-
Notifications
You must be signed in to change notification settings - Fork 13
/
docker-compose-prod.yml
92 lines (84 loc) · 4.79 KB
/
docker-compose-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# Add this file to extend the docker compose setup, e.g.:
# docker compose -f docker-compose-prod.yml --env-file .env.prod up -d --build --force-recreate
services:
app_prod:
build:
context: .
target: production
environment:
# Add the address of the database host, so that mindwendel can find the database, e.g. an ip address or a reference to another service in the docker-compose file
DATABASE_HOST: ${DOCKER_COMPOSE_APP_PROD_DATABASE_HOST:-postgres_prod}
# Add the database name that mindwendel should use, e.g. in this case we created and named the database `mindwendel_prod`
DATABASE_NAME: ${DOCKER_COMPOSE_APP_PROD_DATABASE_NAME:?}
# Add the port of the database host (default is 5432)
DATABASE_PORT: ${DOCKER_COMPOSE_APP_PROD_DATABASE_PORT:-5432}
# for non local setups, ssl should be set to true!
DATABASE_SSL: ${DOCKER_COMPOSE_APP_PROD_DATABASE_SSL:-true}
# Add the credentials for the database user that mindwendel should use to access the database
# NOTE: The database user should have read and write permissions
DATABASE_USER_PASSWORD: ${DOCKER_COMPOSE_APP_PROD_DATABASE_USER_PASSWORD:?}
DATABASE_USER: ${DOCKER_COMPOSE_APP_PROD_DATABASE_USER:?}
MW_DEFAULT_LOCALE: ${DOCKER_COMPOSE_APP_PROD_MW_DEFAULT_LOCALE:-en}
MW_FEATURE_BRAINSTORMING_REMOVAL_AFTER_DAYS: ${DOCKER_COMPOSE_APP_PROD_MW_FEATURE_BRAINSTORMING_REMOVAL_AFTER_DAYS:-30}
MW_FEATURE_BRAINSTORMING_TEASER: ${DOCKER_COMPOSE_APP_PROD_MW_FEATURE_BRAINSTORMING_TEASER:-true}
MW_FEATURE_IDEA_FILE_UPLOAD: ${DOCKER_COMPOSE_APP_PROD_MW_FEATURE_IDEA_FILE_UPLOAD:-true}
# Variables for s3 file storage
OBJECT_STORAGE_BUCKET: mindwendel
OBJECT_STORAGE_SCHEME: "https://"
OBJECT_STORAGE_HOST: minio
OBJECT_STORAGE_PORT: 9000
OBJECT_STORAGE_REGION: local
OBJECT_STORAGE_USER: ${DOCKER_COMPOSE_APP_PROD_OBJECT_STORAGE_USER}
OBJECT_STORAGE_PASSWORD: $DOCKER_COMPOSE_APP_PROD_OBJECT_STORAGE_PASSWORD}
VAULT_ENCRYPTION_KEY_BASE64: ${DOCKER_COMPOSE_APP_PROD_VAULT_ENCRYPTION_KEY_BASE64}
# Add a secret key base for mindwendel for encrypting the use session
# NOTE: There are multiple commands you can use to generate a secret key base. Pick one command you like.
# E.g. `date +%s | sha256sum | base64 | head -c 64 ; echo`
# See https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/
SECRET_KEY_BASE: ${DOCKER_COMPOSE_APP_PROD_SECRET_KEY_BASE:?}
# Add the url host that points to this mindwendel installation.
# This is used by mindwendel to generate urls with the right host throughout the app.
URL_HOST: ${DOCKER_COMPOSE_APP_PROD_URL_HOST:?}
URL_PORT: ${DOCKER_COMPOSE_APP_PROD_URL_PORT:-443}
URL_SCHEME: ${DOCKER_COMPOSE_APP_URL_SCHEME:-https}
# This env var defines to what port the phoeinx (cowboy) server should listen to.
# Given that we are target port is 4000 (see below) it likely that the phoenix server should also listen to this port 4000.
MW_ENDPOINT_HTTP_PORT: ${DOCKER_COMPOSE_APP_MW_ENDPOINT_HTTP_PORT:-4000}
ports:
- "${DOCKER_COMPOSE_APP_PROD_PORT_PUBLISHED:-4000}:${DOCKER_COMPOSE_APP_PROD_PORT_TARGET:-4000}"
depends_on:
- postgres_prod
minio:
image: minio/minio
container_name: minio
ports:
- "9000:9000"
- "9001:9001"
environment:
MINIO_ROOT_USER: ${DOCKER_COMPOSE_MINIO_PROD_USER}
MINIO_ROOT_PASSWORD: ${DOCKER_COMPOSE_MINIO_PROD_PASSWORD}
volumes:
- ~/minio/data:/data
command: server /data --console-address ":9001"
# If you do not have another postgres database service in this docker-compose, you can add this postgres service.
# Note: Please use other credentials when using this in production.
postgres_prod:
image: postgres:15
# Pass config parameters to the postgres server.
# Find more information below when you need to generate the ssl-relevant file your self
command: -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
environment:
PGDATA: /var/lib/postgresql/data/pgdata
POSTGRES_DB: ${DOCKER_COMPOSE_POSTGRES_PROD_DB}
POSTGRES_PASSWORD: ${DOCKER_COMPOSE_POSTGRES_PROD_PASSWORD}
POSTGRES_PORT: ${DOCKER_COMPOSE_POSTGRES_PROD_PORT:-5432}
POSTGRES_USER: ${DOCKER_COMPOSE_POSTGRES_PROD_USER}
volumes:
# To setup an ssl-enabled postgres server locally, you need to generate a self-signed ssl certificate.
# See README.md for more information.
# Mount the ssl_cert_file and ssl_key_file into the docker container.
- ./ca/server.crt:/var/lib/postgresql/server.crt
- ./ca/server.key:/var/lib/postgresql/server.key
- postgres_prod_data:/var/lib/postgresql/data/pgdata
volumes:
postgres_prod_data: