Sebastian Krüger
9a77bdb211
Added Pastel service with API and UI to the Kit toolkit: **New Services:** - pastel_api: Backend API for color palette generation - Image: ghcr.io/valknarness/pastel-api:latest - Routes: https://pastel.kit.pivoine.art/api - pastel_ui: Frontend UI for interactive palette generation - Image: ghcr.io/valknarness/pastel-ui:latest - Routes: https://pastel.kit.pivoine.art **Features:** - Color harmony algorithms - Interactive palette generation - Export in various formats - Programmatic API access - Path-based routing (UI on root, API on /api) **Configuration:** - Updated arty.yml with KIT_PASTEL_* variables - Updated documentation (CLAUDE.md, README.md) - Added Traefik labels with SSL, compression, security headers - Watchtower auto-update enabled Kit stack now includes 5 services: - Landing page (kit.pivoine.art) - Vert file converter (vert.kit.pivoine.art) - Paint image editor (paint.kit.pivoine.art) - Pastel color generator (pastel.kit.pivoine.art) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
140 lines
8.2 KiB
YAML
140 lines
8.2 KiB
YAML
services:
|
|
landing:
|
|
image: ${KIT_LANDING_IMAGE:-ghcr.io/valknarness/kit-ui:latest}
|
|
container_name: ${KIT_COMPOSE_PROJECT_NAME}_landing
|
|
restart: unless-stopped
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${KIT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-landing-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-landing-redirect-web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.rule=Host(`${KIT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web.entrypoints=web'
|
|
# HTTPS router
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.rule=Host(`${KIT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-landing-compress.compress=true'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-landing-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-landing-compress,security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-landing.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
vert:
|
|
image: ${KIT_VERT_IMAGE:-ghcr.io/vert-sh/vert:latest}
|
|
container_name: ${KIT_COMPOSE_PROJECT_NAME}_vert
|
|
restart: unless-stopped
|
|
environment:
|
|
PUB_HOSTNAME: ${KIT_VERT_TRAEFIK_HOST}
|
|
PUB_ENV: production
|
|
PUB_DISABLE_ALL_EXTERNAL_REQUESTS: true
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${KIT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-redirect-web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.rule=Host(`${KIT_VERT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web.entrypoints=web'
|
|
# HTTPS router with auth
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.rule=Host(`${KIT_VERT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-vert-compress.compress=true'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-vert-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-vert-compress,security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-vert.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
paint:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
image: minipaint:latest
|
|
container_name: ${KIT_COMPOSE_PROJECT_NAME}_paint
|
|
restart: unless-stopped
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${KIT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-redirect-web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.rule=Host(`${KIT_PAINT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web.entrypoints=web'
|
|
# HTTPS router
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.rule=Host(`${KIT_PAINT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-paint-compress.compress=true'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-paint-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-paint-compress,security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-paint.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
pastel_api:
|
|
image: ${KIT_PASTEL_API_IMAGE:-ghcr.io/valknarness/pastel-api:latest}
|
|
container_name: ${KIT_COMPOSE_PROJECT_NAME}_pastel_api
|
|
restart: unless-stopped
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${KIT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-api-redirect-web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`) && PathPrefix(`/api`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web.entrypoints=web'
|
|
# HTTPS router
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`) && PathPrefix(`/api`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-compress.compress=true'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-api-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-api-compress,security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-pastel-api.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
pastel_ui:
|
|
image: ${KIT_PASTEL_UI_IMAGE:-ghcr.io/valknarness/pastel-ui:latest}
|
|
container_name: ${KIT_COMPOSE_PROJECT_NAME}_pastel_ui
|
|
restart: unless-stopped
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${KIT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-redirect-web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.entrypoints=web'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web.priority=1'
|
|
# HTTPS router
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.rule=Host(`${KIT_PASTEL_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.priority=1'
|
|
- 'traefik.http.middlewares.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-compress.compress=true'
|
|
- 'traefik.http.routers.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-web-secure.middlewares=${KIT_COMPOSE_PROJECT_NAME}-pastel-ui-compress,security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${KIT_COMPOSE_PROJECT_NAME}-pastel-ui.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
networks:
|
|
compose_network:
|
|
name: ${NETWORK_NAME}
|
|
external: true
|