clean up files, merge some entrypoints, add psql backup, add some healthchecks

.env.sample

@@ -1,5 +1,5 @@
 TYPE=taiga
-#TIMEOUT=900
+TIMEOUT=900
 ENABLE_AUTO_UPDATE=true
 ENABLE_BACKUPS=true
 
@@ -23,14 +23,18 @@ WEBSOCKETS_SCHEME=wss  # events connection protocol (use either "ws" or "wss")
 SECRET_TAIGA_SECRET_VERSION=v1
 SECRET_POSTGRES_PASSWORD_VERSION=v1
 SECRET_RABBITMQ_PASSWORD_VERSION=v1
+POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
+TAIGA_SECRET_KEY_FILE=/run/secrets/taiga_secret
+RABBITMQ_PASS_FILE=/run/secrets/rabbitmq_password
+
 
 # Taiga's Database settings - Variables to create the Taiga database and connect to it
 POSTGRES_USER=taiga  # user to connect to PostgreSQL
-POSTGRES_HOST=taiga
-POSTGRES_DB=taiga-db
+POSTGRES_HOST=db
+POSTGRES_DB=taiga
 
 # Taiga's SMTP settings - Variables to send Taiga's emails to the users
-EMAIL_BACKEND=console  # use an SMTP server or display the emails in the console (either "smtp" or "console")
+EMAIL_BACKEND=console # use an SMTP server or display the emails in the console (either "smtp" or "console")
 EMAIL_HOST=smtp.host.example.com  # SMTP server address
 EMAIL_PORT=587   # default SMTP port
 EMAIL_HOST_USER=user  # user to connect the SMTP server

abra.sh

@@ -3,7 +3,6 @@
 
 export NGINX_CONF_VERSION=v1
 export TAIGA_ENTRYPOINT_VERSION=v1
-export TAIGA_ASYNC_ENTRYPOINT_VERSION=v1
 export TAIGA_EVENTS_ENTRYPOINT_VERSION=v1
-export TAIGA_PROTECTED_ENTRYPOINT_VERSION=v1
 export CREATE_SUPERUSER_VERSION=v1
+export PG_BACKUP_VERSION=v1

compose.yml

@@ -1,36 +1,18 @@
-x-environment:
-  &default-back-environment
-  - POSTGRES_DB=taiga
-  - POSTGRES_USER=${POSTGRES_USER}
-  - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
-  - POSTGRES_HOST=taiga-db
-  # Taiga settings
-  - TAIGA_SECRET_KEY_FILE=/run/secrets/taiga_secret
-  - TAIGA_SITES_SCHEME=${TAIGA_SCHEME}
-  - TAIGA_SITES_DOMAIN=${TAIGA_DOMAIN}
-  - TAIGA_SUBPATH=${SUBPATH}
-  # Email settings.
-  - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
-  - DEFAULT_FROM_EMAIL=${EMAIL_DEFAULT_FROM}
-  - EMAIL_USE_TLS=${EMAIL_USE_TLS}
-  - EMAIL_USE_SSL=${EMAIL_USE_SSL}
-  - EMAIL_HOST=${EMAIL_HOST}
-  - EMAIL_PORT=${EMAIL_PORT}
-  - EMAIL_HOST_USER=${EMAIL_HOST_USER}
-  - EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD}
-  # Rabbitmq settings
-  - RABBITMQ_USER=${RABBITMQ_USER}
-  - RABBITMQ_PASS_FILE=/run/secrets/rabbitmq_password
-  # Telemetry settings
-  - ENABLE_TELEMETRY=${ENABLE_TELEMETRY}
-  # Django superuser
-  - DJANGO_SUPERUSER_USERNAME=${DJANGO_SUPERUSER_USERNAME}
-  - DJANGO_SUPERUSER_PASSWORD=${DJANGO_SUPERUSER_PASSWORD}
-  - DJANGO_SUPERUSER_EMAIL=${DJANGO_SUPERUSRE_EMAIL}
-  
+version: "3.8"
+
 services: 
-  taiga-db:
+  db:
     image: postgres:12.3
+    deploy:
+      labels:
+        backupbot.backup: "${ENABLE_BACKUPS:-true}"
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
+        backupbot.backup.volumes.db.path: "backup.sql"
+        backupbot.restore.post-hook: '/pg_backup.sh restore'
+    configs:
+      - source: pg_backup
+        target: /pg_backup.sh
+        mode: 0555
     secrets:
       - postgres_password
     environment:
@@ -46,15 +28,39 @@ services:
     volumes:
       - taiga-db-data:/var/lib/postgresql/data
     networks:
-      - taiga
+      - internal
 
-  taiga-back:
+  app:
     image: taigaio/taiga-back:latest
     secrets:
       - taiga_secret
       - postgres_password
       - rabbitmq_password
-    environment: *default-back-environment
+    environment:
+      - POSTGRES_DB
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD_FILE
+      - POSTGRES_HOST
+      - TAIGA_SECRET_KEY_FILE
+      - TAIGA_SITES_SCHEME=${TAIGA_SCHEME}
+      - TAIGA_SITES_DOMAIN=${TAIGA_DOMAIN}
+      - TAIGA_SUBPATH=${SUBPATH}
+      - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
+      - EMAIL_DEFAULT_FROM
+      - EMAIL_USE_TLS
+      - EMAIL_USE_SSL
+      - EMAIL_HOST
+      - EMAIL_PORT
+      - EMAIL_HOST_USER
+      - EMAIL_HOST_PASSWORD
+      - RABBITMQ_USER
+      - RABBITMQ_PASS_FILE
+      - ENABLE_TELEMETRY
+      - DJANGO_SUPERUSER_USERNAME
+      - DJANGO_SUPERUSER_PASSWORD
+      - DJANGO_SUPERUSER_EMAIL
+      - ENTRYPOINT=/taiga-back/docker/entrypoint.sh
+    hostname: "taiga-back"
     configs:
       - source: taiga_entrypoint
         target: /custom-entrypoint.sh
@@ -67,27 +73,65 @@ services:
       - taiga-static-data:/taiga-back/static
       - taiga-media-data:/taiga-back/media
     networks:
-      - taiga
+      - internal
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+      labels:
+        - "coop-cloud.${STACK_NAME}.version=13.0.1+32.0.3-fpm"
+        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
+    healthcheck:
+      test: ["CMD-SHELL", "python -m http.client -c 'GET /api/v1/' -H 'Host: localhost' || exit 1"]      
+      interval: 30s
+      timeout: 10s
+      retries: 10
+      start_period: 1m
+    
 
-  taiga-back-async:
+  app-async:
     image: taigaio/taiga-back:latest
     configs: 
-      - source: taiga_async_entrypoint
-        target: /custom-async-entrypoint.sh
+      - source: taiga_entrypoint
+        target: /custom-entrypoint.sh
         mode: 0555
-    entrypoint: /custom-async-entrypoint.sh
+    entrypoint: /custom-entrypoint.sh
+    hostname: "taiga-back-async"
     secrets:
       - taiga_secret
       - postgres_password
       - rabbitmq_password
-    environment: *default-back-environment
+    environment:
+      - POSTGRES_DB
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD_FILE
+      - POSTGRES_HOST
+      - TAIGA_SECRET_KEY_FILE
+      - TAIGA_SITES_SCHEME=${TAIGA_SCHEME}
+      - TAIGA_SITES_DOMAIN=${TAIGA_DOMAIN}
+      - TAIGA_SUBPATH=${SUBPATH}
+      - EMAIL_BACKEND=django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend
+      - EMAIL_DEFAULT_FROM
+      - EMAIL_USE_TLS
+      - EMAIL_USE_SSL
+      - EMAIL_HOST
+      - EMAIL_PORT
+      - EMAIL_HOST_USER
+      - EMAIL_HOST_PASSWORD
+      - RABBITMQ_USER
+      - RABBITMQ_PASS_FILE
+      - ENABLE_TELEMETRY
+      - DJANGO_SUPERUSER_USERNAME
+      - DJANGO_SUPERUSER_PASSWORD
+      - DJANGO_SUPERUSER_EMAIL
+      - ENTRYPOINT=/taiga-back/docker/async_entrypoint.sh
     volumes:
       - taiga-static-data:/taiga-back/static
       - taiga-media-data:/taiga-back/media
     networks:
-      - taiga
+      - internal
      
-  taiga-async-rabbitmq:
+  rabbitmq-async:
     image: rabbitmq:3.8-management-alpine
     secrets:
       - rabbitmq_password
@@ -100,7 +144,7 @@ services:
     volumes:
       - taiga-async-rabbitmq-data:/var/lib/rabbitmq
     networks:
-      - taiga
+      - internal
 
   taiga-front:
     image: taigaio/taiga-front:latest
@@ -109,11 +153,11 @@ services:
       - TAIGA_WEBSOCKETS_URL=${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}
       - TAIGA_SUBPATH=${SUBPATH}
     networks:
-      - taiga
+      - internal
     # volumes:
     #   - ./conf.json:/usr/share/nginx/html/conf.json
 
-  taiga-events:
+  events:
     image: taigaio/taiga-events:latest
     configs: 
       - source: taiga_events_entrypoint
@@ -124,13 +168,14 @@ services:
       - taiga_secret
       - rabbitmq_password
     environment:
-      - RABBITMQ_USER=${RABBITMQ_USER}
-      - RABBITMQ_PASS_FILE=/run/secrets/rabbitmq_password
-      - TAIGA_SECRET_KEY_FILE=/run/secrets/taiga_secret
+      - RABBITMQ_USER
+      - RABBITMQ_PASS_FILE
+      - TAIGA_SECRET_KEY_FILE
+      - ENTRYPOINT=/taiga-events/docker/entrypoint.sh
     networks:
-      - taiga 
+      - internal 
 
-  taiga-events-rabbitmq:
+  rabbitmq:
     image: rabbitmq:3.8-management-alpine
     secrets:
       - rabbitmq_password
@@ -143,24 +188,32 @@ services:
     volumes:
       - taiga-events-rabbitmq-data:/var/lib/rabbitmq
     networks:
-      - taiga
+      - internal
+    healthcheck:
+      test: rabbitmq-diagnostics -q ping
+      interval: 30s
+      timeout: 10s
+      retries: 10
+      start_period: 1m
 
   taiga-protected:
     image: taigaio/taiga-protected:latest
     configs:
-      - source: taiga_protected_entrypoint
-        target: /custom-protected-entrypoint.sh
+      - source: taiga_entrypoint
+        target: /custom-entrypoint.sh
         mode: 0555
-    entrypoint: /custom-protected-entrypoint.sh
+    entrypoint: /custom-entrypoint.sh
     secrets:
       - taiga_secret
     environment:
+      - POSTGRES_HOST
       - MAX_AGE=${ATTACHMENTS_MAX_AGE}
-      - SECRET_KEY_FILE=/run/secrets/taiga_secret
+      - SECRET_KEY_FILE=${TAIGA_SECRET_KEY_FILE}
+      - ENTRYPOINT=/taiga-protected/docker/entrypoint.sh
     networks:
-      - taiga
+      - internal
 
-  taiga-gateway:
+  web:
     image: nginx:1.19-alpine
     configs:
       - source: nginx_conf
@@ -170,7 +223,7 @@ services:
       - taiga-media-data:/taiga/media
     networks:
       - proxy
-      - taiga 
+      - internal 
     deploy:
       restart_policy:
         condition: on-failure
@@ -184,6 +237,12 @@ services:
         - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true" 
+    healthcheck:
+      test: curl -f taiga-back:8000/api/v1/ || exit 1 
+      interval: 30s
+      timeout: 10s
+      retries: 10
+      start_period: 1m
 
 secrets:
   taiga_secret:
@@ -199,28 +258,23 @@ secrets:
 configs:
   nginx_conf:
     name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION}
-    file: ./taiga-gateway/taiga.backup.conf
+    file: nginx.conf
     template_driver: golang
   taiga_entrypoint:
     name: ${STACK_NAME}_taiga_entrypoint_${TAIGA_ENTRYPOINT_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
-  taiga_async_entrypoint:
-    name: ${STACK_NAME}_taiga_async_entrypoint_${TAIGA_ASYNC_ENTRYPOINT_VERSION}
-    file: entrypoint-async.sh.tmpl
-    template_driver: golang
   taiga_events_entrypoint:
     name: ${STACK_NAME}_taiga_events_entrypoint_${TAIGA_EVENTS_ENTRYPOINT_VERSION}
     file: entrypoint-events.sh.tmpl
     template_driver: golang
-  taiga_protected_entrypoint:
-    name: ${STACK_NAME}_taiga_protected_entrypoint_${TAIGA_PROTECTED_ENTRYPOINT_VERSION}
-    file: entrypoint-protected.sh.tmpl
-    template_driver: golang
   create_superuser:
     name: ${STACK_NAME}_create_superuser_${CREATE_SUPERUSER_VERSION}
     file: create-superuser.sh.tmpl
     template_driver: golang
+  pg_backup:
+    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
+    file: pg_backup.sh
 
 volumes:
   taiga-static-data:
@@ -230,6 +284,6 @@ volumes:
   taiga-events-rabbitmq-data:
 
 networks:
-  taiga:
+  internal:
   proxy:
     external: true

create-superuser.sh

@@ -1,13 +0,0 @@
-#!/bin/sh
-set -e
-
-echo "Waiting for Taiga Back..."
-until curl -sf http://taiga-back:8000/api/v1/ >/dev/null; do sleep 3; done
-
-python manage.py shell <<EOF
-from django.contrib.auth import get_user_model
-User = get_user_model()
-if not User.objects.filter(username="admin").exists():
-    User.objects.create_superuser("admin","admin@example.com","adminpassword")
-EOF
-

entrypoint-async.sh.tmpl

@@ -1,32 +0,0 @@
-#!/bin/bash
-
-set -e
-
-file_env() {
-   local var="$1"
-   local fileVar="${var}_FILE"
-   local def="${2:-}"
-
-   if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
-      echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-      exit 1
-   fi
-
-   local val="$def"
-
-   if [ "${!var:-}" ]; then
-      val="${!var}"
-   elif [ "${!fileVar:-}" ]; then
-      val="$(< "${!fileVar}")"
-   fi
-
-   export "$var"="$val"
-   unset "$fileVar"
-}
-
-echo "Giving the db container some time to come up"; sleep 30
-file_env "POSTGRES_PASSWORD"
-file_env "RABBITMQ_PASS"
-file_env "TAIGA_SECRET_KEY"
-echo "Listing all env vars"; printenv
-/taiga-back/docker/async_entrypoint.sh

entrypoint-protected.sh.tmpl

@@ -1,29 +0,0 @@
-#!/bin/bash
-
-set -e
-
-file_env() {
-   local var="$1"
-   local fileVar="${var}_FILE"
-   local def="${2:-}"
-
-   if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
-      echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-      exit 1
-   fi
-
-   local val="$def"
-
-   if [ "${!var:-}" ]; then
-      val="${!var}"
-   elif [ "${!fileVar:-}" ]; then
-      val="$(< "${!fileVar}")"
-   fi
-
-   export "$var"="$val"
-   unset "$fileVar"
-}
-
-file_env "SECRET_KEY"
-echo "Listing all env vars"; printenv
-/taiga-protected/docker/entrypoint.sh

entrypoint.sh.tmpl

@@ -24,10 +24,26 @@ file_env() {
    unset "$fileVar"
 }
 
-echo "Giving the db container some time to come up"; sleep 30
 file_env "POSTGRES_PASSWORD"
 file_env "RABBITMQ_PASS"
-file_env "TAIGA_SECRET_KEY"
-echo "Listing all env vars"; printenv
 
-/taiga-back/docker/entrypoint.sh
+# these two should be the same.. for some reason
+# the naming is different in the services
+file_env "TAIGA_SECRET_KEY"
+file_env "SECRET_KEY"
+
+
+echo "Waiting for Postgres..."
+TIMEOUT=30
+i=0
+until (echo > /dev/tcp/$POSTGRES_HOST/5432) 2>/dev/null; do
+  i=$((i+1))
+  if [ $i -ge $TIMEOUT ]; then
+    echo "Postgres did not start within $TIMEOUT seconds."
+    exit 1
+  fi
+  sleep 1
+done
+echo "Postgres is ready!"
+
+"$ENTRYPOINT" "$@"

nginx.conf

@@ -12,7 +12,6 @@ server {
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Scheme $scheme;
     }
-
     # API
     location /api/ {
         proxy_pass http://taiga-back:8000/api/;
@@ -63,7 +62,7 @@ server {
 
     # Events
     location /events {
-        proxy_pass http://taiga-events:8888/events;
+        proxy_pass http://events:8888/events;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";

pg_backup.sh

@@ -0,0 +1,34 @@
+!/bin/bash
+
+set -e
+
+BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
+
+function backup {
+  export PGPASSWORD=$(cat /run/secrets/postgres_password)
+  pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
+}
+
+function restore {
+    cd /var/lib/postgresql/data/
+    restore_config(){
+        # Restore allowed connections
+        cat pg_hba.conf.bak > pg_hba.conf
+        su postgres -c 'pg_ctl reload'
+    }
+    # Don't allow any other connections than local
+    cp pg_hba.conf pg_hba.conf.bak
+    echo "local all all trust" > pg_hba.conf
+    su postgres -c 'pg_ctl reload'
+    trap restore_config EXIT INT TERM
+
+    # Recreate Database
+    psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" 
+    createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
+    psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
+
+    trap - EXIT INT TERM
+    restore_config
+}
+
+$@

taiga-gateway/taiga.conf

@@ -1,78 +0,0 @@
-server {
-    listen 80 default_server;
-
-    client_max_body_size 100M;
-    charset utf-8;
-    # Frontend
-    location / {
-        proxy_pass http://taiga-front/;
-        proxy_pass_header Server;
-        proxy_set_header Host $http_host;
-        proxy_redirect off;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Scheme $scheme;
-	add_header Access-Control-Allow-Origin *;
-    }
-
-    # API
-    location /api/ {
-        proxy_pass http://taiga-back:8000/api/;
-        proxy_pass_header Server;
-        proxy_set_header Host $http_host;
-        proxy_redirect off;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Scheme $scheme;
-	add_header Access-Control-Allow-Origin *;
-    }
-
-    # Admin
-    location /admin/ {
-        proxy_pass http://taiga-back:8000/admin/;
-        proxy_pass_header Server;
-        proxy_set_header Host $http_host;
-        proxy_redirect off;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Scheme $scheme;
-	add_header Access-Control-Allow-Origin *;
-    }
-
-    # Static
-    location /static/ {
-        alias /taiga/static/;
-    }
-
-    # Media
-    location /_protected/ {
-        internal;
-        alias /taiga/media/;
-        add_header Content-disposition "attachment";
-    }
-
-    # Unprotected section
-    location /media/exports/ {
-        alias /taiga/media/exports/;
-        add_header Content-disposition "attachment";
-    }
-
-    location /media/ {
-        proxy_set_header Host $http_host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Scheme $scheme;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_pass http://taiga-protected:8003/;
-        proxy_redirect off;
-    }
-
-    # Events
-    location /events {
-        proxy_pass http://taiga-events:8888/events;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_connect_timeout 7d;
-        proxy_send_timeout 7d;
-        proxy_read_timeout 7d;
-	add_header Access-Control-Allow-Origin *;
-    }
-}

working-compose.yml

@@ -1,171 +0,0 @@
-x-environment:
-  &default-back-environment
-  # These environment variables will be used by taiga-back and taiga-async.
-  # Database settings
-  POSTGRES_DB: "taiga"
-  POSTGRES_USER: "${POSTGRES_USER}"
-  POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
-  POSTGRES_HOST: "taiga-db"
-  # Taiga settings
-  TAIGA_SECRET_KEY: "${SECRET_KEY}"
-  TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
-  TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
-  TAIGA_SUBPATH: "${SUBPATH}"
-  # Email settings.
-  EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
-  DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
-  EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
-  EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
-  EMAIL_HOST: "${EMAIL_HOST}"
-  EMAIL_PORT: "${EMAIL_PORT}"
-  EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
-  EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
-  # Rabbitmq settings
-  RABBITMQ_USER: "${RABBITMQ_USER}"
-  RABBITMQ_PASS: "${RABBITMQ_PASS}"
-  # Telemetry settings
-  ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
-  # ...your customizations go here
-
-x-volumes:
-  &default-back-volumes
-  # These volumens will be used by taiga-back and taiga-async.
-  - taiga-static-data:/taiga-back/static
-  - taiga-media-data:/taiga-back/media
-  # - ./config.py:/taiga-back/settings/config.py
-
-services:
-  taiga-db:
-    image: postgres:12.3
-    environment:
-      POSTGRES_DB: "taiga"
-      POSTGRES_USER: "${POSTGRES_USER}"
-      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
-      interval: 2s
-      timeout: 15s
-      retries: 5
-      start_period: 3s
-    volumes:
-      - taiga-db-data:/var/lib/postgresql/data
-    networks:
-      - taiga
-
-  taiga-back:
-    image: taigaio/taiga-back:latest
-    environment: *default-back-environment
-    volumes: *default-back-volumes
-    networks:
-      - taiga
-    depends_on:
-      taiga-db:
-        condition: service_healthy
-      taiga-events-rabbitmq:
-        condition: service_started
-      taiga-async-rabbitmq:
-        condition: service_started
-
-  taiga-async:
-    image: taigaio/taiga-back:latest
-    entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
-    environment: *default-back-environment
-    volumes: *default-back-volumes
-    networks:
-      - taiga
-    depends_on:
-      taiga-db:
-        condition: service_healthy
-      taiga-events-rabbitmq:
-        condition: service_started
-      taiga-async-rabbitmq:
-        condition: service_started
-
-  taiga-async-rabbitmq:
-    image: rabbitmq:3.8-management-alpine
-    environment:
-      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
-      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
-      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
-      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
-    hostname: "taiga-async-rabbitmq"
-    volumes:
-      - taiga-async-rabbitmq-data:/var/lib/rabbitmq
-    networks:
-      - taiga
-
-  taiga-front:
-    image: taigaio/taiga-front:latest
-    environment:
-      TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
-      TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
-      TAIGA_SUBPATH: "${SUBPATH}"
-      # ...your customizations go here
-    networks:
-      - taiga
-    # volumes:
-    #   - ./conf.json:/usr/share/nginx/html/conf.json
-
-  taiga-events:
-    image: taigaio/taiga-events:latest
-    environment:
-      RABBITMQ_USER: "${RABBITMQ_USER}"
-      RABBITMQ_PASS: "${RABBITMQ_PASS}"
-      TAIGA_SECRET_KEY: "${SECRET_KEY}"
-    networks:
-      - taiga
-    depends_on:
-      taiga-events-rabbitmq:
-        condition: service_started
-
-  taiga-events-rabbitmq:
-    image: rabbitmq:3.8-management-alpine
-    environment:
-      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
-      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
-      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
-      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
-    hostname: "taiga-events-rabbitmq"
-    volumes:
-      - taiga-events-rabbitmq-data:/var/lib/rabbitmq
-    networks:
-      - taiga
-
-  taiga-protected:
-    image: taigaio/taiga-protected:latest
-    environment:
-      MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
-      SECRET_KEY: "${SECRET_KEY}"
-    networks:
-      - taiga
-
-  taiga-gateway:
-    image: nginx:1.19-alpine
-    ports:
-      - "9000:80"
-    configs:
-      - source: taiga_conf
-        target: /etc/nginx/conf.d/default.conf
-    volumes:
-      - taiga-static-data:/taiga/static
-      - taiga-media-data:/taiga/media
-    networks:
-      - taiga
-    depends_on:
-      - taiga-front
-      - taiga-back
-      - taiga-events
-configs:
-  taiga_conf:
-    name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION}
-    file: ./taiga-gateway/taiga.conf
-      #    template_driver: golang
-volumes:
-  taiga-static-data:
-  taiga-media-data:
-  taiga-db-data:
-  taiga-async-rabbitmq-data:
-  taiga-events-rabbitmq-data:
-
-networks:
-  taiga: