268 lines
7.6 KiB
YAML
268 lines
7.6 KiB
YAML
---
|
|
version: "3.8"
|
|
|
|
x-db-env: &db-env
|
|
POSTGRES_PASSWORD_FILE: /run/secrets/db_password
|
|
POSTGRES_DB: fablab_production
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_USERNAME: postgres
|
|
|
|
x-redis-env: &redis-env
|
|
REDIS_URL: redis://${STACK_NAME}_redis:6379
|
|
REDIS_HOST: ${STACK_NAME}_redis
|
|
REDIS_PORT: 6379
|
|
|
|
x-elastic-env: &elastic-env
|
|
ES_JAVA_OPTS: -Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true
|
|
|
|
|
|
x-environment: &default-env
|
|
<<: [*db-env, *redis-env]
|
|
REDIS_URL: redis://${STACK_NAME}_redis:6379
|
|
REDIS_HOST: ${STACK_NAME}_redis
|
|
REDIS_PORT: 6379
|
|
LETS_ENCRYPT_ENV: ${LETS_ENCRYPT_ENV}
|
|
RAILS_ENV: production
|
|
RACK_ENV: production
|
|
POSTGRES_HOST: ${STACK_NAME}_db
|
|
ELASTICSEARCH_HOST: ${STACK_NAME}_elasticsearch
|
|
SLOT_DURATION: ${SLOT_DURATION}
|
|
FEATURE_TOUR_DISPLAY: ${FEATURE_TOUR_DISPLAY}
|
|
DEFAULT_HOST: ${DOMAIN}
|
|
DEFAULT_PROTOCOL: http
|
|
FAB_MANAGER_LOCALE_PACK: ${FAB_MANAGER_LOCALE_PACK}
|
|
RAILS_LOCALE: ${RAILS_LOCALE}
|
|
APP_LOCALE: ${APP_LOCALE}
|
|
MOMENT_LOCALE: ${MOMENT_LOCALE}
|
|
SUMMERNOTE_LOCALE: ${SUMMERNOTE_LOCALE}
|
|
ANGULAR_LOCALE: ${ANGULAR_LOCALE}
|
|
FULLCALENDAR_LOCALE: ${FULLCALENDAR_LOCALE}
|
|
INTL_LOCALE: ${INTL_LOCALE}
|
|
INTL_CURRENCY: ${INTL_CURRENCY}
|
|
POSTGRESQL_LANGUAGE_ANALYZER: ${POSTGRESQL_LANGUAGE_ANALYZER}
|
|
TIME_ZONE: ${TIME_ZONE}
|
|
WEEK_STARTING_DAY: ${WEEK_STARTING_DAY}
|
|
D3_DATE_FORMAT: ${D3_DATE_FORMAT}
|
|
UIB_DATE_FORMAT: ${UIB_DATE_FORMAT}
|
|
EXCEL_DATE_FORMAT: ${EXCEL_DATE_FORMAT}
|
|
OPENLAB_BASE_URI: ${OPENLAB_BASE_URI}
|
|
OPENLAB_SSL_VERIFY: ${OPENLAB_SSL_VERIFY}
|
|
LOG_LEVEL: debug
|
|
RAILS_LOG_TO_STDOUT: "true"
|
|
DISK_SPACE_MB_ALERT: ${DISK_SPACE_MB_ALERT}
|
|
ADMINSYS_EMAIL: ${ADMIN_INIT_EMAIL}
|
|
ALLOW_INSECURE_HTTP: "true"
|
|
ENABLE_SENTRY: "false"
|
|
MAX_IMPORT_SIZE: ${MAX_IMPORT_SIZE}
|
|
MAX_IMAGE_SIZE: ${MAX_IMAGE_SIZE}
|
|
MAX_CAO_SIZE: ${MAX_CAO_SIZE}
|
|
MAX_SUPPORTING_DOCUMENT_FILE_SIZE: ${MAX_SUPPORTING_DOCUMENT_FILE_SIZE}
|
|
ADMIN_INIT_EMAIL: ${ADMIN_INIT_EMAIL}
|
|
SECRET_KEY_BASE_FILE: /run/secrets/secret_key_base
|
|
|
|
|
|
|
|
services:
|
|
app:
|
|
image: sleede/fab-manager:release-v6.3.44
|
|
environment: *default-env
|
|
entrypoint: /entrypoint.sh
|
|
command: ""
|
|
configs:
|
|
- source: app_entrypoint
|
|
target: /entrypoint.sh
|
|
mode: 0555
|
|
- source: database_config
|
|
target: /usr/src/app/config/database.yml
|
|
volumes:
|
|
- fabmanager_packs:/usr/src/app/public/packs
|
|
- fabmanager_uploads:/usr/src/app/public/uploads
|
|
- fabmanager_invoices:/usr/src/app/invoices
|
|
- fabmanager_payment_schedules:/usr/src/app/payment_schedules
|
|
- fabmanager_exports:/usr/src/app/exports
|
|
- fabmanager_imports:/usr/src/app/imports
|
|
- fabmanager_supporting_document_files:/usr/src/app/supporting_document_files
|
|
- fabmanager_log:/var/log/supervisor
|
|
- fabmanager_plugins:/usr/src/app/plugins
|
|
- fabmanager_accounting:/usr/src/app/accounting
|
|
- fabmanager_auth:/usr/src/app/authconfig
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
secrets:
|
|
- db_password
|
|
- secret_key_base
|
|
- admin_init_password
|
|
networks:
|
|
- proxy
|
|
- db
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
order: start-first
|
|
rollback_config:
|
|
order: start-first
|
|
restart_policy:
|
|
max_attempts: 3
|
|
condition: on-failure
|
|
window: 240s
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
|
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "coop-cloud.${STACK_NAME}.version=1.0.0+v6.3.44"
|
|
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:3000"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 15
|
|
start_period: 1m
|
|
|
|
db:
|
|
image: postgres:16.8
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
environment:
|
|
<<: *db-env
|
|
POSTGRES_HOST_AUTH_METHOD: trust
|
|
secrets:
|
|
- db_password
|
|
networks:
|
|
- db
|
|
configs:
|
|
- source: pg_backup
|
|
target: /pg_backup.sh
|
|
mode: 0555
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
order: start-first
|
|
rollback_config:
|
|
order: start-first
|
|
restart_policy:
|
|
max_attempts: 3
|
|
condition: on-failure
|
|
window: 60s
|
|
labels:
|
|
backupbot.backup: "${ENABLE_BACKUPS:-true}"
|
|
backupbot.backup.pre-hook: "/pg_backup.sh backup"
|
|
backupbot.backup.volumes.postgres_data.path: "backup.sql"
|
|
backupbot.restore.post-hook: '/pg_backup.sh restore'
|
|
healthcheck:
|
|
test: [ "CMD-SHELL", "pg_isready -d $$POSTGRES_DB -U $$POSTGRES_USER" ]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
redis:
|
|
image: redis:7.4-alpine
|
|
environment:
|
|
<<: *redis-env
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- db
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
order: start-first
|
|
rollback_config:
|
|
order: start-first
|
|
restart_policy:
|
|
max_attempts: 3
|
|
condition: on-failure
|
|
window: 60s
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
|
|
|
|
|
|
elasticsearch:
|
|
image: elasticsearch:5.6
|
|
environment:
|
|
<<: *elastic-env
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
networks:
|
|
- db
|
|
configs:
|
|
- source: elastic_search_config
|
|
target: /usr/share/elasticsearch/config/elasticsearch.yml
|
|
- source: elastic_search_log_config
|
|
target: /usr/share/elasticsearch/config/log4j2.properties.tmpl
|
|
volumes:
|
|
- elasticsearch_data:/usr/share/elasticsearch/data
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
order: start-first
|
|
rollback_config:
|
|
order: start-first
|
|
restart_policy:
|
|
max_attempts: 3
|
|
condition: on-failure
|
|
window: 60s
|
|
labels:
|
|
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
|
|
interval: 30s
|
|
timeout: 30s
|
|
retries: 3
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
db:
|
|
|
|
volumes:
|
|
fabmanager_packs:
|
|
fabmanager_uploads:
|
|
fabmanager_invoices:
|
|
fabmanager_payment_schedules:
|
|
fabmanager_exports:
|
|
fabmanager_imports:
|
|
fabmanager_supporting_document_files:
|
|
fabmanager_log:
|
|
fabmanager_plugins:
|
|
fabmanager_accounting:
|
|
fabmanager_auth:
|
|
postgres_data:
|
|
redis_data:
|
|
elasticsearch_data:
|
|
|
|
secrets:
|
|
db_password:
|
|
external: true
|
|
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
|
secret_key_base:
|
|
external: true
|
|
name: ${STACK_NAME}_secret_key_base_${SECRET_SECRET_KEY_BASE_VERSION}
|
|
admin_init_password:
|
|
external: true
|
|
name: ${STACK_NAME}_admin_init_password_${SECRET_ADMIN_INIT_PASSWORD_VERSION}
|
|
|
|
configs:
|
|
app_entrypoint:
|
|
name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION}
|
|
file: entrypoint.sh.tmpl
|
|
template_driver: golang
|
|
database_config:
|
|
name: ${STACK_NAME}_database_config_${DATABASE_CONFIG_VERSION}
|
|
file: database_config.yml.tmpl
|
|
template_driver: golang
|
|
elastic_search_config:
|
|
name: ${STACK_NAME}_elastic_search_config_config_${ELASTIC_SEARCH_CONFIG_VERSION}
|
|
file: elasticsearch.yml.tmpl
|
|
template_driver: golang
|
|
elastic_search_log_config:
|
|
name: ${STACK_NAME}_elastic_search_log_config_config_${ELASTIC_SEARCH_LOG_CONFIG_VERSION}
|
|
file: log4j2.properties.tmpl
|
|
template_driver: golang
|
|
pg_backup:
|
|
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
|
|
file: pg_backup.sh |