karrot/compose.yml

version: "3.8"

services:
  web:
    image: "codeberg.org/karrot/karrot-frontend:v14.1.0"
    depends_on:
      - app
    environment:
      - DOMAIN
      - FILE_UPLOAD_MAX_SIZE
      - FILE_UPLOAD_DIR=/app/uploads/
      - CSP_CONNECT_SRC=${CSP_CONNECT_SRC:-}
      - LISTEN=80
      - BACKEND=app:8000
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost/"]
      interval: 15s
      timeout: 3s
      retries: 2
      start_period: 15s
    networks:
      - internal
      - proxy
    volumes:
      - "app_data:/app/uploads/"
    deploy:
      update_config:
        failure_action: rollback
        order: start-first
      labels:
        - "traefik.enable=true"
        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"

  app:
    image: "codeberg.org/karrot/karrot-backend:v14.1.0"
    networks:
      - internal
    depends_on:
      - db
      - redis
    secrets:
      - db_password
      - secret_key
      - smtp_password
      - vapid_private_key
      - livekit_api_secret
    volumes:
      - "app_data:/app/uploads/"
    environment:
      - CSRF_TRUSTED_ORIGINS
      - DATABASE_CONN_MAX_AGE
      - DATABASE_HOST=db
      - DATABASE_NAME=karrot
      - DATABASE_PASSWORD_FILE=/run/secrets/db_password
      - DATABASE_PORT=5432
      - DATABASE_USER=karrot
      - EMAIL_BACKEND
      - EMAIL_FROM
      - EMAIL_REPLY_DOMAIN
      - FILE_UPLOAD_DIR=/app/uploads/
      - FILE_UPLOAD_USE_ACCEL_REDIRECT=true
      - FILE_UPLOAD_MAX_SIZE
      - FORUM_BANNER_TOPIC_ID
      - FORUM_DISCUSSIONS_FEED
      - LISTEN_HOST=0.0.0.0
      - LISTEN_SERVER=uvicorn
      - MODE=prod
      - POSTAL_API_KEY
      - POSTAL_API_URL
      - POSTAL_WEBHOOK_KEY
      - PROXY_DISCOURSE_URL
      - REDIS_DB=0
      - REDIS_HOST=redis
      - REDIS_PORT=6379
      - SECRET_KEY_FILE=/run/secrets/secret_key
      - SITE_LOGO
      - SITE_NAME
      - SITE_URL
      - SMTP_HOST
      - SMTP_PASSWORD_FILE=/run/secrets/smtp_password
      - SMTP_PORT
      - SMTP_USE_SSL
      - SMTP_USE_TLS
      - SMTP_USER
      - VAPID_ADMIN_EMAIL
      - VAPID_PUBLIC_KEY
      - VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
      - MEET_LIVEKIT_ENDPOINT
      - MEET_LIVEKIT_API_KEY
      - MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
      - MIGRATE=yes
    command: server
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/api/config/"]
      interval: 10s
      timeout: 3s
      retries: 3 
      start_period: 45s
    deploy:
      labels:
        - "coop-cloud.${STACK_NAME}.version=1.1.0+14.1.0"
        - "backupbot.backup=true"
        - "backupbot.backup.path=/app/uploads"

  worker:
    image: "codeberg.org/karrot/karrot-backend:v14.1.0"
    depends_on:
      - app
    networks:
      - internal
    secrets:
      - db_password
      - secret_key
      - smtp_password
      - vapid_private_key
      - livekit_api_secret
    environment:
      - DATABASE_CONN_MAX_AGE
      - DATABASE_HOST=db
      - DATABASE_NAME=karrot
      - DATABASE_PASSWORD_FILE=/run/secrets/db_password
      - DATABASE_PORT=5432
      - DATABASE_USER=karrot
      - EMAIL_BACKEND
      - EMAIL_FROM
      - EMAIL_REPLY_DOMAIN
      - LISTEN_HOST=0.0.0.0
      - LISTEN_SERVER=uvicorn
      - MODE=prod
      - POSTAL_API_KEY
      - POSTAL_API_URL
      - POSTAL_WEBHOOK_KEY
      - REDIS_DB=0
      - REDIS_HOST=redis
      - REDIS_PORT=6379
      - SECRET_KEY_FILE=/run/secrets/secret_key
      - SITE_LOGO
      - SITE_NAME
      - SITE_URL
      - SMTP_HOST
      - SMTP_PASSWORD_FILE=/run/secrets/smtp_password
      - SMTP_PORT
      - SMTP_USE_SSL
      - SMTP_USE_TLS
      - SMTP_USER
      - VAPID_ADMIN_EMAIL
      - VAPID_PUBLIC_KEY
      - VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
      - MEET_LIVEKIT_ENDPOINT
      - MEET_LIVEKIT_API_KEY
      - MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
    command: worker

  redis:
    image: "redis:6-alpine"
    command: ["redis-server", "--appendonly", "yes"]
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 3s
      retries: 30
    volumes:
      - "redis_data:/data"
    networks:
      - internal

  db:
    image: "postgres:14-alpine"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U karrot"]
      interval: 10s
      timeout: 3s
      retries: 30
    secrets:
      - db_password
    volumes:
      - "postgres_data:/var/lib/postgresql/data"
    networks:
      - internal
    environment:
      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
      - POSTGRES_USER=karrot
      - POSTGRES_DB=karrot
    deploy:
      labels:
        backupbot.backup: "true"
        backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"
        backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"
        backupbot.backup.path: "/var/lib/postgresql/data/"

secrets:
  db_password:
    external: true
    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
  secret_key:
    external: true
    name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
  smtp_password:
    external: true
    name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
  vapid_private_key:
    external: true
    name: ${STACK_NAME}_vapid_private_key_${SECRET_VAPID_PRIVATE_KEY_VERSION}
  livekit_api_secret:
    external: true
    name: ${STACK_NAME}_livekit_api_secret_${SECRET_LIVEKIT_API_SECRET_VERSION}

volumes:
  app_data:
  postgres_data:
  redis_data:

networks:
  proxy:
    external: true
  internal:
initial testing commit 2022-09-25 10:06:42 +00:00			`version: "3.8"`

test test 123 2022-09-25 10:26:49 +00:00			`services:`
initial testing commit 2022-09-25 10:06:42 +00:00			`web:`
Update to karrot v14.1.0 2024-04-04 22:53:03 +00:00			`image: "codeberg.org/karrot/karrot-frontend:v14.1.0"`
initial testing commit 2022-09-25 10:06:42 +00:00			`depends_on:`
fix depends_on 2023-10-19 12:59:17 +00:00			`- app`
starts up but errors out 2022-09-25 17:24:23 +00:00			`environment:`
			`- DOMAIN`
Improved nginx configuration + new images - correct URL for community proxy - allow nginx to recheck if backend was done before - new karrot beta images 2024-01-18 00:45:29 +00:00			`- FILE_UPLOAD_MAX_SIZE`
Move geoip to seperate compose file 2024-03-25 00:44:35 +00:00			`- FILE_UPLOAD_DIR=/app/uploads/`
Fixups 2024-03-25 01:02:19 +00:00			`- CSP_CONNECT_SRC=${CSP_CONNECT_SRC:-}`
Move geoip to seperate compose file 2024-03-25 00:44:35 +00:00			`- LISTEN=80`
			`- BACKEND=app:8000`
initial testing commit 2022-09-25 10:06:42 +00:00			`healthcheck:`
Improved nginx configuration + new images - correct URL for community proxy - allow nginx to recheck if backend was done before - new karrot beta images 2024-01-18 00:45:29 +00:00			`test: ["CMD", "curl", "-f", "http://localhost/"]`
fully working with e-mail support 2022-09-30 15:16:26 +00:00			`interval: 15s`
initial testing commit 2022-09-25 10:06:42 +00:00			`timeout: 3s`
fully working with e-mail support 2022-09-30 15:16:26 +00:00			`retries: 2`
Improved nginx configuration + new images - correct URL for community proxy - allow nginx to recheck if backend was done before - new karrot beta images 2024-01-18 00:45:29 +00:00			`start_period: 15s`
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
web now connects 2022-09-25 14:44:01 +00:00			`- internal`
test test 123 2022-09-25 10:26:49 +00:00			`- proxy`
initial testing commit 2022-09-25 10:06:42 +00:00			`volumes:`
Fixups 2024-03-25 01:02:19 +00:00			`- "app_data:/app/uploads/"`
test test 123 2022-09-25 10:26:49 +00:00			`deploy:`
			`update_config:`
			`failure_action: rollback`
			`order: start-first`
			`labels:`
			`- "traefik.enable=true"`
			`- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"`
			- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
			`- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"`
			`- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"`
initial testing commit 2022-09-25 10:06:42 +00:00
			`app:`
Update to karrot v14.1.0 2024-04-04 22:53:03 +00:00			`image: "codeberg.org/karrot/karrot-backend:v14.1.0"`
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
			`- internal`
initial testing commit 2022-09-25 10:06:42 +00:00			`depends_on:`
fix depends_on 2023-10-19 12:59:17 +00:00			`- db`
test test 123 2022-09-25 10:26:49 +00:00			`- redis`
wip 2023-10-19 12:41:56 +00:00			`secrets:`
			`- db_password`
			`- secret_key`
			`- smtp_password`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`- vapid_private_key`
Use livekit_api_secret 2024-01-26 00:16:53 +00:00			`- livekit_api_secret`
initial testing commit 2022-09-25 10:06:42 +00:00			`volumes:`
Fixups 2024-03-25 01:02:19 +00:00			`- "app_data:/app/uploads/"`
initial testing commit 2022-09-25 10:06:42 +00:00			`environment:`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- CSRF_TRUSTED_ORIGINS`
			`- DATABASE_CONN_MAX_AGE`
			`- DATABASE_HOST=db`
			`- DATABASE_NAME=karrot`
			`- DATABASE_PASSWORD_FILE=/run/secrets/db_password`
			`- DATABASE_PORT=5432`
			`- DATABASE_USER=karrot`
fully working with e-mail support 2022-09-30 15:16:26 +00:00			`- EMAIL_BACKEND`
			`- EMAIL_FROM`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- EMAIL_REPLY_DOMAIN`
Move geoip to seperate compose file 2024-03-25 00:44:35 +00:00			`- FILE_UPLOAD_DIR=/app/uploads/`
			`- FILE_UPLOAD_USE_ACCEL_REDIRECT=true`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- FILE_UPLOAD_MAX_SIZE`
			`- FORUM_BANNER_TOPIC_ID`
			`- FORUM_DISCUSSIONS_FEED`
test test 123 2022-09-25 10:26:49 +00:00			`- LISTEN_HOST=0.0.0.0`
			`- LISTEN_SERVER=uvicorn`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- MODE=prod`
			`- POSTAL_API_KEY`
			`- POSTAL_API_URL`
			`- POSTAL_WEBHOOK_KEY`
			`- PROXY_DISCOURSE_URL`
			`- REDIS_DB=0`
test test 123 2022-09-25 10:26:49 +00:00			`- REDIS_HOST=redis`
			`- REDIS_PORT=6379`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- SECRET_KEY_FILE=/run/secrets/secret_key`
			`- SITE_LOGO`
			`- SITE_NAME`
			`- SITE_URL`
			`- SMTP_HOST`
			`- SMTP_PASSWORD_FILE=/run/secrets/smtp_password`
			`- SMTP_PORT`
			`- SMTP_USE_SSL`
			`- SMTP_USE_TLS`
			`- SMTP_USER`
Add VAPID_ADMIN_EMAIL config 2024-01-17 19:00:14 +00:00			`- VAPID_ADMIN_EMAIL`
Add vapid keys configuration 2024-01-17 18:41:14 +00:00			`- VAPID_PUBLIC_KEY`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`- VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key`
Update recipe to Karrot v13.0.0 2024-01-25 23:53:58 +00:00			`- MEET_LIVEKIT_ENDPOINT`
			`- MEET_LIVEKIT_API_KEY`
			`- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret`
Move geoip to seperate compose file 2024-03-25 00:44:35 +00:00			`- MIGRATE=yes`
			`command: server`
initial testing commit 2022-09-25 10:06:42 +00:00			`healthcheck:`
wip 2023-10-19 12:41:56 +00:00			`test: ["CMD", "curl", "-f", "http://localhost:8000/api/config/"]`
			`interval: 10s`
initial testing commit 2022-09-25 10:06:42 +00:00			`timeout: 3s`
wip 2023-10-19 12:41:56 +00:00			`retries: 3`
fully working with e-mail support 2022-09-30 15:16:26 +00:00			`start_period: 45s`
chore: publish 0.1.0+0.1.0 release 2022-09-30 15:20:57 +00:00			`deploy:`
			`labels:`
Update to karrot v14.1.0 2024-04-04 22:53:03 +00:00			`- "coop-cloud.${STACK_NAME}.version=1.1.0+14.1.0"`
Add backup bot labels 2024-01-17 19:24:43 +00:00			`- "backupbot.backup=true"`
			`- "backupbot.backup.path=/app/uploads"`
wip 2023-10-19 12:52:51 +00:00
initial testing commit 2022-09-25 10:06:42 +00:00			`worker:`
Update to karrot v14.1.0 2024-04-04 22:53:03 +00:00			`image: "codeberg.org/karrot/karrot-backend:v14.1.0"`
initial testing commit 2022-09-25 10:06:42 +00:00			`depends_on:`
fix depends_on 2023-10-19 12:59:17 +00:00			`- app`
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
			`- internal`
wip 2023-10-19 12:41:56 +00:00			`secrets:`
			`- db_password`
			`- secret_key`
			`- smtp_password`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`- vapid_private_key`
Use livekit_api_secret 2024-01-26 00:16:53 +00:00			`- livekit_api_secret`
test test 123 2022-09-25 10:26:49 +00:00			`environment:`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- DATABASE_CONN_MAX_AGE`
entrypoint not working 2022-09-27 13:00:08 +00:00			`- DATABASE_HOST=db`
test test 123 2022-09-25 10:26:49 +00:00			`- DATABASE_NAME=karrot`
wip 2023-10-19 12:41:56 +00:00			`- DATABASE_PASSWORD_FILE=/run/secrets/db_password`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- DATABASE_PORT=5432`
			`- DATABASE_USER=karrot`
			`- EMAIL_BACKEND`
			`- EMAIL_FROM`
			`- EMAIL_REPLY_DOMAIN`
			`- LISTEN_HOST=0.0.0.0`
			`- LISTEN_SERVER=uvicorn`
			`- MODE=prod`
			`- POSTAL_API_KEY`
			`- POSTAL_API_URL`
			`- POSTAL_WEBHOOK_KEY`
			`- REDIS_DB=0`
test test 123 2022-09-25 10:26:49 +00:00			`- REDIS_HOST=redis`
			`- REDIS_PORT=6379`
Pass more environment variables to karrot 2023-10-25 09:45:52 +00:00			`- SECRET_KEY_FILE=/run/secrets/secret_key`
			`- SITE_LOGO`
			`- SITE_NAME`
			`- SITE_URL`
			`- SMTP_HOST`
			`- SMTP_PASSWORD_FILE=/run/secrets/smtp_password`
			`- SMTP_PORT`
			`- SMTP_USE_SSL`
			`- SMTP_USE_TLS`
			`- SMTP_USER`
Add VAPID_ADMIN_EMAIL config 2024-01-17 19:00:14 +00:00			`- VAPID_ADMIN_EMAIL`
Add vapid keys configuration 2024-01-17 18:41:14 +00:00			`- VAPID_PUBLIC_KEY`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`- VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key`
Update recipe to Karrot v13.0.0 2024-01-25 23:53:58 +00:00			`- MEET_LIVEKIT_ENDPOINT`
			`- MEET_LIVEKIT_API_KEY`
			`- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret`
Move geoip to seperate compose file 2024-03-25 00:44:35 +00:00			`command: worker`
Add vapid keys configuration 2024-01-17 18:41:14 +00:00
initial testing commit 2022-09-25 10:06:42 +00:00			`redis:`
			`image: "redis:6-alpine"`
			`command: ["redis-server", "--appendonly", "yes"]`
			`healthcheck:`
			`test: ["CMD", "redis-cli", "ping"]`
change healthcheck intervals 2022-09-27 16:15:50 +00:00			`interval: 10s`
initial testing commit 2022-09-25 10:06:42 +00:00			`timeout: 3s`
			`retries: 30`
			`volumes:`
			`- "redis_data:/data"`
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
			`- internal`
initial testing commit 2022-09-25 10:06:42 +00:00
entrypoint not working 2022-09-27 13:00:08 +00:00			`db:`
change port for web-app communication 2022-09-25 12:30:06 +00:00			`image: "postgres:14-alpine"`
initial testing commit 2022-09-25 10:06:42 +00:00			`healthcheck:`
			`test: ["CMD-SHELL", "pg_isready -U karrot"]`
change healthcheck intervals 2022-09-27 16:15:50 +00:00			`interval: 10s`
initial testing commit 2022-09-25 10:06:42 +00:00			`timeout: 3s`
			`retries: 30`
wip 2023-10-19 12:41:56 +00:00			`secrets:`
			`- db_password`
initial testing commit 2022-09-25 10:06:42 +00:00			`volumes:`
			`- "postgres_data:/var/lib/postgresql/data"`
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
			`- internal`
initial testing commit 2022-09-25 10:06:42 +00:00			`environment:`
wip 2023-10-19 12:41:56 +00:00			`- POSTGRES_PASSWORD_FILE=/run/secrets/db_password`
test test 123 2022-09-25 10:26:49 +00:00			`- POSTGRES_USER=karrot`
			`- POSTGRES_DB=karrot`
Add backup bot labels 2024-01-17 19:24:43 +00:00			`deploy:`
			`labels:`
			`backupbot.backup: "true"`
			`backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"`
			`backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"`
			`backupbot.backup.path: "/var/lib/postgresql/data/"`
wip 2023-10-19 12:41:56 +00:00
			`secrets:`
			`db_password:`
			`external: true`
			`name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}`
			`secret_key:`
			`external: true`
wip 2023-10-19 13:18:26 +00:00			`name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}`
wip 2023-10-19 12:41:56 +00:00			`smtp_password:`
			`external: true`
			`name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`vapid_private_key:`
Add vapid keys configuration 2024-01-17 18:41:14 +00:00			`external: true`
Fix vapid private key configuration 2024-01-17 18:49:42 +00:00			`name: ${STACK_NAME}_vapid_private_key_${SECRET_VAPID_PRIVATE_KEY_VERSION}`
Update recipe to Karrot v13.0.0 2024-01-25 23:53:58 +00:00			`livekit_api_secret:`
			`external: true`
			`name: ${STACK_NAME}_livekit_api_secret_${SECRET_LIVEKIT_API_SECRET_VERSION}`
entrypoint not working 2022-09-27 13:00:08 +00:00
initial testing commit 2022-09-25 10:06:42 +00:00			`volumes:`
			`app_data:`
			`postgres_data:`
			`redis_data:`
wip 2023-10-19 12:41:56 +00:00
test test 123 2022-09-25 10:26:49 +00:00			`networks:`
			`proxy:`
			`external: true`
			`internal:`