Sebastian Krüger
ab35b2bca1
Added new paint service stack to the docker-compose infrastructure: - **Paint stack** (paint.pivoine.art): - miniPaint: Web-based image editor built from GitHub - Multi-stage Docker build clones from https://github.com/viliusle/miniPaint - Features: layers, filters, drawing tools, text, shapes support - Client-side processing with no server uploads - Stateless architecture (no backups needed) Infrastructure updates: - Created paint/compose.yaml with Traefik routing and SSL - Created paint/Dockerfile with Node.js build stage and nginx serve - Added PAINT environment variables to arty.yml - Updated compose.yaml include list - Updated CLAUDE.md documentation All services integrated with Traefik for SSL termination and include Watchtower auto-update labels. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
33 lines
1.5 KiB
YAML
33 lines
1.5 KiB
YAML
services:
|
|
paint:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
image: minipaint:latest
|
|
container_name: ${PAINT_COMPOSE_PROJECT_NAME}_app
|
|
restart: unless-stopped
|
|
networks:
|
|
- compose_network
|
|
labels:
|
|
- 'traefik.enable=${PAINT_TRAEFIK_ENABLED}'
|
|
# HTTP to HTTPS redirect
|
|
- 'traefik.http.middlewares.${PAINT_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web.middlewares=${PAINT_COMPOSE_PROJECT_NAME}-redirect-web-secure'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web.rule=Host(`${PAINT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
|
|
# HTTPS router
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${PAINT_TRAEFIK_HOST}`)'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
|
|
- 'traefik.http.routers.${PAINT_COMPOSE_PROJECT_NAME}-web-secure.middlewares=security-headers@file'
|
|
# Service
|
|
- 'traefik.http.services.${PAINT_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=80'
|
|
- 'traefik.docker.network=${NETWORK_NAME}'
|
|
# Watchtower
|
|
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
|
|
|
|
networks:
|
|
compose_network:
|
|
name: ${NETWORK_NAME}
|
|
external: true
|