eid-ops/global/overlay/etc/puppet/modules/eid/templates/proxy/docker-compose.yml.erb

---
services:
  eidas-proxy:
    image: docker.sunet.se/eidas-proxy:<%= @version %>
    container_name: eidas-proxy
    environment:
      - PROXY_SERVICE_DOMAIN_PREFIX=https://<%= @service_name %>/eidas-ps
      - SPRING_PROFILES_ACTIVE=<%= @country %>
      - CERTNAME=<%= @server_fqdn %>_infra
      - <%= @spring_config_param %>=<%= @proxy_directory %>/<%= @country %>/cfg/
      - PROXY_SERVICE_COOKIEENCRYPTPW=<%= @proxy_service_cookie_encrypt_pw %>
<% if @use_hsm -%>
      - PKCS11_PIN=<%= @pkcs11_pin %>
<% end -%>

    hostname: <%= @server_fqdn %>

    volumes:
      - '/var/log/eidas-proxy:/var/log/eidas-proxy'
      - '<%= @proxy_directory %>:<%= @proxy_directory %>'
      - '/dev/log:/dev/log'
      - '/etc/ssl:/etc/ssl'
<% if @use_hsm -%>
      - '/etc/luna/cert:/usr/safenet/lunaclient/cert'
      - '/etc/Chrystoki.conf.d:/etc/Chrystoki.conf.d'
<% end -%>

    ports:
      - "443:8443"
      - "127.0.0.1:444:8444"