Semi-working..

.env.sample

@@ -0,0 +1,87 @@
+TYPE=loomio
+
+DOMAIN=loomio.example.com
+## Domain aliases
+#EXTRA_DOMAINS=', `www.loomio.example.com`'
+LETS_ENCRYPT_ENV=production
+
+# the number of dots in your hostname
+TLD_LENGTH=3
+# TODO 3wc: is this needed?
+
+SUPPORT_EMAIL=noreply@example.com
+SMTP_AUTH=plain
+SMTP_DOMAIN=example.com
+SMTP_SERVER=example.com
+SMTP_PORT=587
+SMTP_USERNAME=noreply@example.com
+SMTP_PASSWORD=password
+SMTP_USE_SSL=1
+# to disable SSL comment out line rather than changing to 0
+
+REPLY_HOSTNAME=loomio.example.com
+
+# helper bot is the account which welcomes people to their groups.
+HELPER_BOT_EMAIL=noreply@loomio.example.com
+RAILS_ENV=production
+
+# Number of webserver processes and threads
+# threads are per worker. See https://github.com/puma/puma
+PUMA_WORKERS=2
+MIN_THREADS=12
+MAX_THREADS=12
+
+# Force all connections to be https
+FORCE_SSL=1
+
+# Enable rate limiting on group creation, other POST actions
+USE_RACK_ATTACK=1
+
+# Send catch up email (missed yesterday) weekly
+# EMAIL_CATCH_UP_WEEKLY=1
+
+# TODO 3wc: settings from here on aren't yet included in compose.yml
+
+# subscribe on participation default for new users
+# uncomment this to change "subscribe on participation" to be false for new users
+# EMAIL_ON_PARTICIPATION_DEFAULT_FALSE=1
+
+# Uncomment these to disable features
+# FEATURES_DISABLE_CREATE_USER=1     # users must be invited
+# FEATURES_DISABLE_CREATE_GROUP=1    # users cannot create groups
+# FEATURES_DISABLE_PUBLIC_GROUPS=1   # disable /explore
+# FEATURES_DISABLE_HELP_LINK=1       # disable the help link
+# MAX_PENDING_INVITATIONS=100        # maximum unaccepted invitations a group have have
+
+# Enable search engines to index public content
+# ALLOW_ROBOTS=1
+
+# Uncomment to enable SAML SSO
+# SAML_APP_KEY=1 # just a flag, keep value as 1
+# SAML_IDP_METADATA_URL=https://saml-metadata-url-provided-by-your-SSO-provider.com/12356
+#
+# Disable login via email (usually when you have enabled SSO of some kind)
+# FEATURES_DISABLE_EMAIL_LOGIN=1
+
+# oauth providers, to let your users login using external accounts
+# FACEBOOK_APP_KEY=REPLACE
+# FACEBOOK_APP_SECRET=REPLACE
+# TWITTER_APP_KEY=REPLACE
+# TWITTER_APP_SECRET=REPLACE
+# GOOGLE_APP_KEY=REPLACE
+# GOOGLE_APP_SECRET=REPLACE
+# SLACK_APP_KEY
+# SLACK_APP_SECRET
+
+# Theme images
+# images should be a multiple of 32px tall.
+# THEME_ICON_SRC=/files/icon.png
+# THEME_APP_LOGO_SRC=/files/logo.svg
+# THEME_EMAIL_HEADER_LOGO_SRC=/files/logo_128h.png
+# THEME_EMAIL_FOOTER_LOGO_SRC=/files/logo_64h.png
+
+# used in emails. use rgb or hsl values, not hex
+# THEME_PRIMARY_COLOR=rgb(255,167,38)
+# THEME_ACCENT_COLOR=rgb(0,188,212)
+# THEME_TEXT_ON_PRIMARY_COLOR=rgb(255,255,255)
+# THEME_TEXT_ON_ACCENT_COLOR=rgb(255,255,255)

compose.yml

@@ -3,9 +3,6 @@ version: "3.8"
 services:
   app:
     image: loomio/loomio:stable
-    environment:
-      - DATABASE_URL=postgresql://postgres:password@db/loomio_production
-      - REDIS_URL=redis://redis:6379
     volumes:
       - loomio_uploads:/loomio/public/system
       - loomio_storage:/loomio/storage
@@ -18,6 +15,30 @@ services:
     depends_on:
       - db
       - redis
+    environment:
+      - DATABASE_URL=postgresql://postgres:password@db/loomio_production
+      - REDIS_URL=redis://redis:6379
+      - CANONICAL_HOST=${DOMAIN}
+      - CHANNELS_URI=wss://channels.${DOMAIN}
+      - TLD_LENGTH=${TLD_LENGTH}
+      - SUPPORT_EMAIL=${SUPPORT_EMAIL}
+      - SMTP_AUTH=${SMTP_AUTH}
+      - SMTP_DOMAIN=${SMTP_DOMAIN}
+      - SMTP_SERVER=${SMTP_SERVER}
+      - SMTP_PORT=${SMTP_PORT}
+      - SMTP_USERNAME=${SMTP_USERNAME}
+      - SMTP_PASSWORD=${SMTP_PASSWORD}
+      - SMTP_USE_SSL=${SMTP_USE_SSL}
+      - REPLY_HOSTNAME=${REPLY_HOSTNAME}
+      - HELPER_BOT_EMAIL=${HELPER_BOT_EMAIL}
+      - RAILS_ENV=${RAILS_ENV}
+      - PUMA_WORKERS=${PUMA_WORKERS}
+      - MIN_THREADS=${MIN_THREADS}
+      - MAX_THREADS=${MAX_THREADS}
+      - FORCE_SSL=${FORCE_SSL}
+      - USE_RACK_ATTACK=${USE_RACK_ATTACK}
+      - DEVISE_SECRET=uuaYZNGgeKCMqGc5pPd3seNSrvKkVO9+pAu6JvrQI4M6T395m8dLJja5qza8HaHY
+      - SECRET_COOKIE_TOKEN=uuaYZNGgeKCMqGc5pPd3seNSrvKkVO9+pAu6JvrQI4M6T395m8dLJja5qza8HaHY
     deploy:
       restart_policy:
         condition: on-failure
@@ -33,9 +54,13 @@ services:
     networks:
       - backend
     environment:
+      - CANONICAL_HOST=${DOMAIN}
       - DATABASE_URL=postgresql://postgres:password@db/loomio_production
       - REDIS_URL=redis://redis:6379
       - TASK=worker
+      - DEVISE_SECRET=uuaYZNGgeKCMqGc5pPd3seNSrvKkVO9+pAu6JvrQI4M6T395m8dLJja5qza8HaHY
+      - SECRET_COOKIE_TOKEN=uuaYZNGgeKCMqGc5pPd3seNSrvKkVO9+pAu6JvrQI4M6T395m8dLJja5qza8HaHY
+      - RAILS_ENV=${RAILS_ENV}
     volumes:
       - loomio_uploads:/loomio/public/system
       - loomio_storage:/loomio/storage
@@ -47,8 +72,8 @@ services:
     networks:
       - backend
     volumes:
-      - ./pgdata:/pgdata
+      - pgdata:/pgdata
-      - ./pgdumps:/pgdumps
+      - pgdumps:/pgdumps
     environment:
      - POSTGRES_PASSWORD=password
      - POSTGRES_DB=loomio_production
@@ -71,7 +96,7 @@ services:
   channels:
     image: loomio/loomio_channel_server
     networks:
-      - proxy
+      - backend
     depends_on:
       - redis
     environment:
@@ -88,3 +113,5 @@ volumes:
   loomio_files:
   loomio_plugins:
   loomio_import:
+  pgdata:
+  pgdumps: