2020-08-14 13:22:44 +02:00
|
|
|
dnl This is a YAML template file. Simply translate it with m4 to create
|
|
|
|
dnl a standard configuration. Customizations can and should be added in .env
|
|
|
|
dnl by setting the appropriate variables.
|
|
|
|
dnl
|
|
|
|
dnl Usage:
|
|
|
|
dnl m4 docker-stack.yml.m4 > docker-stack.yml
|
|
|
|
dnl ( set -a; source .env; m4 docker-stack.yml.m4 ) > docker-stack.yml
|
|
|
|
dnl
|
|
|
|
dnl ----------------------------------------
|
|
|
|
divert(-1)dnl
|
2020-10-08 14:45:23 +02:00
|
|
|
dnl return env variable (quoted)
|
|
|
|
define(`read_env', `esyscmd(`printf "\`%s'" "$$1"')')
|
|
|
|
dnl return env variable if set; otherwise, return given alternative value
|
2020-08-14 13:22:44 +02:00
|
|
|
define(`ifenvelse', `ifelse(read_env(`$1'),, `$2', read_env(`$1'))')
|
|
|
|
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
define(`DEFAULT_DOCKER_REGISTRY', ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides))
|
|
|
|
|
|
|
|
dnl Parse image versions that can be configured through .env
|
2020-08-14 13:22:44 +02:00
|
|
|
define(`BACKEND_IMAGE',
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_BACKEND_REGISTRY', DEFAULT_DOCKER_REGISTRY)/dnl
|
|
|
|
openslides-server:dnl
|
2020-08-14 13:22:44 +02:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_BACKEND_TAG', latest))
|
|
|
|
define(`FRONTEND_IMAGE',
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_FRONTEND_REGISTRY', DEFAULT_DOCKER_REGISTRY)/dnl
|
|
|
|
openslides-client:dnl
|
2020-08-14 13:22:44 +02:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_FRONTEND_TAG', latest))
|
2020-05-28 11:40:41 +02:00
|
|
|
define(`AUTOUPDATE_IMAGE',
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_AUTOUPDATE_REGISTRY', DEFAULT_DOCKER_REGISTRY)/dnl
|
|
|
|
openslides-autoupdate:dnl
|
2020-05-28 11:40:41 +02:00
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_AUTOUPDATE_TAG', latest))
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
define(`PROXY_IMAGE',
|
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_PROXY_REGISTRY', DEFAULT_DOCKER_REGISTRY)/dnl
|
|
|
|
openslides-proxy:dnl
|
|
|
|
ifenvelse(`DOCKER_OPENSLIDES_PROXY_TAG', latest))
|
2020-08-14 13:22:44 +02:00
|
|
|
|
|
|
|
define(`PRIMARY_DB', `ifenvelse(`PGNODE_REPMGR_PRIMARY', pgnode1)')
|
|
|
|
|
|
|
|
define(`PGBOUNCER_NODELIST',
|
|
|
|
`ifelse(read_env(`PGNODE_2_ENABLED'), 1, `,pgnode2')`'dnl
|
|
|
|
ifelse(read_env(`PGNODE_3_ENABLED'), 1, `,pgnode3')')
|
|
|
|
|
|
|
|
define(`PROJECT_DIR', ifdef(`PROJECT_DIR',PROJECT_DIR,.))
|
|
|
|
define(`ADMIN_SECRET_AVAILABLE', `syscmd(`test -f 'PROJECT_DIR`/secrets/adminsecret.env')sysval')
|
|
|
|
define(`USER_SECRET_AVAILABLE', `syscmd(`test -f 'PROJECT_DIR`/secrets/usersecret.env')sysval')
|
2021-04-08 07:41:55 +02:00
|
|
|
|
|
|
|
dnl set EXTERNAL_HTTPS_PORT to 443 if EXTERNAL_HTTPS_PORT and EXTERNAL_HTTP_PORT are empty
|
|
|
|
define(
|
|
|
|
`EXTERNAL_HTTPS_PORT',
|
|
|
|
ifelse(read_env(`EXTERNAL_HTTPS_PORT')read_env(`EXTERNAL_HTTP_PORT'),,443,read_env(`EXTERNAL_HTTPS_PORT'))dnl
|
|
|
|
)
|
|
|
|
define(`EXTERNAL_HTTP_PORT',read_env(`EXTERNAL_HTTP_PORT'))
|
|
|
|
|
2020-08-14 13:22:44 +02:00
|
|
|
divert(0)dnl
|
|
|
|
dnl ----------------------------------------
|
|
|
|
# This configuration was created from a template file. Before making changes,
|
|
|
|
# please make sure that you do not have a process in place that would override
|
|
|
|
# your changes in the future. The accompanying .env file might be the correct
|
|
|
|
# place for customizations instead.
|
|
|
|
version: '3.4'
|
|
|
|
|
|
|
|
x-osserver:
|
|
|
|
&default-osserver
|
|
|
|
image: BACKEND_IMAGE
|
|
|
|
networks:
|
|
|
|
- back
|
|
|
|
x-osserver-env: &default-osserver-env
|
2020-08-15 12:59:47 +02:00
|
|
|
AUTOUPDATE_DELAY: ifenvelse(`AUTOUPDATE_DELAY', 1)
|
2020-10-02 09:57:28 +02:00
|
|
|
DEMO_USERS: "ifenvelse(`DEMO_USERS',)"
|
2020-08-15 12:59:47 +02:00
|
|
|
CONNECTION_POOL_LIMIT: ifenvelse(`CONNECTION_POOL_LIMIT', 100)
|
|
|
|
DATABASE_HOST: "ifenvelse(`DATABASE_HOST', pgbouncer)"
|
|
|
|
DATABASE_PASSWORD: "ifenvelse(`DATABASE_PASSWORD', openslides)"
|
|
|
|
DATABASE_PORT: ifenvelse(`DATABASE_PORT', 5432)
|
|
|
|
DATABASE_USER: "ifenvelse(`DATABASE_USER', openslides)"
|
2021-04-22 12:41:08 +02:00
|
|
|
MEDIAFILE_DATABASE_NAME: "read_env(`MEDIAFILE_DATABASE_NAME')"
|
|
|
|
MEDIAFILE_DATABASE_USER: "read_env(`MEDIAFILE_DATABASE_USER')"
|
|
|
|
MEDIAFILE_DATABASE_PASSWORD: "read_env(`MEDIAFILE_DATABASE_PASSWORD')"
|
|
|
|
MEDIAFILE_DATABASE_HOST: "read_env(`MEDIAFILE_DATABASE_HOST')"
|
|
|
|
MEDIAFILE_DATABASE_PORT: "read_env(`MEDIAFILE_DATABASE_PORT')"
|
|
|
|
MEDIAFILE_DATABASE_TABLENAME: "read_env(`MEDIAFILE_DATABASE_TABLENAME')"
|
2020-08-14 13:22:44 +02:00
|
|
|
DEFAULT_FROM_EMAIL: "ifenvelse(`DEFAULT_FROM_EMAIL', noreply@example.com)"
|
2020-08-15 12:59:47 +02:00
|
|
|
EMAIL_HOST: "ifenvelse(`EMAIL_HOST', postfix)"
|
|
|
|
EMAIL_HOST_PASSWORD: "ifenvelse(`EMAIL_HOST_PASSWORD',)"
|
|
|
|
EMAIL_HOST_USER: "ifenvelse(`EMAIL_HOST_USER',)"
|
|
|
|
EMAIL_PORT: ifenvelse(`EMAIL_PORT', 25)
|
2020-10-28 08:34:43 +01:00
|
|
|
EMAIL_USE_SSL: "ifenvelse(`EMAIL_USE_SSL',)"
|
|
|
|
EMAIL_USE_TLS: "ifenvelse(`EMAIL_USE_TLS',)"
|
|
|
|
EMAIL_TIMEOUT: "ifenvelse(`EMAIL_TIMEOUT',)"
|
2020-08-15 12:59:47 +02:00
|
|
|
ENABLE_ELECTRONIC_VOTING: "ifenvelse(`ENABLE_ELECTRONIC_VOTING', False)"
|
2021-02-09 16:06:44 +01:00
|
|
|
ENABLE_CHAT: "ifenvelse(`ENABLE_CHAT', False)"
|
2020-08-15 12:59:47 +02:00
|
|
|
ENABLE_SAML: "ifenvelse(`ENABLE_SAML', False)"
|
2021-04-08 07:41:55 +02:00
|
|
|
INSTANCE_DOMAIN: "ifenvelse(`INSTANCE_DOMAIN', 127.0.0.1)"
|
|
|
|
INSTANCE_URL_SCHEME: "ifenvelse(`INSTANCE_URL_SCHEME', https)"
|
2020-09-10 09:11:40 +02:00
|
|
|
JITSI_DOMAIN: "ifenvelse(`JITSI_DOMAIN',)"
|
|
|
|
JITSI_ROOM_PASSWORD: "ifenvelse(`JITSI_ROOM_PASSWORD',)"
|
|
|
|
JITSI_ROOM_NAME: "ifenvelse(`JITSI_ROOM_NAME',)"
|
2020-08-15 12:59:47 +02:00
|
|
|
OPENSLIDES_LOG_LEVEL: "ifenvelse(`OPENSLIDES_LOG_LEVEL', INFO)"
|
2020-05-28 11:40:41 +02:00
|
|
|
DJANGO_LOG_LEVEL: "ifenvelse(`DJANGO_LOG_LEVEL', INFO)"
|
2020-08-15 12:59:47 +02:00
|
|
|
REDIS_HOST: "ifenvelse(`REDIS_HOST', redis)"
|
|
|
|
REDIS_PORT: ifenvelse(`REDIS_PORT', 6379)
|
|
|
|
REDIS_SLAVE_HOST: "ifenvelse(`REDIS_SLAVE_HOST', redis-slave)"
|
|
|
|
REDIS_SLAVE_PORT: ifenvelse(`REDIS_SLAVE_PORT', 6379)
|
|
|
|
RESET_PASSWORD_VERBOSE_ERRORS: "ifenvelse(`RESET_PASSWORD_VERBOSE_ERRORS', False)"
|
2020-08-14 13:22:44 +02:00
|
|
|
x-pgnode: &default-pgnode
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
image: DEFAULT_DOCKER_REGISTRY/openslides-repmgr:latest
|
2020-08-14 13:22:44 +02:00
|
|
|
networks:
|
|
|
|
- dbnet
|
|
|
|
labels:
|
|
|
|
org.openslides.role: "postgres"
|
|
|
|
deploy:
|
|
|
|
replicas: 1
|
|
|
|
x-pgnode-env: &default-pgnode-env
|
|
|
|
REPMGR_RECONNECT_ATTEMPTS: 30
|
|
|
|
REPMGR_RECONNECT_INTERVAL: 10
|
|
|
|
REPMGR_WAL_ARCHIVE: "ifenvelse(`PGNODE_WAL_ARCHIVING', on)"
|
|
|
|
|
|
|
|
services:
|
2021-02-08 13:51:56 +01:00
|
|
|
proxy:
|
|
|
|
image: PROXY_IMAGE
|
2021-04-08 07:41:55 +02:00
|
|
|
environment:
|
|
|
|
INSTANCE_DOMAIN: "ifenvelse(`INSTANCE_DOMAIN', 127.0.0.1:443)"
|
|
|
|
`EXTERNAL_HTTP_PORT': "EXTERNAL_HTTP_PORT"
|
|
|
|
`EXTERNAL_HTTPS_PORT': "EXTERNAL_HTTPS_PORT"
|
|
|
|
ALLOWED_HOSTS: "ifenvelse(`ALLOWED_HOSTS',)"
|
2020-05-28 11:40:41 +02:00
|
|
|
networks:
|
|
|
|
- front
|
|
|
|
- back
|
|
|
|
ports:
|
2021-07-12 11:36:11 +02:00
|
|
|
ifelse(EXTERNAL_HTTP_PORT,,,- "0.0.0.0:EXTERNAL_HTTP_PORT:8000")
|
|
|
|
ifelse(EXTERNAL_HTTPS_PORT,,,- "0.0.0.0:EXTERNAL_HTTPS_PORT:8001")
|
2020-05-28 11:40:41 +02:00
|
|
|
deploy:
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
|
2020-08-14 13:22:44 +02:00
|
|
|
server:
|
|
|
|
<< : *default-osserver
|
|
|
|
environment:
|
|
|
|
<< : *default-osserver-env
|
2020-08-14 13:24:45 +02:00
|
|
|
secrets:
|
|
|
|
- django
|
2020-08-17 14:19:51 +02:00
|
|
|
ifelse(read_env(`ENABLE_SAML'), `True',- saml_cert
|
|
|
|
- saml_key
|
|
|
|
- saml_config)
|
2020-08-14 13:22:44 +02:00
|
|
|
deploy:
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
replicas: ifenvelse(`OPENSLIDES_BACKEND_SERVICE_REPLICAS', 1)
|
|
|
|
|
2020-08-14 15:35:37 +02:00
|
|
|
server-setup:
|
2020-08-14 13:22:44 +02:00
|
|
|
<< : *default-osserver
|
|
|
|
entrypoint: /usr/local/sbin/entrypoint-db-setup
|
|
|
|
environment:
|
|
|
|
<< : *default-osserver-env
|
2020-08-14 13:24:45 +02:00
|
|
|
secrets:
|
|
|
|
- django
|
2020-08-14 13:22:44 +02:00
|
|
|
ifelse(ADMIN_SECRET_AVAILABLE, 0,- os_admin)
|
|
|
|
ifelse(USER_SECRET_AVAILABLE, 0,- os_user)
|
2020-08-17 14:19:51 +02:00
|
|
|
ifelse(read_env(`ENABLE_SAML'), `True',- saml_cert
|
|
|
|
- saml_key
|
|
|
|
- saml_config)
|
2020-08-14 13:22:44 +02:00
|
|
|
|
|
|
|
client:
|
|
|
|
image: FRONTEND_IMAGE
|
|
|
|
networks:
|
2020-05-28 11:40:41 +02:00
|
|
|
- back
|
2020-08-14 13:22:44 +02:00
|
|
|
deploy:
|
|
|
|
replicas: ifenvelse(`OPENSLIDES_FRONTEND_SERVICE_REPLICAS', 1)
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
|
2020-05-28 11:40:41 +02:00
|
|
|
autoupdate:
|
|
|
|
image: AUTOUPDATE_IMAGE
|
|
|
|
environment:
|
2021-02-04 17:57:01 +01:00
|
|
|
REDIS_WRITE_HOST: redis
|
|
|
|
MESSAGE_BUS_HOST: redis-slave
|
2020-05-28 11:40:41 +02:00
|
|
|
networks:
|
|
|
|
- back
|
2021-02-04 17:57:01 +01:00
|
|
|
secrets:
|
|
|
|
- django
|
2020-05-28 11:40:41 +02:00
|
|
|
deploy:
|
|
|
|
replicas: ifenvelse(`OPENSLIDES_AUTOUPDATE_SERVICE_REPLICAS', 1)
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
|
2020-08-14 13:22:44 +02:00
|
|
|
pgnode1:
|
|
|
|
<< : *default-pgnode
|
|
|
|
environment:
|
|
|
|
<< : *default-pgnode-env
|
|
|
|
REPMGR_NODE_ID: 1
|
|
|
|
REPMGR_PRIMARY: ifelse(PRIMARY_DB, pgnode1, `# This is the primary', PRIMARY_DB)
|
|
|
|
deploy:
|
|
|
|
placement:
|
|
|
|
constraints: ifenvelse(`PGNODE_1_PLACEMENT_CONSTR', [node.labels.openslides-db == dbnode1])
|
|
|
|
volumes:
|
|
|
|
- "dbdata1:/var/lib/postgresql"
|
|
|
|
ifelse(read_env(`PGNODE_2_ENABLED'), 1, `'
|
|
|
|
pgnode2:
|
|
|
|
<< : *default-pgnode
|
|
|
|
environment:
|
|
|
|
<< : *default-pgnode-env
|
|
|
|
REPMGR_NODE_ID: 2
|
|
|
|
REPMGR_PRIMARY: ifelse(PRIMARY_DB, pgnode2, `# This is the primary', PRIMARY_DB)
|
|
|
|
deploy:
|
|
|
|
placement:
|
|
|
|
constraints: ifenvelse(`PGNODE_2_PLACEMENT_CONSTR', [node.labels.openslides-db == dbnode2])
|
|
|
|
volumes:
|
|
|
|
- "dbdata2:/var/lib/postgresql")
|
|
|
|
ifelse(read_env(`PGNODE_3_ENABLED'), 1, `'
|
|
|
|
pgnode3:
|
|
|
|
<< : *default-pgnode
|
|
|
|
environment:
|
|
|
|
<< : *default-pgnode-env
|
|
|
|
REPMGR_NODE_ID: 3
|
|
|
|
REPMGR_PRIMARY: ifelse(PRIMARY_DB, pgnode3, `# This is the primary', PRIMARY_DB)
|
|
|
|
deploy:
|
|
|
|
placement:
|
|
|
|
constraints: ifenvelse(`PGNODE_3_PLACEMENT_CONSTR', [node.labels.openslides-db == dbnode3])
|
|
|
|
volumes:
|
|
|
|
- "dbdata3:/var/lib/postgresql")
|
|
|
|
|
|
|
|
pgbouncer:
|
|
|
|
environment:
|
|
|
|
- PG_NODE_LIST=pgnode1`'PGBOUNCER_NODELIST
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
image: DEFAULT_DOCKER_REGISTRY/openslides-pgbouncer:latest
|
2020-08-14 13:22:44 +02:00
|
|
|
networks:
|
|
|
|
back:
|
|
|
|
aliases:
|
|
|
|
- db
|
|
|
|
- postgres
|
|
|
|
dbnet:
|
|
|
|
deploy:
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 10s
|
|
|
|
placement:
|
|
|
|
constraints: ifenvelse(`PGBOUNCER_PLACEMENT_CONSTR', [node.role == manager])
|
|
|
|
postfix:
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
image: DEFAULT_DOCKER_REGISTRY/openslides-postfix:latest
|
2020-08-14 13:22:44 +02:00
|
|
|
environment:
|
|
|
|
MYHOSTNAME: "ifenvelse(`POSTFIX_MYHOSTNAME', localhost)"
|
|
|
|
RELAYHOST: "ifenvelse(`POSTFIX_RELAYHOST', localhost)"
|
|
|
|
networks:
|
|
|
|
- back
|
|
|
|
deploy:
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
replicas: 1
|
|
|
|
placement:
|
|
|
|
constraints: [node.role == manager]
|
|
|
|
redis:
|
|
|
|
image: redis:alpine
|
|
|
|
networks:
|
2020-05-28 11:40:41 +02:00
|
|
|
- back
|
2020-08-14 13:22:44 +02:00
|
|
|
deploy:
|
|
|
|
replicas: 1
|
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
redis-slave:
|
|
|
|
image: redis:alpine
|
|
|
|
command: ["redis-server", "--save", "", "--slaveof", "redis", "6379"]
|
|
|
|
networks:
|
2020-05-28 11:40:41 +02:00
|
|
|
- back
|
2020-08-14 13:22:44 +02:00
|
|
|
deploy:
|
2020-05-28 11:40:41 +02:00
|
|
|
replicas: ifenvelse(`REDIS_RO_SERVICE_REPLICAS', 1)
|
2020-08-14 13:22:44 +02:00
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 5s
|
|
|
|
media:
|
Docker: Simplify image name/registry handling
For a subset of the images required by a Compose or Swarm Setup,
non-default names can be configured in .env. Originally, the names were
treated as the images' complete names, i.e., including an optional
registry domain. Using this setup, it was possible to pull the
irregularly updated auxiliary images from a default registry while, at
the same time, obtaining certain images from different registries.
Commit e225a57f97 changed this behavior. Since then, the names in .env
can only be used to change part of the image name, excluding the
registry. If a default registry is configured it is always prepended to
the given image name, breaking the original use case.
This patch removes the ability to override image names in .env.
Instead, the registry of each image can be customized.
The reasoning here is that the only common reason to change an image
name is to change its Docker registry. For example, while the default
registry may be set to default.example.com, it may be necessary to
obtain the backend image private.example.com/openslides-server. With
this patch, that would be achieved by the following configuration in
.env:
DOCKER_OPENSLIDES_BACKEND_REGISTRY="private.example.com"
For special cases, for which the images' basename must indeed be changed
as well, the template would need to be customized.
The templates are not backwards-compatible.
2021-02-24 15:42:33 +01:00
|
|
|
image: DEFAULT_DOCKER_REGISTRY/openslides-media:latest
|
2020-08-14 13:22:44 +02:00
|
|
|
environment:
|
|
|
|
- CHECK_REQUEST_URL=server:8000/check-media/
|
2020-11-05 16:19:44 +01:00
|
|
|
- CACHE_SIZE=ifenvelse(`CACHE_SIZE', 10)
|
|
|
|
- CACHE_DATA_MIN_SIZE_KB=ifenvelse(`CACHE_DATA_MIN_SIZE_KB', 0)
|
|
|
|
- CACHE_DATA_MAX_SIZE_KB=ifenvelse(`CACHE_DATA_MAX_SIZE_KB', 10240)
|
2021-04-22 12:41:08 +02:00
|
|
|
- DATABASE_NAME=read_env(`MEDIAFILE_DATABASE_NAME')
|
|
|
|
- DATABASE_TABLE=read_env(`MEDIAFILE_DATABASE_TABLENAME')
|
2020-08-14 13:22:44 +02:00
|
|
|
deploy:
|
2020-05-28 11:40:41 +02:00
|
|
|
replicas: ifenvelse(`MEDIA_SERVICE_REPLICAS', 2)
|
2020-08-14 13:22:44 +02:00
|
|
|
restart_policy:
|
|
|
|
condition: on-failure
|
|
|
|
delay: 10s
|
|
|
|
networks:
|
2020-05-28 11:40:41 +02:00
|
|
|
- back
|
2020-08-14 13:22:44 +02:00
|
|
|
# Override command to run more workers per task
|
|
|
|
# command: ["gunicorn", "-w", "4", "--preload", "-b",
|
|
|
|
# "0.0.0.0:8000", "src.mediaserver:app"]
|
2021-02-17 14:38:18 +01:00
|
|
|
ifelse(read_env(`PROMETHEUS_ENABLED'), 1, `'
|
|
|
|
prometheus:
|
|
|
|
image: ifenvelse(`DEFAULT_DOCKER_REGISTRY', openslides)/openslides-prometheus:latest
|
|
|
|
networks:
|
|
|
|
- back)
|
2020-08-14 13:22:44 +02:00
|
|
|
|
|
|
|
volumes:
|
|
|
|
dbdata1:
|
|
|
|
ifelse(read_env(`PGNODE_2_ENABLED'), 1, ` dbdata2:')
|
|
|
|
ifelse(read_env(`PGNODE_3_ENABLED'), 1, ` dbdata3:')
|
|
|
|
|
|
|
|
networks:
|
|
|
|
front:
|
|
|
|
back:
|
|
|
|
driver_opts:
|
|
|
|
encrypted: ""
|
|
|
|
dbnet:
|
|
|
|
driver_opts:
|
|
|
|
encrypted: ""
|
|
|
|
|
2020-08-14 13:24:45 +02:00
|
|
|
secrets:
|
|
|
|
django:
|
|
|
|
file: ./secrets/django.env
|
2020-08-14 13:22:44 +02:00
|
|
|
ifelse(ADMIN_SECRET_AVAILABLE, 0,os_admin:
|
|
|
|
file: ./secrets/adminsecret.env)
|
|
|
|
ifelse(USER_SECRET_AVAILABLE, 0,os_user:
|
|
|
|
file: ./secrets/usersecret.env)
|
2020-08-17 14:19:51 +02:00
|
|
|
ifelse(read_env(`ENABLE_SAML'), `True', saml_cert:
|
|
|
|
file: ./secrets/saml/sp.crt
|
|
|
|
saml_key:
|
|
|
|
file: ./secrets/saml/sp.key
|
|
|
|
saml_config:
|
|
|
|
file: ./secrets/saml/saml_settings.json)
|
2020-08-14 13:22:44 +02:00
|
|
|
|
|
|
|
# vim: set sw=2 et:
|