forked from a-langer/nexus-sso
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path_compose.override_prod.yml
30 lines (25 loc) · 1.3 KB
/
_compose.override_prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
version: "3.9"
## 1. Set variables for your production environment, ex.:
# export NEXUS_USER=$(id -u) NEXUS_GROUP=$(id -g)
# export NEXUS_ETC="./etc_prod" NEXUS_DATA="./data_prod"
## 2. Prepare directories and config templates, ex.:
# mkdir ${NEXUS_ETC} ${NEXUS_DATA}
# cp -rf ./etc/* ${NEXUS_ETC}/
# cp -rf ./nexus-bootstrap/src/main/config/* ${NEXUS_ETC}/sso/config/
# mkdir -p ${NEXUS_ETC}/sso/config/ && cp ./nexus-bootstrap/src/main/config/* "$_"
## 3. Modify shiro.ini, metadata.xml and sp-metadata.xml, see docs/SAML.md.
## 4. Change these settings for your production environment, ex.:
services:
nexus:
volumes:
# All file volumes from compose.yml are inherited here, the following are added to them
- ${NEXUS_ETC}/sso/config/shiro.ini:/opt/sonatype/nexus/etc/sso/config/shiro.ini:ro
- ${NEXUS_ETC}/sso/config/metadata.xml:/opt/sonatype/nexus/etc/sso/config/metadata.xml:ro
- ${NEXUS_ETC}/sso/config/sp-metadata.xml:/opt/sonatype/nexus/etc/sso/config/sp-metadata.xml:ro
nginx:
volumes:
# Enable SSL encryption on port 443
- ${NEXUS_ETC}/nginx/_ssl.conf:/etc/nginx/ssl.conf:ro
# Pass the site certificate and key to container
- ${NEXUS_ETC}/nginx/tls/mysite.crt:/etc/nginx/tls/site.crt:ro
- ${NEXUS_ETC}/nginx/tls/mysite.key:/etc/nginx/tls/site.key:ro