From 6c851a37ab5dba08ae0ea8746f2764ec608aa89d Mon Sep 17 00:00:00 2001 From: Roxie Gibson Date: Wed, 10 Nov 2021 11:22:37 +0000 Subject: [PATCH] initial commit --- .env.sample | 16 +++++++++++ compose.yml | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++ init-data.sh | 13 +++++++++ 3 files changed, 107 insertions(+) create mode 100644 .env.sample create mode 100644 compose.yml create mode 100644 init-data.sh diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..a202dd1 --- /dev/null +++ b/.env.sample @@ -0,0 +1,16 @@ +TYPE=n8n + +DOMAIN=n8n.example.com + +## Domain aliases +#EXTRA_DOMAINS=', `www.n8n.example.com`' +LETS_ENCRYPT_ENV=production + +POSTGRES_USER=changeUser +POSTGRES_DB=n8n +POSTGRES_NON_ROOT_USER=changeUser +N8N_BASIC_AUTH_USER=changeserU + +SECRET_DB_NON_ROOT_PASSWORD_VERSION=v1 +SECRET_DB_PASSWORD_VERSION=v1 +SECRET_ADMIN_PASSWORD_VERSION=v1 \ No newline at end of file diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..d1bc3b2 --- /dev/null +++ b/compose.yml @@ -0,0 +1,78 @@ +--- + +version: '3.8' + +services: + db: + image: postgres:11 + restart: always + networks: + - internal_network + environment: + - POSTGRES_USER=root + - POSTGRES_PASSWORD=test + # - POSTGRES_PASSWORD_FILE=/run/secrets/db_password + - POSTGRES_DB=n8n + # - POSTGRES_NON_ROOT_USER + # volumes: + # - ./init-data.sh:/docker-entrypoint-initdb.d/init-data.sh + + n8n: + image: n8nio/n8n + restart: always + environment: + - DB_TYPE=postgresdb + - DB_POSTGRESDB_HOST=db + - DB_POSTGRESDB_PORT=5432 + - DB_POSTGRESDB_DATABASE=n8n #${POSTGRES_DB} + - DB_POSTGRESDB_USER=root #${POSTGRES_NON_ROOT_USER} + - DB_POSTGRESDB_PASSWORD=test + # - DB_POSTGRESDB_PASSWORD_FILE=/run/secrets/db_password + - N8N_BASIC_AUTH_ACTIVE=true + - N8N_BASIC_AUTH_USER=test + - N8N_BASIC_AUTH_PASSWORD=test + # - N8N_BASIC_AUTH_PASSWORD_FILE=/run/secrets/admin_password + ports: + - 5678:5678 + networks: + - proxy + - internal_network + volumes: + - n8n:/home/node/.n8n + # Wait 5 seconds to start n8n to make sure that PostgreSQL is ready + # when n8n tries to connect to it + command: /bin/sh -c "sleep 5; n8n start" + deploy: + update_config: + failure_action: rollback + order: start-first + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=5678" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" + - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" + - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" + - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" + - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" + - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" + +# secrets: +# db_non_root_password: +# external: true +# name: ${STACK_NAME}_db_non_root_password_${SECRET_DB_NON_ROOT_PASSWORD_VERSION} +# db_password: +# external: true +# name: ${STACKNAME}_db_password_${SECRET_DB_PASSWORD_VERSION} +# admin_password: +# external: true +# name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION} + +volumes: + n8n: + +networks: + proxy: + external: true + internal_network: + internal: true diff --git a/init-data.sh b/init-data.sh new file mode 100644 index 0000000..a517d5e --- /dev/null +++ b/init-data.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -e; + +POSTGRES_NON_ROOT_PASSWORD=$(cat /run/secrets/db_non_root_password) + +if [ -n "${POSTGRES_NON_ROOT_USER:-}" ] && [ -n "${POSTGRES_NON_ROOT_PASSWORD:-}" ]; then + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE USER ${POSTGRES_NON_ROOT_USER} WITH PASSWORD '${POSTGRES_NON_ROOT_PASSWORD}'; + GRANT ALL PRIVILEGES ON DATABASE ${POSTGRES_DB} TO ${POSTGRES_NON_ROOT_USER}; + EOSQL +else + echo "SETUP INFO: No Environment variables given!" +fi \ No newline at end of file