31 lines
897 B
YAML
31 lines
897 B
YAML
version: '3.9'
|
|
|
|
services:
|
|
mongo_server_tls:
|
|
container_name: mongo-tls
|
|
image: public.ecr.aws/docker/library/mongo:${MONGO_TAG}
|
|
restart: always
|
|
environment:
|
|
MONGO_INITDB_DATABASE: mqtt
|
|
volumes:
|
|
- ./certs/server.crt:/etc/certs/cert.pem
|
|
- ./certs/server.key:/etc/certs/key.pem
|
|
- ./certs/ca.crt:/etc/certs/cacert.pem
|
|
networks:
|
|
- emqx_bridge
|
|
ports:
|
|
- "27018:27017"
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- |
|
|
cat /etc/certs/key.pem /etc/certs/cert.pem > /etc/certs/mongodb.pem
|
|
mongod --ipv6 --bind_ip_all \
|
|
--tlsOnNormalPorts \
|
|
--tlsMode requireSSL \
|
|
--tlsCertificateKeyFile /etc/certs/mongodb.pem \
|
|
--tlsCAFile /etc/certs/cacert.pem \
|
|
--tlsDisabledProtocols TLS1_0,TLS1_1 \
|
|
--setParameter opensslCipherConfig='HIGH:!EXPORT:!aNULL:!DHE:!kDHE@STRENGTH'
|
|
|