Compare commits
2 Commits
f1d76714be
...
656d8d5545
Author | SHA1 | Date |
---|---|---|
Philipp Rothmann | 656d8d5545 | |
Philipp Rothmann | 04df81ea8f |
|
@ -6,3 +6,10 @@ DOMAIN=limesurvey.example.com
|
|||
#EXTRA_DOMAINS=', `www.limesurvey.example.com`'
|
||||
|
||||
LETS_ENCRYPT_ENV=production
|
||||
|
||||
ADMIN_EMAIL=admin@example.com
|
||||
ADMIN_NAME=admin
|
||||
|
||||
SECRET_DB_PASSWORD_VERSION=v1
|
||||
SECRET_DB_ROOT_PASSWORD_VERSION=v1
|
||||
SECRET_LIMESURVEY_ADMIN_PASSWORD_VERSION=v1
|
||||
|
|
58
compose.yml
58
compose.yml
|
@ -3,7 +3,7 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: martialblog/limesurvey:5.2.9-220110-apache
|
||||
image: martialblog/limesurvey:5.3.18-220530-apache
|
||||
depends_on:
|
||||
- db
|
||||
networks:
|
||||
|
@ -11,10 +11,22 @@ services:
|
|||
- internal
|
||||
environment:
|
||||
- "DB_HOST=${STACK_NAME}_db"
|
||||
- "DB_PASSWORD=secret"
|
||||
- "ADMIN_PASSWORD=foobar"
|
||||
- "DB_PASSWORD_FILE=/run/secrets/db_password"
|
||||
- ADMIN_EMAIL
|
||||
- ADMIN_NAME
|
||||
- "ADMIN_PASSWORD_FILE=/run/secrets/limesurvey_admin_password"
|
||||
- "PUBLIC_URL=https://${DOMAIN}"
|
||||
- "BASE_URL=https://${DOMAIN}"
|
||||
- "BASE_URL"
|
||||
configs:
|
||||
- source: entrypoint
|
||||
target: /usr/local/bin/custom-entrypoint.sh
|
||||
mode: 0555
|
||||
secrets:
|
||||
- db_password
|
||||
- limesurvey_admin_password
|
||||
entrypoint: /usr/local/bin/custom-entrypoint.sh
|
||||
volumes:
|
||||
- app:/var/www/html/upload/surveys
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
@ -27,6 +39,14 @@ services:
|
|||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "coop-cloud.${STACK_NAME}.version="
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/var/www/html/upload/surveys"
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 1m
|
||||
db:
|
||||
image: mysql:5.7
|
||||
networks:
|
||||
|
@ -34,15 +54,41 @@ services:
|
|||
environment:
|
||||
- "MYSQL_USER=limesurvey"
|
||||
- "MYSQL_DATABASE=limesurvey"
|
||||
- "MYSQL_PASSWORD=secret"
|
||||
- "MYSQL_ROOT_PASSWORD=secret"
|
||||
- "MYSQL_PASSWORD_FILE=/run/secrets/db_password"
|
||||
- "MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password"
|
||||
volumes:
|
||||
- mariadb:/var/lib/mysql
|
||||
secrets:
|
||||
- db_password
|
||||
- db_root_password
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: 'mkdir -p /tmp/backup/ && mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" limesurvey > /tmp/backup/backup.sql'
|
||||
backupbot.backup.post-hook: "rm -rf /tmp/backup"
|
||||
backupbot.backup.path: "/tmp/backup/"
|
||||
|
||||
volumes:
|
||||
app:
|
||||
mariadb:
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
internal:
|
||||
|
||||
configs:
|
||||
entrypoint:
|
||||
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
|
||||
file: entrypoint.sh
|
||||
|
||||
secrets:
|
||||
db_root_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
|
||||
db_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
|
||||
limesurvey_admin_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_limesurvey_admin_password_${SECRET_LIMESURVEY_ADMIN_PASSWORD_VERSION}
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -eu
|
||||
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
|
||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
local val="$def"
|
||||
|
||||
if [ "${!var:-}" ]; then
|
||||
val="${!var}"
|
||||
elif [ "${!fileVar:-}" ]; then
|
||||
val="$(< "${!fileVar}")"
|
||||
fi
|
||||
|
||||
export "$var"="$val"
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
file_env "ADMIN_PASSWORD"
|
||||
file_env "DB_PASSWORD"
|
||||
bash -c "/usr/local/bin/entrypoint.sh apache2-foreground"
|
Loading…
Reference in New Issue