Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 ivanminutillo
|
073c4f3c5f | ||
 mayel
|
6c5e6c64ea | ||
|
mayel
|
257918125f | ||
 flancian
|
a81c2123d1 |
+14
-4
@@ -6,8 +6,15 @@ APP_VERSION=latest
|
||||
|
||||
# choose what extra services you want to run
|
||||
COMPOSE_FILE="compose.yml:compose.meilisearch.yml"
|
||||
# Enable this one for Postgres tuning (recommended, but only once your instance already is deployed and working):
|
||||
# COMPOSE_FILE="compose.yml:postgres/compose.postgres.tune.yml:compose.meilisearch.yml"
|
||||
|
||||
# To use Sonic instead of Meilisearch as the search backend:
|
||||
# COMPOSE_FILE="compose.yml:compose.sonic.yml"
|
||||
|
||||
# Enable `compose.mail.yml` to set secrets for sending emails (remember to also include your chosen search backend's compose file):
|
||||
# COMPOSE_FILE="compose.yml:compose.mail.yml"
|
||||
|
||||
# Enable `compose.postgres.tune.yml` for Postgres tuning (can only be enabled *after* your instance already is deployed and working) (and remember to also include your chosen search backend and mailer's compose files)
|
||||
# COMPOSE_FILE="compose.yml:compose.postgres.tune.yml"
|
||||
|
||||
APP_VERSION_FLAVOUR=${APP_VERSION}-${FLAVOUR}
|
||||
# Different flavours/forks or architectures may require different builds of bonfire:
|
||||
@@ -62,7 +69,7 @@ LOG_LEVEL=info
|
||||
# and do not check your env file into any public git repo
|
||||
# change ALL the values:
|
||||
|
||||
# what service to use for sending out emails (eg. smtp, mailgun, none) NOTE: you should also set the corresponding keys in secrets.env
|
||||
# what service to use for sending out emails (eg. smtp, mailgun, none) NOTE: you should also set the corresponding keys below for the relevant service you choose, and uncomment the COMPOSE_FILE line for the relevant service if needed
|
||||
MAIL_BACKEND=none
|
||||
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mail.yml"
|
||||
@@ -71,6 +78,7 @@ MAIL_BACKEND=none
|
||||
# signup to an email service and edit with relevant info, see: https://docs.bonfirenetworks.org/Bonfire.Mailer.html
|
||||
# MAIL_DOMAIN=mgo.example.com
|
||||
# MAIL_KEY=xyz
|
||||
# NOTE: please add `compose.mail.yml` to COMPOSE_FILE above and use the abra secret instead of env for secrets ^
|
||||
# MAIL_FROM=admin@example.com
|
||||
# MAIL_PROJECT_ID=
|
||||
# MAIL_PRIVATE_KEY=
|
||||
@@ -90,6 +98,7 @@ MAIL_BACKEND=none
|
||||
# UPLOADS_S3_BUCKET=
|
||||
# UPLOADS_S3_ACCESS_KEY_ID=
|
||||
# UPLOADS_S3_SECRET_ACCESS_KEY=
|
||||
# TODO: please use the abra secret instead of env for secrets ^
|
||||
# UPLOADS_S3_REGION=fr-par
|
||||
# UPLOADS_S3_HOST=s3.fr-par.scw.cloud
|
||||
# UPLOADS_S3_SCHEME=https://
|
||||
@@ -148,9 +157,10 @@ WITH_AI=0
|
||||
# these secrets will be autogenerated/managed by abra and docker"
|
||||
SECRET_POSTGRES_PASSWORD_VERSION=v1
|
||||
SECRET_MEILI_MASTER_KEY_VERSION=v1
|
||||
SECRET_SONIC_PASSWORD_VERSION=v1
|
||||
SECRET_SEEDS_PW_VERSION=v1
|
||||
SECRET_LIVEBOOK_PASSWORD_VERSION=v1
|
||||
|
||||
SECRET_MAIL_KEY_VERSION=v1
|
||||
SECRET_SECRET_KEY_BASE_VERSION=v1 # length=128
|
||||
SECRET_SIGNING_SALT_VERSION=v1 # length=128
|
||||
SECRET_ENCRYPTION_SALT_VERSION=v1 # length=128
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
export APP_ENTRYPOINT_VERSION=v2
|
||||
export PG_BACKUP_VERSION=v4
|
||||
export MEILI_BACKUP_VERSION=v4
|
||||
|
||||
export SONIC_CFG_VERSION=v1
|
||||
export SONIC_ENTRYPOINT_VERSION=v1
|
||||
|
||||
@@ -4,8 +4,12 @@ services:
|
||||
app:
|
||||
secrets:
|
||||
- mail_password
|
||||
- mail_key
|
||||
|
||||
secrets:
|
||||
mail_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_mail_password_${SECRET_MAIL_PASSWORD_VERSION}
|
||||
mail_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_mail_key_${SECRET_MAIL_KEY_VERSION}
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
depends_on:
|
||||
- search
|
||||
environment:
|
||||
- SEARCH_ADAPTER=sonic
|
||||
- SONIC_HOST=${STACK_NAME}_search
|
||||
- SONIC_PORT=1491
|
||||
- SONIC_PASSWORD_FILE=/run/secrets/sonic_password
|
||||
secrets:
|
||||
- sonic_password
|
||||
|
||||
search:
|
||||
image: valeriansaliou/sonic:v1.4.9
|
||||
secrets:
|
||||
- sonic_password
|
||||
volumes:
|
||||
- "sonic-data:/var/lib/sonic/store"
|
||||
networks:
|
||||
- internal
|
||||
entrypoint: ["/docker-entrypoint.sh"]
|
||||
configs:
|
||||
- source: sonic_cfg
|
||||
target: /etc/sonic.cfg
|
||||
mode: 0444
|
||||
- source: sonic_entrypoint
|
||||
target: /docker-entrypoint.sh
|
||||
mode: 0555
|
||||
|
||||
volumes:
|
||||
sonic-data:
|
||||
|
||||
configs:
|
||||
sonic_cfg:
|
||||
name: ${STACK_NAME}_sonic_cfg_${SONIC_CFG_VERSION}
|
||||
file: sonic.cfg
|
||||
sonic_entrypoint:
|
||||
name: ${STACK_NAME}_sonic_entrypoint_${SONIC_ENTRYPOINT_VERSION}
|
||||
file: sonic_entrypoint.sh
|
||||
|
||||
secrets:
|
||||
sonic_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_sonic_password_${SECRET_SONIC_PASSWORD_VERSION}
|
||||
@@ -46,7 +46,6 @@ services:
|
||||
- MAIL_PRIVATE_KEY
|
||||
- MAIL_BASE_URI
|
||||
- MAIL_REGION
|
||||
- MAIL_SESSION_TOKEN
|
||||
- MAIL_SERVER
|
||||
- MAIL_USER
|
||||
- MAIL_PASSWORD
|
||||
|
||||
+6
-1
@@ -10,10 +10,15 @@ export SEEDS_PW=$(cat /run/secrets/seeds_pw)
|
||||
export LIVEBOOK_PASSWORD=$(cat /run/secrets/livebook_password)
|
||||
|
||||
# Only read the secret when the MAIL_PASSWORD was not set to remain backwards compatible
|
||||
if [[ -z ${MAIL_PASSWORD} ]]; then
|
||||
if [ -f /run/secrets/mail_password ] && [ -z "${MAIL_PASSWORD}" ]; then
|
||||
export MAIL_PASSWORD=$(cat /run/secrets/mail_password)
|
||||
fi
|
||||
|
||||
# Only read the secret when the MAIL_KEY was not set to remain backwards compatible
|
||||
if [ -f /run/secrets/mail_key ] && [ -z "${MAIL_KEY}" ]; then
|
||||
export MAIL_KEY=$(cat /run/secrets/mail_key)
|
||||
fi
|
||||
|
||||
echo "....Secrets have been loaded, now run $@...."
|
||||
|
||||
# This will exec the CMD from your Dockerfile
|
||||
|
||||
@@ -0,0 +1,43 @@
|
||||
# Sonic configuration
|
||||
# https://github.com/valeriansaliou/sonic/blob/master/CONFIGURATION.md
|
||||
|
||||
[server]
|
||||
log_level = "error"
|
||||
|
||||
[channel]
|
||||
inet = "0.0.0.0:1491"
|
||||
tcp_timeout = 300
|
||||
|
||||
[channel.search]
|
||||
query_limit_default = 10
|
||||
query_limit_maximum = 200
|
||||
suggest_limit_default = 5
|
||||
suggest_limit_maximum = 20
|
||||
|
||||
[store.kv]
|
||||
path = "/var/lib/sonic/store/kv/"
|
||||
retain_word_objects = 1000
|
||||
|
||||
[store.kv.pool]
|
||||
inactive_after = 1800
|
||||
|
||||
[store.kv.database]
|
||||
flush_after = 900
|
||||
compress = true
|
||||
parallelism = 2
|
||||
max_files = 100
|
||||
max_compactions = 1
|
||||
max_flushes = 1
|
||||
write_buffer = 16384
|
||||
write_ahead_log = true
|
||||
|
||||
[store.fst]
|
||||
path = "/var/lib/sonic/store/fst/"
|
||||
|
||||
[store.fst.pool]
|
||||
inactive_after = 300
|
||||
|
||||
[store.fst.graph]
|
||||
consolidate_after = 180
|
||||
max_size = 2048
|
||||
max_words = 250000
|
||||
@@ -0,0 +1,5 @@
|
||||
#!/bin/sh
|
||||
|
||||
export SONIC_CHANNEL__AUTH_PASSWORD="$(cat /run/secrets/sonic_password)"
|
||||
|
||||
exec sonic -c /etc/sonic.cfg
|
||||
Reference in New Issue
Block a user