Move geoip to seperate compose file
This commit is contained in:
parent
e9b65d460d
commit
e52fb2c61a
|
@ -0,0 +1,29 @@
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
volumes:
|
||||||
|
- "geoip_data:/var/lib/GeoIP"
|
||||||
|
- "app_data:/app/uploads"
|
||||||
|
|
||||||
|
worker:
|
||||||
|
volumes:
|
||||||
|
- "geoip_data:/var/lib/GeoIP"
|
||||||
|
|
||||||
|
geoip:
|
||||||
|
image: "ghcr.io/maxmind/geoipupdate:v6"
|
||||||
|
volumes:
|
||||||
|
- "geoip_data:/usr/share/GeoIP"
|
||||||
|
secrets:
|
||||||
|
- maxmind_license_key
|
||||||
|
environment:
|
||||||
|
- GEOIPUPDATE_EDITION_IDS=GeoLite2-City GeoLite2-Country
|
||||||
|
- GEOIPUPDATE_ACCOUNT_ID=${MAXMIND_ACCOUNT_ID:-}
|
||||||
|
- GEOIPUPDATE_LICENSE_KEY_FILE=/run/secrets/maxmind_license_key
|
||||||
|
- GEOIPUPDATE_FREQUENCY=72
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
maxmind_license_key:
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
geoip_data:
|
46
compose.yml
46
compose.yml
|
@ -2,15 +2,16 @@ version: "3.8"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
web:
|
web:
|
||||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-frontend"
|
image: "codeberg.org/karrot/karrot-frontend:v14.0.0"
|
||||||
configs:
|
|
||||||
- source: nginx_config
|
|
||||||
target: /etc/nginx/conf.d/default.conf
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- app
|
- app
|
||||||
environment:
|
environment:
|
||||||
- DOMAIN
|
- DOMAIN
|
||||||
- FILE_UPLOAD_MAX_SIZE
|
- FILE_UPLOAD_MAX_SIZE
|
||||||
|
- FILE_UPLOAD_DIR=/app/uploads/
|
||||||
|
- CSP_CONNECT_SRC
|
||||||
|
- LISTEN=80
|
||||||
|
- BACKEND=app:8000
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "curl", "-f", "http://localhost/"]
|
test: ["CMD", "curl", "-f", "http://localhost/"]
|
||||||
interval: 15s
|
interval: 15s
|
||||||
|
@ -34,25 +35,19 @@ services:
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
|
|
||||||
app:
|
app:
|
||||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-backend"
|
image: "codeberg.org/karrot/karrot-backend:v14.0.0"
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
- redis
|
- redis
|
||||||
configs:
|
|
||||||
- source: geoip_conf
|
|
||||||
target: /etc/GeoIP.conf
|
|
||||||
mode: 0555
|
|
||||||
secrets:
|
secrets:
|
||||||
- db_password
|
- db_password
|
||||||
- secret_key
|
- secret_key
|
||||||
- maxmind_license_key
|
|
||||||
- smtp_password
|
- smtp_password
|
||||||
- vapid_private_key
|
- vapid_private_key
|
||||||
- livekit_api_secret
|
- livekit_api_secret
|
||||||
volumes:
|
volumes:
|
||||||
- "shiv_data:/root/.shiv"
|
|
||||||
- "geoip_data:/var/lib/GeoIP"
|
- "geoip_data:/var/lib/GeoIP"
|
||||||
- "app_data:/app/uploads"
|
- "app_data:/app/uploads"
|
||||||
environment:
|
environment:
|
||||||
|
@ -66,13 +61,13 @@ services:
|
||||||
- EMAIL_BACKEND
|
- EMAIL_BACKEND
|
||||||
- EMAIL_FROM
|
- EMAIL_FROM
|
||||||
- EMAIL_REPLY_DOMAIN
|
- EMAIL_REPLY_DOMAIN
|
||||||
- FILE_UPLOAD_DIR=/app/uploads
|
- FILE_UPLOAD_DIR=/app/uploads/
|
||||||
|
- FILE_UPLOAD_USE_ACCEL_REDIRECT=true
|
||||||
- FILE_UPLOAD_MAX_SIZE
|
- FILE_UPLOAD_MAX_SIZE
|
||||||
- FORUM_BANNER_TOPIC_ID
|
- FORUM_BANNER_TOPIC_ID
|
||||||
- FORUM_DISCUSSIONS_FEED
|
- FORUM_DISCUSSIONS_FEED
|
||||||
- LISTEN_HOST=0.0.0.0
|
- LISTEN_HOST=0.0.0.0
|
||||||
- LISTEN_SERVER=uvicorn
|
- LISTEN_SERVER=uvicorn
|
||||||
- MAXMIND_ACCOUNT_ID
|
|
||||||
- MODE=prod
|
- MODE=prod
|
||||||
- POSTAL_API_KEY
|
- POSTAL_API_KEY
|
||||||
- POSTAL_API_URL
|
- POSTAL_API_URL
|
||||||
|
@ -97,6 +92,8 @@ services:
|
||||||
- MEET_LIVEKIT_ENDPOINT
|
- MEET_LIVEKIT_ENDPOINT
|
||||||
- MEET_LIVEKIT_API_KEY
|
- MEET_LIVEKIT_API_KEY
|
||||||
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
||||||
|
- MIGRATE=yes
|
||||||
|
command: server
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "curl", "-f", "http://localhost:8000/api/config/"]
|
test: ["CMD", "curl", "-f", "http://localhost:8000/api/config/"]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
|
@ -110,13 +107,11 @@ services:
|
||||||
- "backupbot.backup.path=/app/uploads"
|
- "backupbot.backup.path=/app/uploads"
|
||||||
|
|
||||||
worker:
|
worker:
|
||||||
image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-backend"
|
#image: "ghcr.io/karrot-dev/karrot-docker-images:13.0.0-backend"
|
||||||
|
image: "codeberg.org/karrot/karrot-backend:v14.0.0"
|
||||||
depends_on:
|
depends_on:
|
||||||
# shiv + geoip data gets loaded on the first run of the app
|
|
||||||
# so to ensure it's available in the worker too, we need to wait
|
|
||||||
- app
|
- app
|
||||||
volumes:
|
volumes:
|
||||||
- "shiv_data:/root/.shiv"
|
|
||||||
- "geoip_data:/var/lib/GeoIP"
|
- "geoip_data:/var/lib/GeoIP"
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
|
@ -136,7 +131,6 @@ services:
|
||||||
- EMAIL_BACKEND
|
- EMAIL_BACKEND
|
||||||
- EMAIL_FROM
|
- EMAIL_FROM
|
||||||
- EMAIL_REPLY_DOMAIN
|
- EMAIL_REPLY_DOMAIN
|
||||||
- IS_WORKER=1
|
|
||||||
- LISTEN_HOST=0.0.0.0
|
- LISTEN_HOST=0.0.0.0
|
||||||
- LISTEN_SERVER=uvicorn
|
- LISTEN_SERVER=uvicorn
|
||||||
- MODE=prod
|
- MODE=prod
|
||||||
|
@ -162,6 +156,7 @@ services:
|
||||||
- MEET_LIVEKIT_ENDPOINT
|
- MEET_LIVEKIT_ENDPOINT
|
||||||
- MEET_LIVEKIT_API_KEY
|
- MEET_LIVEKIT_API_KEY
|
||||||
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
- MEET_LIVEKIT_API_SECRET_FILE=/run/secrets/livekit_api_secret
|
||||||
|
command: worker
|
||||||
|
|
||||||
redis:
|
redis:
|
||||||
image: "redis:6-alpine"
|
image: "redis:6-alpine"
|
||||||
|
@ -199,17 +194,6 @@ services:
|
||||||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"
|
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"
|
||||||
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"
|
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"
|
||||||
backupbot.backup.path: "/var/lib/postgresql/data/"
|
backupbot.backup.path: "/var/lib/postgresql/data/"
|
||||||
|
|
||||||
|
|
||||||
configs:
|
|
||||||
nginx_config:
|
|
||||||
name: ${STACK_NAME}_nginx_config_${NGINX_CONFIG_VERSION}
|
|
||||||
file: nginx.conf.tmpl
|
|
||||||
template_driver: golang
|
|
||||||
geoip_conf:
|
|
||||||
name: ${STACK_NAME}_geoip_conf_${GEOIP_CONFIG_VERSION}
|
|
||||||
file: geoip.conf.tmpl
|
|
||||||
template_driver: golang
|
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
db_password:
|
db_password:
|
||||||
|
@ -218,9 +202,6 @@ secrets:
|
||||||
secret_key:
|
secret_key:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
|
name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
|
||||||
maxmind_license_key:
|
|
||||||
external: true
|
|
||||||
name: ${STACK_NAME}_maxmind_license_key_${SECRET_MAXMIND_LICENSE_KEY_VERSION}
|
|
||||||
smtp_password:
|
smtp_password:
|
||||||
external: true
|
external: true
|
||||||
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
||||||
|
@ -232,7 +213,6 @@ secrets:
|
||||||
name: ${STACK_NAME}_livekit_api_secret_${SECRET_LIVEKIT_API_SECRET_VERSION}
|
name: ${STACK_NAME}_livekit_api_secret_${SECRET_LIVEKIT_API_SECRET_VERSION}
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
shiv_data:
|
|
||||||
geoip_data:
|
geoip_data:
|
||||||
app_data:
|
app_data:
|
||||||
postgres_data:
|
postgres_data:
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
EditionIDs GeoLite2-City GeoLite2-Country
|
|
||||||
AccountID {{ env "MAXMIND_ACCOUNT_ID" }}
|
|
||||||
LicenseKey {{ secret "maxmind_license_key" }}
|
|
Loading…
Reference in New Issue