forked from coop-cloud/mattermost
Working docker-compose.yml
This commit is contained in:
parent
0bcb3df78a
commit
d19e16630d
|
@ -0,0 +1,56 @@
|
|||
---
|
||||
kind: pipeline
|
||||
name: deploy to swarm-test.autonomic.zone
|
||||
steps:
|
||||
- name: deployment
|
||||
image: decentral1se/stack-ssh-deploy:latest
|
||||
settings:
|
||||
host: swarm-test.autonomic.zone
|
||||
stack: mattermost
|
||||
purge: true
|
||||
deploy_key:
|
||||
from_secret: drone_ssh_swarm_test
|
||||
environment:
|
||||
DOMAIN: mattermost.swarm-test.autonomic.zone
|
||||
LETS_ENCRYPT_ENV: production
|
||||
|
||||
- name: notify coopcloud-dev on failure
|
||||
image: plugins/matrix
|
||||
settings:
|
||||
homeserver: https://matrix.autonomic.zone
|
||||
roomid: "IFazIpLtxiScqbHqoa:autonomic.zone"
|
||||
userid: "@autono-bot:autonomic.zone"
|
||||
accesstoken:
|
||||
from_secret: autono_bot_access_token
|
||||
depends_on:
|
||||
- deployment
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
name: recipe release
|
||||
steps:
|
||||
- name: release a new version
|
||||
image: decentral1se/drone-abra:latest
|
||||
settings:
|
||||
command: recipe mattermost release
|
||||
deploy_key:
|
||||
from_secret: abra_bot_deploy_key
|
||||
|
||||
- name: trigger downstream builds
|
||||
image: plugins/downstream
|
||||
settings:
|
||||
server: https://drone.autonomic.zone
|
||||
token:
|
||||
from_secret: decentral1se_token
|
||||
fork: true
|
||||
repositories:
|
||||
- coop-cloud/auto-apps-json
|
||||
depends_on:
|
||||
- release a new version
|
||||
on
|
|
@ -0,0 +1,81 @@
|
|||
# Domain of service
|
||||
DOMAIN=mm.example.com
|
||||
|
||||
# Container settings
|
||||
## Timezone inside the containers. The value needs to be in the form 'Europe/Berlin'.
|
||||
## A list of these tz database names can be looked up at Wikipedia
|
||||
## https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
||||
TZ=UTC
|
||||
RESTART_POLICY=unless-stopped
|
||||
|
||||
# Postgres settings
|
||||
## Documentation for this image and available settings can be found on hub.docker.com
|
||||
## https://hub.docker.com/_/postgres
|
||||
## Please keep in mind this will create a superuser and it's recommended to use a less privileged
|
||||
## user to connect to the database.
|
||||
## A guide on how to change the database user to a nonsuperuser can be found in docs/creation-of-nonsuperuser.md
|
||||
POSTGRES_IMAGE_TAG=13-alpine
|
||||
POSTGRES_DATA_PATH=./volumes/db/var/lib/postgresql/data
|
||||
|
||||
POSTGRES_USER=mmuser
|
||||
POSTGRES_PASSWORD=mmuser_password
|
||||
POSTGRES_DB=mattermost
|
||||
|
||||
# Nginx
|
||||
## The nginx container will use a configuration found at the NGINX_MATTERMOST_CONFIG. The config aims
|
||||
## to be secure and uses a catch-all server vhost which will work out-of-the-box. For additional settings
|
||||
## or changes ones can edit it or provide another config. Important note: inside the container, nginx sources
|
||||
## every config file inside */etc/nginx/conf.d* ending with a *.conf* file extension.
|
||||
|
||||
## Inside the container the uid and gid is 101. The folder owner can be set with
|
||||
## `sudo chown -R 101:101 ./nginx` if needed.
|
||||
NGINX_IMAGE_TAG=alpine
|
||||
|
||||
## The folder containing server blocks and any additional config to nginx.conf
|
||||
NGINX_CONFIG_PATH=./nginx/conf.d
|
||||
NGINX_DHPARAMS_FILE=./nginx/dhparams4096.pem
|
||||
|
||||
CERT_PATH=./volumes/web/cert/cert.pem
|
||||
KEY_PATH=./volumes/web/cert/key-no-password.pem
|
||||
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
|
||||
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
|
||||
#KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem
|
||||
|
||||
## Exposed ports to the host. Inside the container 80 and 443 will be used
|
||||
HTTPS_PORT=443
|
||||
HTTP_PORT=80
|
||||
|
||||
# Mattermost settings
|
||||
## Inside the container the uid and gid is 2000. The folder owner can be set with
|
||||
## `sudo chown -R 2000:2000 ./volumes/app/mattermost`.
|
||||
MATTERMOST_CONFIG_PATH=./volumes/app/mattermost/config
|
||||
MATTERMOST_DATA_PATH=./volumes/app/mattermost/data
|
||||
MATTERMOST_LOGS_PATH=./volumes/app/mattermost/logs
|
||||
MATTERMOST_PLUGINS_PATH=./volumes/app/mattermost/plugins
|
||||
MATTERMOST_CLIENT_PLUGINS_PATH=./volumes/app/mattermost/client/plugins
|
||||
|
||||
## This will be 'mattermost-enterprise-edition' or 'mattermost-team-edition' based on the version of Mattermost you're installing.
|
||||
MATTERMOST_IMAGE=mattermost-enterprise-edition
|
||||
MATTERMOST_IMAGE_TAG=5.39
|
||||
|
||||
## Make Mattermost container readonly. This interferes with the regeneration of root.html inside the container. Only use
|
||||
## it if you know what you're doing.
|
||||
## See https://github.com/mattermost/docker/issues/18
|
||||
MATTERMOST_CONTAINER_READONLY=false
|
||||
|
||||
## The app port is only relevant for using Mattermost without the nginx container as reverse proxy. This is not meant
|
||||
## to be used with the internal HTTP server exposed but rather in case one wants to host several services on one host
|
||||
## or for using it behind another existing reverse proxy.
|
||||
APP_PORT=8065
|
||||
|
||||
## Configuration settings for Mattermost. Documentation on the variables and the settings itself can be found at
|
||||
## https://docs.mattermost.com/administration/config-settings.html
|
||||
## Keep in mind that variables set here will take precedence over the same setting in config.json. This includes
|
||||
## the system console as well and settings set with env variables will be greyed out.
|
||||
|
||||
## Below one can find necessary settings to spin up the Mattermost container
|
||||
MM_SQLSETTINGS_DRIVERNAME=postgres
|
||||
MM_SQLSETTINGS_DATASOURCE=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?sslmode=disable&connect_timeout=10
|
||||
|
||||
## Example settings (any additional setting added here also needs to be introduced in the docker-compose.yml)
|
||||
MM_SERVICESETTINGS_SITEURL=https://${DOMAIN}
|
|
@ -0,0 +1,8 @@
|
|||
TYPE=mattermost
|
||||
|
||||
DOMAIN=mattermost.example.com
|
||||
|
||||
## Domain aliases
|
||||
#EXTRA_DOMAINS=', `www.mattermost.example.com`'
|
||||
LETS_ENCRYPT_ENV=production
|
||||
on
|
|
@ -0,0 +1,6 @@
|
|||
.envrc
|
||||
.env
|
||||
reference
|
||||
deploy.sh
|
||||
run.sh
|
||||
.idea
|
|
@ -0,0 +1,78 @@
|
|||
version: "3.8"
|
||||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:${POSTGRES_IMAGE_TAG}
|
||||
restart: ${RESTART_POLICY}
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
tmpfs:
|
||||
- /tmp
|
||||
- /var/run/postgresql
|
||||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
environment:
|
||||
# timezone inside container
|
||||
- TZ
|
||||
|
||||
# necessary Postgres options/variables
|
||||
- POSTGRES_USER
|
||||
- POSTGRES_PASSWORD
|
||||
- POSTGRES_DB
|
||||
networks:
|
||||
- internal
|
||||
|
||||
mattermost:
|
||||
image: mattermost/${MATTERMOST_IMAGE}:${MATTERMOST_IMAGE_TAG}
|
||||
restart: ${RESTART_POLICY}
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
read_only: ${MATTERMOST_CONTAINER_READONLY}
|
||||
tmpfs:
|
||||
- /tmp
|
||||
volumes:
|
||||
- mattermost_config:/mattermost/config:rw
|
||||
- mattermost_data:/mattermost/data:rw
|
||||
- mattermost_logs:/mattermost/logs:rw
|
||||
- mattermost_plugins:/mattermost/plugins:rw
|
||||
- mattermost_client_plugins:/mattermost/client/plugins:rw
|
||||
environment:
|
||||
# timezone inside container
|
||||
- TZ
|
||||
|
||||
# necessary Mattermost options/variables (see env.example)
|
||||
- MM_SQLSETTINGS_DRIVERNAME
|
||||
- MM_SQLSETTINGS_DATASOURCE
|
||||
|
||||
# additional settings
|
||||
- MM_SERVICESETTINGS_SITEURL
|
||||
ports:
|
||||
- ${APP_PORT}:8065
|
||||
networks:
|
||||
- proxy
|
||||
- internal
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
internal:
|
||||
|
||||
volumes:
|
||||
postgres_data:
|
||||
mattermost_config:
|
||||
mattermost_data:
|
||||
mattermost_logs:
|
||||
mattermost_plugins:
|
||||
mattermost_client_plugins:
|
||||
|
Loading…
Reference in New Issue