services: stirling-pdf: container_name: Stirling-PDF-Security image: stirlingtools/stirling-pdf:latest deploy: resources: limits: memory: 4G depends_on: - db healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -q 'Please sign in'"] interval: 5s timeout: 10s retries: 16 ports: - "8080:8080" volumes: - /stirling/latest/data:/usr/share/tessdata:rw - /stirling/latest/config:/configs:rw - /stirling/latest/logs:/logs:rw environment: DOCKER_ENABLE_SECURITY: "true" SECURITY_ENABLELOGIN: "true" SECURITY_OAUTH2_ENABLED: "true" SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Stirling-PDF SECURITY_OAUTH2_ISSUER: "https://accounts.google.com" # Change with any other provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point SECURITY_OAUTH2_CLIENTID: ".apps.googleusercontent.com" # Client ID from your provider SECURITY_OAUTH2_CLIENTSECRET: "" # Client Secret from your provider SECURITY_OAUTH2_SCOPES: "openid,profile,email" # Expected OAuth2 Scope SECURITY_OAUTH2_USEASUSERNAME: "email" # Default is 'email'; custom fields can be used as the username SECURITY_OAUTH2_PROVIDER: "google" # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak' PUID: 1002 PGID: 1002 UMASK: "022" SYSTEM_DEFAULTLOCALE: en-US UI_APPNAME: Stirling-PDF UI_HOMEDESCRIPTION: Demo site for Stirling-PDF Latest with Security UI_APPNAMENAVBAR: Stirling-PDF Latest SYSTEM_MAXFILESIZE: "100" METRICS_ENABLED: "true" SYSTEM_GOOGLEVISIBILITY: "true" restart: on-failure:5 db: image: 'postgres:17.2-alpine' restart: on-failure:5 container_name: db ports: - "5432:5432" environment: POSTGRES_DB: "stirling_pdf" POSTGRES_USER: "admin" POSTGRES_PASSWORD: "stirling"