OpenTranscribe/docker-compose.pki-dev.yml at master · attevon-llc/OpenTranscribe · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# PKI/mTLS Authentication Overlay for Development
#
# Uses local containers (not Docker Hub) with PKI support.
#
# Usage:
#   1. Generate certificates:
#      ./scripts/pki/setup-test-pki.sh
#
#   2. Generate server cert (if not done):
#      cd scripts/pki/test-certs && openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
#        -keyout nginx/server.key -out nginx/server.crt -subj "/CN=localhost"
#
#   3. Start dev with PKI:
#      docker compose -f docker-compose.yml -f docker-compose.pki-dev.yml up -d
#
#   4. Access: https://localhost:8443
#

services:
  # Override frontend to add PKI/mTLS support
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile.prod
    volumes:
      # Mount PKI nginx config
      - ./frontend/nginx-pki.conf:/etc/nginx/conf.d/default.conf:ro
      # Mount certificates
      - ./scripts/pki/test-certs/nginx/server.crt:/etc/nginx/certs/server.crt:ro
      - ./scripts/pki/test-certs/nginx/server.key:/etc/nginx/certs/server.key:ro
      - ./scripts/pki/test-certs/ca/ca.crt:/etc/nginx/certs/ca.crt:ro
    ports:
      - "${FRONTEND_PORT:-5173}:8080"
      - "${PKI_HTTPS_PORT:-8443}:8443"
    environment:
      - NODE_ENV=production
    networks:
      - transcribe-network

  # Use local backend build
  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile.dev
    volumes:
      - ./backend:/app
    networks:
      - transcribe-network

networks:
  transcribe-network:
    driver: bridge