XF/envelope
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Renew with 2FA and Podman

Browse Source
This commit is contained in:
Mark Veidemanis
2025-02-07 21:53:52 +00:00
parent 906f34f3a2
commit 83a3761d17
59 changed files with 1001 additions and 861 deletions
Download Patch File Download Diff File Expand all files Collapse all files

281
docker-compose.yml
View File

@@ -9,26 +9,140 @@ services:
args:
OPERATION: ${OPERATION}
volumes:
- ${PORTAINER_GIT_DIR}:/code
- ${PORTAINER_GIT_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
- ${REPO_DIR}:/code
- ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
- ${APP_DATABASE_FILE}:/conf/db.sqlite3
- app_static:${STATIC_ROOT}
#ports:
# - "8000:8000" # uwsgi socket
env_file:
- stack.env
volumes_from:
- tmp
- type: bind
source: /code/vrun
target: /var/run
environment:
APP_PORT: "${APP_PORT}"
REPO_DIR: "${REPO_DIR}"
APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
DOMAIN: "${DOMAIN}"
URL: "${URL}"
ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
DEBUG: "${DEBUG}"
SECRET_KEY: "${SECRET_KEY}"
STATIC_ROOT: "${STATIC_ROOT}"
REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
OPERATION: "${OPERATION}"
depends_on:
# redis:
# condition: service_healthy
redis:
condition: service_healthy
migration:
condition: service_started
collectstatic:
condition: service_started
networks:
- default
- xf
# deploy:
# resources:
# limits:
# cpus: '0.1'
# memory: 0.25G
#network_mode: host
signal-cli-rest-api:
image: bbernhard/signal-cli-rest-api:latest
container_name: signal
environment:
- MODE=normal #supported modes: json-rpc, native, normal
- AUTO_RECEIVE_SCHEDULE=0 22 * * *
# ports:
# - "8080:8080"
volumes:
- "./signal-cli-config:/home/.local/share/signal-cli"
processing:
image: xf/envelope:prod
container_name: processing_envelope
build:
context: .
args:
OPERATION: ${OPERATION}
command: sh -c '. /venv/bin/activate && python manage.py processing'
volumes:
- ${REPO_DIR}:/code
- ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
- ${APP_DATABASE_FILE}:/conf/db.sqlite3
- type: bind
source: /code/vrun
target: /var/run
environment:
APP_PORT: "${APP_PORT}"
REPO_DIR: "${REPO_DIR}"
APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
DOMAIN: "${DOMAIN}"
URL: "${URL}"
ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
DEBUG: "${DEBUG}"
SECRET_KEY: "${SECRET_KEY}"
STATIC_ROOT: "${STATIC_ROOT}"
REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
OPERATION: "${OPERATION}"
depends_on:
redis:
condition: service_healthy
migration:
condition: service_started
collectstatic:
condition: service_started
# deploy:
# resources:
# limits:
# cpus: '0.25'
# memory: 0.25G
#network_mode: host
scheduling:
image: xf/envelope:prod
container_name: scheduling_envelope
build:
context: .
args:
OPERATION: ${OPERATION}
command: sh -c '. /venv/bin/activate && python manage.py scheduling'
volumes:
- ${REPO_DIR}:/code
- ${REPO_DIR}/docker/uwsgi.ini:/conf/uwsgi.ini
- ${APP_DATABASE_FILE}:/conf/db.sqlite3
- type: bind
source: /code/vrun
target: /var/run
environment:
APP_PORT: "${APP_PORT}"
REPO_DIR: "${REPO_DIR}"
APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
DOMAIN: "${DOMAIN}"
URL: "${URL}"
ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
DEBUG: "${DEBUG}"
SECRET_KEY: "${SECRET_KEY}"
STATIC_ROOT: "${STATIC_ROOT}"
REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
OPERATION: "${OPERATION}"
depends_on:
redis:
condition: service_healthy
migration:
condition: service_started
collectstatic:
condition: service_started
# deploy:
# resources:
# limits:
# cpus: '0.25'
# memory: 0.25G
#network_mode: host
migration:
image: xf/envelope:prod
@@ -39,11 +153,32 @@ services:
OPERATION: ${OPERATION}
command: sh -c '. /venv/bin/activate && python manage.py migrate --noinput'
volumes:
- ${PORTAINER_GIT_DIR}:/code
- ${REPO_DIR}:/code
- ${APP_DATABASE_FILE}:/conf/db.sqlite3
- app_static:${STATIC_ROOT}
env_file:
- stack.env
- type: bind
source: /code/vrun
target: /var/run
environment:
APP_PORT: "${APP_PORT}"
REPO_DIR: "${REPO_DIR}"
APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
DOMAIN: "${DOMAIN}"
URL: "${URL}"
ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
DEBUG: "${DEBUG}"
SECRET_KEY: "${SECRET_KEY}"
STATIC_ROOT: "${STATIC_ROOT}"
REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
OPERATION: "${OPERATION}"
# deploy:
# resources:
# limits:
# cpus: '0.25'
# memory: 0.25G
#network_mode: host
collectstatic:
image: xf/envelope:prod
@@ -54,72 +189,54 @@ services:
OPERATION: ${OPERATION}
command: sh -c '. /venv/bin/activate && python manage.py collectstatic --noinput'
volumes:
- ${PORTAINER_GIT_DIR}:/code
- ${REPO_DIR}:/code
- ${APP_DATABASE_FILE}:/conf/db.sqlite3
- app_static:${STATIC_ROOT}
env_file:
- stack.env
- type: bind
source: /code/vrun
target: /var/run
environment:
APP_PORT: "${APP_PORT}"
REPO_DIR: "${REPO_DIR}"
APP_LOCAL_SETTINGS: "${APP_LOCAL_SETTINGS}"
APP_DATABASE_FILE: "${APP_DATABASE_FILE}"
DOMAIN: "${DOMAIN}"
URL: "${URL}"
ALLOWED_HOSTS: "${ALLOWED_HOSTS}"
NOTIFY_TOPIC: "${NOTIFY_TOPIC}"
CSRF_TRUSTED_ORIGINS: "${CSRF_TRUSTED_ORIGINS}"
DEBUG: "${DEBUG}"
SECRET_KEY: "${SECRET_KEY}"
STATIC_ROOT: "${STATIC_ROOT}"
REGISTRATION_OPEN: "${REGISTRATION_OPEN}"
OPERATION: "${OPERATION}"
# deploy:
# resources:
# limits:
# cpus: '0.25'
# memory: 0.25G
#network_mode: host
nginx:
image: nginx:latest
container_name: nginx_envelope
ports:
- ${APP_PORT}:9999
ulimits:
nproc: 65535
nofile:
soft: 65535
hard: 65535
redis:
image: redis
container_name: redis_envelope
command: redis-server /etc/redis.conf
volumes:
- ${PORTAINER_GIT_DIR}:/code
- ${PORTAINER_GIT_DIR}/docker/nginx/conf.d/${OPERATION}.conf:/etc/nginx/conf.d/default.conf
- app_static:${STATIC_ROOT}
volumes_from:
- tmp
networks:
- default
- xf
depends_on:
app:
condition: service_started
# volumes_from:
# - tmp
# depends_on:
# redis:
# condition: service_healthy
tmp:
image: busybox
container_name: tmp_envelope
command: chmod -R 777 /var/run/socks
volumes:
- /var/run/socks
# redis:
# image: redis
# command: redis-server /etc/redis.conf
# ulimits:
# nproc: 65535
# nofile:
# soft: 65535
# hard: 65535
# volumes:
# - ${PORTAINER_GIT_DIR}/docker/redis.conf:/etc/redis.conf
# - redis_data:/data
# volumes_from:
# - tmp
# healthcheck:
# test: "redis-cli -s /var/run/redis/redis.sock ping"
# interval: 2s
# timeout: 2s
# retries: 15
networks:
default:
driver: bridge
xf:
external: true
- ${REPO_DIR}/docker/redis.conf:/etc/redis.conf
- envelope_redis_data:/data
- type: bind
source: /code/vrun
target: /var/run
healthcheck:
test: "redis-cli ping"
interval: 2s
timeout: 2s
retries: 15
# deploy:
# resources:
# limits:
# cpus: '0.25'
# memory: 0.25G
#network_mode: host
volumes:
app_static: {}
envelope_redis_data: {}