Merge pull request 'Use updated docker images' (#10) from change/use-new-docker-images into main
Reviewed-on: #10
This commit is contained in:
commit
83e1c78b6a
13
.env.sample
13
.env.sample
|
|
@ -2,17 +2,22 @@ TYPE=karrot
|
|||
|
||||
DOMAIN=karrot.example.com
|
||||
|
||||
COMPOSE_FILE="compose.yml"
|
||||
|
||||
SITE_NAME=karrot dev
|
||||
SITE_LOGO=https://user-images.githubusercontent.com/31616/36565633-517373a4-1821-11e8-9948-5bf6887c667e.png
|
||||
|
||||
SECRET_DB_PASSWORD_VERSION=v1
|
||||
SECRET_SECRET_KEY_VERSION=v1
|
||||
SECRET_SMTP_PASSWORD_VERSION=v1
|
||||
|
||||
# account id for maxmind (for GeoIP)
|
||||
# uncomment if using maxmind account
|
||||
# make sure to add the maxmind_license_key secret too
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.geoip.yml"
|
||||
#MAXMIND_ACCOUNT_ID=
|
||||
SECRET_MAXMIND_LICENSE_KEY_VERSION=v1
|
||||
|
||||
SITE_NAME=karrot dev
|
||||
SITE_LOGO=https://user-images.githubusercontent.com/31616/36565633-517373a4-1821-11e8-9948-5bf6887c667e.png
|
||||
|
||||
FILE_UPLOAD_MAX_SIZE=10m
|
||||
|
||||
# postal,smtp,console
|
||||
|
|
@ -48,4 +53,4 @@ EMAIL_BACKEND=console
|
|||
|
||||
SITE_URL=https://${DOMAIN}
|
||||
LETS_ENCRYPT_ENV=production
|
||||
CSRF_TRUSTED_ORIGINS=${SITE_URL}
|
||||
CSRF_TRUSTED_ORIGINS=${SITE_URL}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,31 @@
|
|||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
volumes:
|
||||
- "geoip_data:/var/lib/GeoIP"
|
||||
- "app_data:/app/uploads"
|
||||
|
||||
worker:
|
||||
volumes:
|
||||
- "geoip_data:/var/lib/GeoIP"
|
||||
|
||||
geoip:
|
||||
image: "ghcr.io/maxmind/geoipupdate:v6"
|
||||
volumes:
|
||||
- "geoip_data:/usr/share/GeoIP"
|
||||
secrets:
|
||||
- maxmind_license_key
|
||||
environment:
|
||||
- GEOIPUPDATE_EDITION_IDS=GeoLite2-City GeoLite2-Country
|
||||
- GEOIPUPDATE_ACCOUNT_ID=${MAXMIND_ACCOUNT_ID:-}
|
||||
- GEOIPUPDATE_LICENSE_KEY_FILE=/run/secrets/maxmind_license_key
|
||||
- GEOIPUPDATE_FREQUENCY=72
|
||||
|
||||
secrets:
|
||||
maxmind_license_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_maxmind_license_key_${SECRET_MAXMIND_LICENSE_KEY_VERSION}
|
||||
|
||||
volumes:
|
||||
geoip_data:
|
||||
49
compose.yml
49
compose.yml
|
|
@ -2,15 +2,16 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
web:
|
||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-frontend"
|
||||
configs:
|
||||
- source: nginx_config
|
||||
target: /etc/nginx/conf.d/default.conf
|
||||
image: "codeberg.org/karrot/karrot-frontend:v14.0.1"
|
||||
depends_on:
|
||||
- app
|
||||
environment:
|
||||
- DOMAIN
|
||||
- FILE_UPLOAD_MAX_SIZE
|
||||
- FILE_UPLOAD_DIR=/app/uploads/
|
||||
- CSP_CONNECT_SRC=${CSP_CONNECT_SRC:-}
|
||||
- LISTEN=80
|
||||
- BACKEND=app:8000
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost/"]
|
||||
interval: 15s
|
||||
|
|
@ -21,7 +22,7 @@ services:
|
|||
- internal
|
||||
- proxy
|
||||
volumes:
|
||||
- "app_data:/app/uploads"
|
||||
- "app_data:/app/uploads/"
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
|
|
@ -34,27 +35,21 @@ services:
|
|||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
|
||||
app:
|
||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-backend"
|
||||
image: "codeberg.org/karrot/karrot-backend:v14.0.1"
|
||||
networks:
|
||||
- internal
|
||||
depends_on:
|
||||
- db
|
||||
- redis
|
||||
configs:
|
||||
- source: geoip_conf
|
||||
target: /etc/GeoIP.conf
|
||||
mode: 0555
|
||||
secrets:
|
||||
- db_password
|
||||
- secret_key
|
||||
- maxmind_license_key
|
||||
- smtp_password
|
||||
- vapid_private_key
|
||||
- livekit_api_secret
|
||||
volumes:
|
||||
- "shiv_data:/root/.shiv"
|
||||
- "geoip_data:/var/lib/GeoIP"
|
||||
- "app_data:/app/uploads"
|
||||
- "app_data:/app/uploads/"
|
||||
environment:
|
||||
- CSRF_TRUSTED_ORIGINS
|
||||
- DATABASE_CONN_MAX_AGE
|
||||
|
|
@ -66,13 +61,13 @@ services:
|
|||
- EMAIL_BACKEND
|
||||
- EMAIL_FROM
|
||||
- EMAIL_REPLY_DOMAIN
|
||||
- FILE_UPLOAD_DIR=/app/uploads
|
||||
- FILE_UPLOAD_DIR=/app/uploads/
|
||||
- FILE_UPLOAD_USE_ACCEL_REDIRECT=true
|
||||
- FILE_UPLOAD_MAX_SIZE
|
||||
- FORUM_BANNER_TOPIC_ID
|
||||
- FORUM_DISCUSSIONS_FEED
|
||||
- LISTEN_HOST=0.0.0.0
|
||||
- LISTEN_SERVER=uvicorn
|
||||
- MAXMIND_ACCOUNT_ID
|
||||
- MODE=prod
|
||||
- POSTAL_API_KEY
|
||||
- POSTAL_API_URL
|
||||
|
|
@ -97,6 +92,8 @@ services:
|
|||
- MEET_LIVEKIT_ENDPOINT
|
||||
- MEET_LIVEKIT_API_KEY
|
||||
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
||||
- MIGRATE=yes
|
||||
command: server
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8000/api/config/"]
|
||||
interval: 10s
|
||||
|
|
@ -110,13 +107,10 @@ services:
|
|||
- "backupbot.backup.path=/app/uploads"
|
||||
|
||||
worker:
|
||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-backend"
|
||||
image: "codeberg.org/karrot/karrot-backend:v14.0.1"
|
||||
depends_on:
|
||||
# shiv + geoip data gets loaded on the first run of the app
|
||||
# so to ensure it's available in the worker too, we need to wait
|
||||
- app
|
||||
volumes:
|
||||
- "shiv_data:/root/.shiv"
|
||||
- "geoip_data:/var/lib/GeoIP"
|
||||
networks:
|
||||
- internal
|
||||
|
|
@ -136,7 +130,6 @@ services:
|
|||
- EMAIL_BACKEND
|
||||
- EMAIL_FROM
|
||||
- EMAIL_REPLY_DOMAIN
|
||||
- IS_WORKER=1
|
||||
- LISTEN_HOST=0.0.0.0
|
||||
- LISTEN_SERVER=uvicorn
|
||||
- MODE=prod
|
||||
|
|
@ -162,6 +155,7 @@ services:
|
|||
- MEET_LIVEKIT_ENDPOINT
|
||||
- MEET_LIVEKIT_API_KEY
|
||||
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
||||
command: worker
|
||||
|
||||
redis:
|
||||
image: "redis:6-alpine"
|
||||
|
|
@ -199,17 +193,6 @@ services:
|
|||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"
|
||||
backupbot.backup.path: "/var/lib/postgresql/data/"
|
||||
|
||||
|
||||
configs:
|
||||
nginx_config:
|
||||
name: ${STACK_NAME}_nginx_config_${NGINX_CONFIG_VERSION}
|
||||
file: nginx.conf.tmpl
|
||||
template_driver: golang
|
||||
geoip_conf:
|
||||
name: ${STACK_NAME}_geoip_conf_${GEOIP_CONFIG_VERSION}
|
||||
file: geoip.conf.tmpl
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
db_password:
|
||||
|
|
@ -218,9 +201,6 @@ secrets:
|
|||
secret_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
|
||||
maxmind_license_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_maxmind_license_key_${SECRET_MAXMIND_LICENSE_KEY_VERSION}
|
||||
smtp_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
||||
|
|
@ -232,7 +212,6 @@ secrets:
|
|||
name: ${STACK_NAME}_livekit_api_secret_${SECRET_LIVEKIT_API_SECRET_VERSION}
|
||||
|
||||
volumes:
|
||||
shiv_data:
|
||||
geoip_data:
|
||||
app_data:
|
||||
postgres_data:
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
EditionIDs GeoLite2-City GeoLite2-Country
|
||||
AccountID {{ env "MAXMIND_ACCOUNT_ID" }}
|
||||
LicenseKey {{ secret "maxmind_license_key" }}
|
||||
Loading…
Reference in New Issue