| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- {% set tpl = ix_lib.base.render.Render(values) %}
- {% set c1 = tpl.add_container(values.consts.portainer_container_name, values.portainer.image_selector) %}
- {% do c1.set_user(0, 0) %}
- {% do c1.add_caps(["CHOWN", "DAC_OVERRIDE", "FOWNER", "KILL", "SETGID", "SETUID", "SETPCAP", "SETFCAP"]) %}
- {% do c1.environment.add_user_envs(values.portainer.additional_envs) %}
- {% do c1.healthcheck.disable() %}
- {% set cmd = namespace(x=[
- "--data", values.consts.data_path,
- "--tunnel-port", tpl.funcs.or_default(values.network.tunnel_port.port_number, 0),
- "--bind-https", ":%d" | format(values.network.web_port.port_number),
- "--http-enabled" if values.network.http_port.bind_mode else "--http-disabled",
- ]) %}
- {% if values.network.http_port.bind_mode %}
- {% do cmd.x.extend(["--bind", ":%d" | format(values.network.http_port.port_number)]) %}
- {% endif %}
- {% if values.network.certificate_id %}
- {% do cmd.x.extend([
- "--sslkey", values.consts.ssl_key_path,
- "--sslcert", values.consts.ssl_cert_path,
- ]) %}
- {% set cert = values.ix_certificates[values.network.certificate_id] %}
- {% do c1.configs.add("private", cert.privatekey, values.consts.ssl_key_path) %}
- {% do c1.configs.add("public", cert.certificate, values.consts.ssl_cert_path) %}
- {% endif %}
- {% do c1.set_command(cmd.x) %}
- {% do c1.add_port(values.network.web_port) %}
- {% do c1.add_port(values.network.tunnel_port) %}
- {% do c1.add_port(values.network.http_port) %}
- {% do c1.add_docker_socket(read_only=False) %}
- {% do c1.add_storage(values.consts.data_path, values.storage.data) %}
- {% for store in values.storage.additional_storage %}
- {% do c1.add_storage(store.mount_path, store) %}
- {% endfor %}
- {% do tpl.portals.add(values.network.http_port, {"name": "HTTP"}) %}
- {% do tpl.portals.add(values.network.web_port, {"name": "HTTPS", "scheme": "https"}) %}
- {{ tpl.render() | tojson }}
|
