From 4c2857b6e88b380ad7923b97b3db4c1eb33e4e75 Mon Sep 17 00:00:00 2001 From: Lauri Ojansivu Date: Sun, 4 Nov 2018 18:32:08 +0200 Subject: Add build scripts. --- docker-compose-postgresql.yml | 244 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 244 insertions(+) create mode 100644 docker-compose-postgresql.yml (limited to 'docker-compose-postgresql.yml') diff --git a/docker-compose-postgresql.yml b/docker-compose-postgresql.yml new file mode 100644 index 00000000..7689cc71 --- /dev/null +++ b/docker-compose-postgresql.yml @@ -0,0 +1,244 @@ +version: '2' + +# Docker: Wekan <=> MongoDB <=> ToroDB => PostgreSQL read-only mirroring +# for reporting with SQL, and accessing with any programming language, +# reporting package and Office suite that can connect to PostgreSQL. +# https://github.com/wekan/wekan-postgresql + +services: + torodb-stampede: + image: torodb/stampede:1.0.0-SNAPSHOT + networks: + - wekan-tier + links: + - postgres + - mongodb + environment: + - POSTGRES_PASSWORD + - TORODB_SETUP=true + - TORODB_SYNC_SOURCE=mongodb:27017 + - TORODB_BACKEND_HOST=postgres + - TORODB_BACKEND_PORT=5432 + - TORODB_BACKEND_DATABASE=wekan + - TORODB_BACKEND_USER=wekan + - TORODB_BACKEND_PASSWORD=wekan + - DEBUG + postgres: + image: postgres:9.6 + networks: + - wekan-tier + environment: + - POSTGRES_PASSWORD + ports: + - "15432:5432" + mongodb: + image: mongo:3.2 + networks: + - wekan-tier + ports: + - "28017:27017" + entrypoint: + - /bin/bash + - "-c" + - mongo --nodb --eval ' + var db; + while (!db) { + try { + db = new Mongo("mongodb:27017").getDB("local"); + } catch(ex) {} + sleep(3000); + }; + rs.initiate({_id:"rs1",members:[{_id:0,host:"mongodb:27017"}]}); + ' 1>/dev/null 2>&1 & + mongod --replSet rs1 + wekan: + image: quay.io/wekan/wekan + container_name: wekan-app + restart: always + networks: + - wekan-tier + ports: + - 80:8080 + environment: + - MONGO_URL=mongodb://mongodb:27017/wekan + - ROOT_URL=http://localhost + #--------------------------------------------------------------- + # == WEKAN API == + # Wekan Export Board works when WITH_API='true'. + # If you disable Wekan API, Export Board does not work. + - WITH_API=true + # Optional: Integration with Matomo https://matomo.org that is installed to your server + # The address of the server where Matomo is hosted. + # example: - MATOMO_ADDRESS=https://example.com/matomo + #- MATOMO_ADDRESS= + # The value of the site ID given in Matomo server for Wekan + # example: - MATOMO_SITE_ID=12345 + #- MATOMO_SITE_ID= + # The option do not track which enables users to not be tracked by matomo + # example: - MATOMO_DO_NOT_TRACK=false + #- MATOMO_DO_NOT_TRACK= + # The option that allows matomo to retrieve the username: + # example: MATOMO_WITH_USERNAME=true + #- MATOMO_WITH_USERNAME=false + # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. + # Setting this to false is not recommended, it also disables all other browser policy protections + # and allows all iframing etc. See wekan/server/policy.js + - BROWSER_POLICY_ENABLED=true + # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside. + #- TRUSTED_URL= + # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . + # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId + #- WEBHOOKS_ATTRIBUTES= + # Enable the OAuth2 connection + # example: OAUTH2_ENABLED=true + #- OAUTH2_ENABLED=false + # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 + # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 + # example: OAUTH2_CLIENT_ID=abcde12345 + #- OAUTH2_CLIENT_ID= + # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde + # example: OAUTH2_SECRET=54321abcde + #- OAUTH2_SECRET= + # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com + # example: OAUTH2_SERVER_URL=https://chat.example.com + #- OAUTH2_SERVER_URL= + # OAuth2 Authorization Endpoint. Example: /oauth/authorize + # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize + #- OAUTH2_AUTH_ENDPOINT= + # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo + # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo + #- OAUTH2_USERINFO_ENDPOINT= + # OAuth2 Token Endpoint. Example: /oauth/token + # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token + #- OAUTH2_TOKEN_ENDPOINT= + # LDAP_ENABLE : Enable or not the connection by the LDAP + # example : LDAP_ENABLE=true + #- LDAP_ENABLE=false + # LDAP_PORT : The port of the LDAP server + # example : LDAP_PORT=389 + #- LDAP_PORT=389 + # LDAP_HOST : The host server for the LDAP server + # example : LDAP_HOST=localhost + #- LDAP_HOST= + # LDAP_BASEDN : The base DN for the LDAP Tree + # example : LDAP_BASEDN=ou=user,dc=example,dc=org + #- LDAP_BASEDN= + # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method + # example : LDAP_LOGIN_FALLBACK=true + #- LDAP_LOGIN_FALLBACK=false + # LDAP_RECONNECT : Reconnect to the server if the connection is lost + # example : LDAP_RECONNECT=false + #- LDAP_RECONNECT=true + # LDAP_TIMEOUT : Overall timeout, in milliseconds + # example : LDAP_TIMEOUT=12345 + #- LDAP_TIMEOUT=10000 + # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds + # example : LDAP_IDLE_TIMEOUT=12345 + #- LDAP_IDLE_TIMEOUT=10000 + # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds + # example : LDAP_CONNECT_TIMEOUT=12345 + #- LDAP_CONNECT_TIMEOUT=10000 + # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search + # example : LDAP_AUTHENTIFICATION=true + #- LDAP_AUTHENTIFICATION=false + # LDAP_AUTHENTIFICATION_USERDN : The search user DN + # example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org + #- LDAP_AUTHENTIFICATION_USERDN= + # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user + # example : AUTHENTIFICATION_PASSWORD=admin + #- LDAP_AUTHENTIFICATION_PASSWORD= + # LDAP_LOG_ENABLED : Enable logs for the module + # example : LDAP_LOG_ENABLED=true + #- LDAP_LOG_ENABLED=false + # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background + # example : LDAP_BACKGROUND_SYNC=true + #- LDAP_BACKGROUND_SYNC=false + # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds + # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 + #- LDAP_BACKGROUND_SYNC_INTERVAL=100 + # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : + # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true + #- LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false + # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : + # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true + #- LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false + # LDAP_ENCRYPTION : If using LDAPS + # example : LDAP_ENCRYPTION=ssl + #- LDAP_ENCRYPTION=false + # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. + # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- + #- LDAP_CA_CERT= + # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate + # example : LDAP_REJECT_UNAUTHORIZED=true + #- LDAP_REJECT_UNAUTHORIZED=false + # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed + # example : LDAP_USER_SEARCH_FILTER= + #- LDAP_USER_SEARCH_FILTER= + # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) + # example : LDAP_USER_SEARCH_SCOPE=one + #- LDAP_USER_SEARCH_SCOPE= + # LDAP_USER_SEARCH_FIELD : Which field is used to find the user + # example : LDAP_USER_SEARCH_FIELD=uid + #- LDAP_USER_SEARCH_FIELD= + # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) + # example : LDAP_SEARCH_PAGE_SIZE=12345 + #- LDAP_SEARCH_PAGE_SIZE=0 + # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) + # example : LDAP_SEARCH_SIZE_LIMIT=12345 + #- LDAP_SEARCH_SIZE_LIMIT=0 + # LDAP_GROUP_FILTER_ENABLE : Enable group filtering + # example : LDAP_GROUP_FILTER_ENABLE=true + #- LDAP_GROUP_FILTER_ENABLE=false + # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering + # example : LDAP_GROUP_FILTER_OBJECTCLASS=group + #- LDAP_GROUP_FILTER_OBJECTCLASS= + # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : + # example : + #- LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : + # example : + #- LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : + # example : + #- LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= + # LDAP_GROUP_FILTER_GROUP_NAME : + # example : + #- LDAP_GROUP_FILTER_GROUP_NAME= + # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) + # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid + #- LDAP_UNIQUE_IDENTIFIER_FIELD= + # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 + # example : LDAP_UTF8_NAMES_SLUGIFY=false + #- LDAP_UTF8_NAMES_SLUGIFY=true + # LDAP_USERNAME_FIELD : Which field contains the ldap username + # example : LDAP_USERNAME_FIELD=username + #- LDAP_USERNAME_FIELD= + # LDAP_MERGE_EXISTING_USERS : + # example : LDAP_MERGE_EXISTING_USERS=true + #- LDAP_MERGE_EXISTING_USERS=false + # LDAP_SYNC_USER_DATA : + # example : LDAP_SYNC_USER_DATA=true + #- LDAP_SYNC_USER_DATA=false + # LDAP_SYNC_USER_DATA_FIELDMAP : + # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} + #- LDAP_SYNC_USER_DATA_FIELDMAP= + # LDAP_SYNC_GROUP_ROLES : + # example : + #- LDAP_SYNC_GROUP_ROLES= + # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP + # example : + #- LDAP_DEFAULT_DOMAIN= + + + depends_on: + - mongodb + +volumes: + mongodb: + driver: local + mongodb-dump: + driver: local + +networks: + wekan-tier: + driver: bridge -- cgit v1.2.3-1-g7c22