ansible/roles/docker/templates/manyfold-compose.yml.j2

services:
  app:
    image: ghcr.io/manyfold3d/manyfold-solo:latest
    volumes:
      # Uncomment to add a volume where a database file should be created.
      # Don't change the part after the colon, it needs to be at /config
      - ./config:/config
      # Uncomment to add a filesystem volume for your model library (or multiple if
      # you want multiple libraries), in the form <local_path>:<container_path>.
      # The local path could be a folder that already contains models, in which case Manyfold
      # will scan and import them, or it could be empty.
      # The container path can be anything; you will need to enter it in the "new library" form.
      - ./models:/models
    environment:
      SECRET_KEY_BASE: {{ vault_manyfold.secret_key }}
      MULTIUSER: enabled 
      OIDC_CLIENT_ID: {{ vault_manyfold.oidc.client_id }}
      OIDC_CLIENT_SECRET: {{ vault_manyfold.oidc.client_secret }}
      OIDC_ISSUER: https://{{ subdomains.auth }}/application/o/manyfold/
      OIDC_NAME: Authentik
      PUBLIC_HOSTNAME: {{ subdomains.models }}
      MAX_FILE_UPLOAD_SIZE: 5368709120
      PUID: 1000
      PGID: 1000
    extra_hosts:
      - "{{ subdomains.auth }}:{{ docker.hairpin_ip }}"
    labels:
      glance.name: Manyfold
      glance.icon: si:open3d
      glance.url: https://{{ subdomains.models }}/
      glance.description: STL Storage
      mag37.dockcheck.update: true
    restart: unless-stopped
    # Optional, but recommended for better security
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - DAC_OVERRIDE
      - SETUID
      - SETGID

networks:
  default:
    external: true
    name: "{{ docker.network_name }}"