteaud/unifi:latest
|
||||
|
||||
# Resource allocation for the controller
|
||||
resources:
|
||||
cpu: 200
|
||||
memory: 1024
|
||||
|
||||
# Mongo instance to use
|
||||
mongo:
|
||||
address: mongodb://127.0.0.1:27017/unifi
|
||||
# The address of the mongo service. Leave the default
|
||||
# unless you use an external mongo service
|
||||
address: mongodb://127.0.0.1:27017/
|
||||
|
||||
# DB names for unifi and the statistics
|
||||
db: unifi
|
||||
stats_db: unifi_stats
|
||||
|
||||
# Service name of the mongo service. This is used to wait for mongo to be
|
||||
# up before starting the controller
|
||||
service_name: unifi-mongo
|
||||
|
||||
# Set to true if you want to use an external mongo service
|
||||
is_external: False
|
||||
|
||||
# Additional environment vars to pass to the container
|
||||
env: {}
|
||||
|
||||
# Public URL to reach the controller web interface
|
||||
public_url: https://unifi.example.org
|
||||
|
||||
traefik: {}
|
||||
# Traefik settings
|
||||
traefik:
|
||||
|
||||
# List of entrypoints where the management console will be exposed
|
||||
#entrypoints:
|
||||
# - https
|
||||
|
||||
# Override the default base_middleware to remove the inflight-std@file middleware
|
||||
base_middlewares:
|
||||
- rate-limit-std@file
|
||||
- security-headers@file
|
||||
- forward-headers@file
|
||||
- compression@file
|
||||
- csp-relaxed@file
|
||||
|
||||
# List of additional middlewares to load
|
||||
#middlewares:
|
||||
# - ip-trusted@file
|
||||
|
||||
# This volume will hold controller data (like cached firmwares)
|
||||
volume:
|
||||
type: csi
|
||||
source: unifi-data
|
||||
|
||||
# The inform endpoint is used by the devices to contact the controller
|
||||
inform:
|
||||
# Public URL of the inform endpoint
|
||||
# Note : this MUST be http, not https
|
||||
public_url: http://unifi-inform.example.org:8080/inform
|
||||
|
||||
# Traefik settings
|
||||
traefik:
|
||||
|
||||
# List of entrypoints where the inform endpoint will be exposed.
|
||||
entrypoints:
|
||||
- unifi-inform
|
||||
|
||||
# Override the base middlewares list to remove hsts@file as we're on http
|
||||
base_middlewares:
|
||||
- rate-limit-std@file
|
||||
- inflight-std@file
|
||||
|
@ -45,44 +90,93 @@ unifi:
|
|||
- forward-headers@file
|
||||
- compression@file
|
||||
- csp-relaxed@file
|
||||
|
||||
# List of additional middleware to load
|
||||
middlewares: []
|
||||
|
||||
# The guest portal
|
||||
guest_portal:
|
||||
|
||||
# Public URL where the guest portal will be reachable
|
||||
public_url: https://unifi-portal.example.org:8843/
|
||||
|
||||
# Traefik settings
|
||||
traefik:
|
||||
|
||||
# List of entrypoints on which the service will be exposed
|
||||
# Note: UniFi doesn't allow custommisation of the port, this entrypoint must be listening on port 8843
|
||||
entrypoints:
|
||||
- unifi-portal
|
||||
|
||||
# List of middlewares to load
|
||||
middlewares: []
|
||||
|
||||
# The STUN service
|
||||
stun:
|
||||
|
||||
# Traefik settings
|
||||
traefik:
|
||||
|
||||
# List of entrypoints the STUN service wil be exposed on
|
||||
# Note: This must be UDP entrypoints !
|
||||
entrypoints:
|
||||
- unifi-stun
|
||||
|
||||
# The nginx reverse proxy is used to expose all Unifi service over a single port
|
||||
# So we don't need to run one envoy proxy per port
|
||||
nginx:
|
||||
# The image to use
|
||||
image: nginxinc/nginx-unprivileged:alpine
|
||||
|
||||
# The driver to use (docker or podman)
|
||||
driver: docker
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 10
|
||||
memory: 15
|
||||
|
||||
# MongoDB service.
|
||||
# Note : this will be ignored if .unifi.controller.mongo.is_external is set to true
|
||||
mongo:
|
||||
|
||||
# The image to use
|
||||
image: danielberteaud/mongo:4.0-1
|
||||
|
||||
# The driver to use (docker or podman)
|
||||
driver: docker
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 100
|
||||
memory: 256
|
||||
|
||||
# Persistant volume
|
||||
volume:
|
||||
type: csi
|
||||
source: unifi-mongo
|
||||
|
||||
# This componant will be used if a proxy is set.
|
||||
# It's needed because the UniFi controller do not send outbound web requests
|
||||
# through the configured proxy to download firmwares
|
||||
fw_dl:
|
||||
|
||||
# The image to use
|
||||
image: danielberteaud/ubnt-firmware-downloader:latest
|
||||
|
||||
# The driver (docker or podman)
|
||||
driver: docker
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 10
|
||||
memory: 64
|
||||
|
||||
# Additionnal environment to set on the container
|
||||
env:
|
||||
# The dir where firmwares will be stored
|
||||
UBNT_FIRMWARE_DIR: /data/unifi/firmware
|
||||
# A list of platforms for which firmware will be downloaded (other ones will be ignored)
|
||||
UBNT_PLATFORMS: U7HD,US48PRO
|
||||
# A cron expression to run the update
|
||||
UBNT_CRON: 48 22 * * *
|
||||
|
|
Loading…
Reference in New Issue