64 lines
1.3 KiB
YAML
64 lines
1.3 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
vdi:
|
|
build:
|
|
args:
|
|
- DOCKER_BUILD_DIR=docker/x2go/xfce-debian
|
|
- SSH_PORT=${VDI_PORT:-22}
|
|
context: ../..
|
|
dockerfile: docker/x2go/xfce-debian/Dockerfile
|
|
cap_add:
|
|
- IPC_LOCK # ecryptfs
|
|
- NET_ADMIN # iptables
|
|
- NET_RAW # iptables
|
|
- SYS_ADMIN # ecryptfs
|
|
cpus: 0.5
|
|
environment:
|
|
- DEBUG=${VDI_DEBUG:-}
|
|
- ECRYPTERS=${VDI_ECRYPTERS:-}
|
|
- LANG=${VDI_LANG:-}
|
|
- SSH_PORT=${VDI_PORT:-22}
|
|
- SSH_PUBLIC_HOSTS=${SSH_PUBLIC_HOSTS:-}
|
|
- SUDOERS=${VDI_SUDOERS:-}
|
|
- TZ=${VDI_TZ:-}
|
|
- USERS=${VDI_USERS:-}
|
|
image: ${DOCKER_REPOSITORY}/vdi:${DOCKER_IMAGE_TAG}
|
|
networks:
|
|
- private
|
|
- public
|
|
ports:
|
|
- ${SSH_PORT}
|
|
restart: unless-stopped
|
|
security_opt:
|
|
- apparmor=unconfined # ecryptfs
|
|
- seccomp=unconfined # ecryptfs
|
|
tty: true
|
|
volumes:
|
|
- vdi-home:/home:delegated
|
|
- vdi-shared:/shared:cached
|
|
- vdi-shm:/dev/shm:delegated
|
|
|
|
networks:
|
|
private:
|
|
external: true
|
|
name: ${DOCKER_NETWORK_PRIVATE}
|
|
public:
|
|
external: true
|
|
name: ${DOCKER_NETWORK_PUBLIC}
|
|
|
|
volumes:
|
|
vdi-home:
|
|
vdi-shared:
|
|
driver: local
|
|
driver_opts:
|
|
type: none
|
|
device: /mnt/shared
|
|
o: bind
|
|
vdi-shm:
|
|
driver: local
|
|
driver_opts:
|
|
type: tmpfs
|
|
device: tmpfs
|
|
o: mode=1777,size=2147483648 # 2GB
|