--- version: "3.8" x-shared: zammad-service: &zammad-service environment: &zammad-environment MEMCACHE_SERVERS: zammad-memcached:11211 POSTGRESQL_DB: zammad_production POSTGRESQL_HOST: zammad-postgresql POSTGRESQL_USER: zammad POSTGRESQL_PASS_FILE: /run/secrets/db_password POSTGRESQL_PORT: 5432 POSTGRESQL_OPTIONS: ?pool=50 POSTGRESQL_DB_CREATE: REDIS_URL: redis://zammad-redis:6379 TZ: "${TZ:-Europe/Berlin}" # Allow passing in these variables via .env: AUTOWIZARD_JSON: AUTOWIZARD_RELATIVE_PATH: ELASTICSEARCH_ENABLED: ELASTICSEARCH_HOST: ELASTICSEARCH_PORT: ELASTICSEARCH_SCHEMA: ELASTICSEARCH_NAMESPACE: ELASTICSEARCH_REINDEX: ELASTICSEARCH_SSL_VERIFY: ELASTICSEARCH_USER: ELASTICSEARCH_PASS: NGINX_PORT: NGINX_SERVER_NAME: NGINX_SERVER_SCHEME: https RAILS_TRUSTED_PROXIES: ZAMMAD_WEB_CONCURRENCY: ZAMMAD_SESSION_JOBS: ZAMMAD_PROCESS_SCHEDULED: ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: PRODUCT_NAME: ORGANIZATION: LOCALE: ADMIN_EMAIL: SMTP_HOST: SMTP_LOGIN: SMTP_PORT: DOMAIN: SSO_PROVIDER_DOMAIN: IDP_SSO_TARGET_URL: IDP_SLO_SERVICE_URL: image: ghcr.io/zammad/zammad:6.5.0-34 deploy: restart_policy: condition: on-failure volumes: - zammad-storage:/opt/zammad/storage depends_on: - zammad-memcached - zammad-postgresql - zammad-redis entrypoint: /custom-entrypoint.sh configs: - source: entrypoint target: /custom-entrypoint.sh mode: 0555 - source: auto_wizard target: /opt/zammad/contrib/auto_wizard.json secrets: - db_password - smtp_password - admin_password services: zammad-elasticsearch: image: elasticsearch:8.18.0 deploy: restart_policy: condition: on-failure resources: limits: memory: 4G reservations: memory: 2G volumes: - elasticsearch-data:/usr/share/elasticsearch/data environment: discovery.type: single-node xpack.security.enabled: 'false' ES_JAVA_OPTS: -Xms1g -Xmx1g healthcheck: #test: TODO interval: 30s timeout: 10s retries: 10 start_period: 5m zammad-init: <<: *zammad-service command: ["zammad-init"] depends_on: - zammad-postgresql user: 0:0 zammad-memcached: command: memcached -m 256M image: memcached:1.6.38-alpine healthcheck: test: 'echo "version" | nc -vn -w 1 127.0.0.1 11211' interval: 30s timeout: 10s retries: 10 start_period: 5m deploy: restart_policy: condition: on-failure app: <<: *zammad-service command: ["zammad-nginx"] #expose: # - 8080 #ports: # - "8080:8080" depends_on: - zammad-railsserver networks: - proxy - default deploy: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8080" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - "coop-cloud.${STACK_NAME}.version=3.0.0+6.5.0-34" - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}" healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080"] interval: 30s timeout: 10s retries: 10 start_period: 5m zammad-postgresql: image: postgres:15.7-alpine environment: POSTGRES_DB: zammad_production POSTGRES_USER: zammad POSTGRES_PASSWORD_FILE: /run/secrets/db_password deploy: restart_policy: condition: on-failure labels: backupbot.backup: "${ENABLE_BACKUPS:-true}" backupbot.backup.pre-hook: "/pg_backup.sh backup" backupbot.backup.volumes.postgresql-data.path: "backup.sql" backupbot.restore.post-hook: "/pg_backup.sh restore" backupbot.backup.volumes.elasticsearch-data: "false" backupbot.backup.volumes.redis-data: "false" volumes: - postgresql-data:/var/lib/postgresql/data configs: - source: pg_backup target: /pg_backup.sh mode: 0555 secrets: - db_password healthcheck: test: ["CMD", "pg_isready", "-U", "zammad"] interval: 30s timeout: 10s retries: 10 start_period: 2m zammad-railsserver: <<: *zammad-service command: ["zammad-railsserver"] healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000"] interval: 30s timeout: 10s retries: 10 start_period: 5m zammad-redis: image: redis:7.4.3-alpine deploy: restart_policy: condition: on-failure volumes: - redis-data:/data healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] interval: 30s timeout: 10s retries: 10 start_period: 1m zammad-scheduler: <<: *zammad-service command: ["zammad-scheduler"] healthcheck: test: 'grep -a "background-worker.rb" -r /proc/[0-9]*/cmdline' interval: 30s timeout: 10s retries: 10 start_period: 5m zammad-websocket: <<: *zammad-service command: ["zammad-websocket"] healthcheck: test: 'ruby -rsocket -e "s = TCPSocket.new(''localhost'', 6042); s.close"' interval: 30s timeout: 10s retries: 10 start_period: 5m volumes: elasticsearch-data: postgresql-data: redis-data: zammad-storage: networks: default: proxy: external: true configs: entrypoint: name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION} file: entrypoint.sh auto_wizard: name: ${STACK_NAME}_auto_wizard_${AUTO_WIZARD_VERSION} file: auto_wizard.json.tmpl template_driver: golang pg_backup: name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION} file: pg_backup.sh secrets: db_password: external: true name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION} smtp_password: external: true name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION} admin_password: external: true name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}