SharepointToolbox-Web/docker-compose.prebuilt.yml

# Runs the prebuilt image from the Gitea registry (no local build).
#   docker compose -f docker-compose.prebuilt.yml pull
#   docker compose -f docker-compose.prebuilt.yml up -d
#
# Pin a version by overriding the tag:  SPTB_TAG=v1.2.0 docker compose ...
# Set the OIDC secrets via a .env file next to this compose file (see below).
services:
  sptb-web:
    image: git.azuze.fr/kawa/sptb-web:${SPTB_TAG:-latest}
    container_name: sptb-web
    ports:
      - "8080:8080"
    volumes:
      - sptb-data:/data
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - DataFolder=/data
      # Public domain the app is reached at (e.g. sptb.example.com). The SharePoint-connect
      # redirect URI is derived from it as <domain>/connect/callback.
      - App__Domain=${App__Domain:-}
      # OIDC config — overrides the placeholder values baked into appsettings.json.
      # Authority is derived from TenantId in code; do NOT set an Authority key.
      # Put real values in a .env file beside this compose file (NO quotes around
      # values — the list form embeds literal quotes and breaks discovery):
      #   Oidc__TenantId=<entra-tenant-guid>
      #   Oidc__ClientId=<app-client-id>
      #   Oidc__ClientSecret=<app-client-secret>
      - Oidc__TenantId=${Oidc__TenantId:-}
      - Oidc__ClientId=${Oidc__ClientId:-}
      - Oidc__ClientSecret=${Oidc__ClientSecret:-}
      # Optional: seed first admin while the user store is empty (local form login).
      - Bootstrap__AdminEmail=${Bootstrap__AdminEmail:-}
      - Bootstrap__AdminPassword=${Bootstrap__AdminPassword:-}
    restart: unless-stopped
    healthcheck:
      # /account/login is anonymous and returns 200; -f fails on >=400.
      test: ["CMD", "curl", "-fsS", "http://localhost:8080/account/login"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 30s

volumes:
  sptb-data:
    driver: local