ahriman/recipes/pam/compose.yml

services:
  backend:
    image: arcan1s/ahriman:edge
    privileged: true

    environment:
      AHRIMAN_DEBUG: yes
      AHRIMAN_OUTPUT: console
      AHRIMAN_PASSWORD: ${AHRIMAN_PASSWORD}
      AHRIMAN_PORT: 8080
      AHRIMAN_PRESETUP_COMMAND: useradd -d / -G wheel -M demo; (cat /run/secrets/password; echo; cat /run/secrets/password) | passwd demo
      AHRIMAN_REPOSITORY: ahriman-demo
      AHRIMAN_UNIX_SOCKET: /var/lib/ahriman/ahriman/ahriman.sock

    configs:
      - source: service
        target: /etc/ahriman.ini.d/99-settings.ini
    secrets:
      - password

    volumes:
      - type: volume
        source: repository
        target: /var/lib/ahriman
        volume:
          nocopy: true

    healthcheck:
      test: curl --fail --silent --output /dev/null http://backend:8080/api/v1/info
      interval: 10s
      start_period: 30s

    command: web

  frontend:
    image: nginx
    ports:
      - 8080:80

    configs:
      - source: nginx
        target: /etc/nginx/conf.d/default.conf

    volumes:
      - type: volume
        source: repository
        target: /srv
        read_only: true
        volume:
          nocopy: true

configs:
  nginx:
    file: nginx.conf
  service:
    file: service.ini

secrets:
  password:
    environment: AHRIMAN_PASSWORD

volumes:
  repository: