| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| |
| ## |
| # How to use this file: |
| # |
| # Change these settings: |
| # VIRTUAL_HOST |
| # LETSENCRYPT_HOST |
| # LETSENCRYPT_EMAIL |
| # |
| # Copy Allura/production-docker-example.ini to /allura-data/production.ini and review its contents, |
| # making changes as appropriate |
| # |
| # In comparision to the development version of docker-compose.yml, this production ready version: |
| # * only exposes ports that are necessary, limiting them to within docker, or to 127.0.0.1 |
| # * sets containers to always restart |
| # * has an nginx proxy to provide HTTPS via letsencrypt. May take a little time to configure itself |
| # * has no debugging "outmail" container, emails should go out into the real world |
| # * git-http container serves git and also proxies back to the "web" container |
| ## |
| |
| version: "2.1" |
| services: |
| web: |
| build: . |
| image: allura-web # default in Compose 2+, makes work in Compose 1.x |
| environment: &env |
| # PATH=/allura-data/virtualenv/bin:$PATH doesn't work; see https://github.com/docker/compose/issues/650 |
| - PATH=/allura-data/virtualenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| expose: |
| - "8080" |
| volumes: &volumes |
| - .:/allura # Allura source code from local host |
| - ${LOCAL_SHARED_DATA_ROOT:-./allura-data}:/allura-data # for virtualenv, scm repos, etc |
| links: |
| - mongo |
| - solr |
| # see http://docs.gunicorn.org/en/latest/settings.html#workers |
| command: gunicorn --paste /allura-data/production.ini --workers 4 --threads 6 --timeout 90 -b :8088 |
| restart: always |
| |
| taskd: |
| image: allura-web |
| working_dir: /allura/Allura |
| environment: *env |
| command: paster taskd /allura-data/production.ini |
| volumes: *volumes |
| links: |
| - mongo |
| - solr |
| restart: always |
| |
| # This is a single-purpose container that does not auto-restart, good for running commands like: |
| # docker-compose run --rm oneoff paster ensure_index /allura-data/production.ini |
| oneoff: |
| image: allura-web |
| working_dir: /allura/Allura |
| environment: *env |
| volumes: *volumes |
| command: ls /dev/null |
| links: |
| - mongo |
| |
| solr: |
| image: solr:6-alpine # alpine is a very small distro base |
| expose: |
| - "8983" |
| volumes: |
| - ./solr_config/allura:/opt/solr/server/solr/allura |
| - ${LOCAL_SHARED_DATA_ROOT:-./allura-data}/solr:/opt/solr/server/solr/allura/data |
| restart: always |
| |
| mongo: |
| image: mongo:4.2 |
| ports: |
| - "127.0.0.1:27017:27017" |
| volumes: |
| - ${LOCAL_SHARED_DATA_ROOT:-./allura-data}/mongo:/data/db |
| command: mongod --storageEngine wiredTiger |
| restart: always |
| |
| inmail: |
| image: allura-web |
| working_dir: /allura/Allura |
| environment: *env |
| volumes: *volumes |
| command: paster smtp_server /allura-data/production.ini |
| ports: |
| - "127.0.0.1:8825:8825" |
| links: |
| - mongo |
| restart: always |
| |
| git-http: |
| build: scm_config/git-http/ |
| expose: |
| - "80" |
| volumes: *volumes |
| links: |
| - mongo |
| - web |
| restart: always |
| environment: |
| VIRTUAL_HOST: allura-vm2.apache.org |
| LETSENCRYPT_HOST: allura-vm2.apache.org |
| LETSENCRYPT_EMAIL: dave@brondsema.net |
| |
| # References for how we set up the nginx-proxy and letsencrypt-nginx-proxy-companion containers |
| # https://github.com/dataminelab/docker-jenkins-nginx-letsencrypt |
| # https://github.com/dmitrym0/simple-lets-encrypt-docker-compose-sample/blob/master/docker-compose.yml |
| nginx-proxy: |
| image: jwilder/nginx-proxy |
| ports: |
| - "80:80" |
| - "443:443" |
| volumes: |
| # you can add configuration to nginx/vhost.d/default like "client_max_body_size 100m;" to avoid 413 Request Entity Too Large on large git pushes |
| - "./nginx/vhost.d:/etc/nginx/vhost.d" |
| - "./nginx/html:/usr/share/nginx/html" |
| - "./nginx/certs:/etc/nginx/certs" |
| - "/var/run/docker.sock:/tmp/docker.sock:ro" |
| restart: always |
| |
| letsencrypt-nginx-proxy-companion: |
| image: jrcs/letsencrypt-nginx-proxy-companion |
| volumes: |
| - "/var/run/docker.sock:/var/run/docker.sock:ro" |
| volumes_from: |
| - "nginx-proxy" |
| restart: always |