mirror of
https://github.com/penpot/penpot.git
synced 2025-01-09 16:30:37 -05:00
Merge pull request #5153 from penpot/yms-improve-flags-configuration-in-docker-compose
🐳 Improve flags configuration in docker-compose
This commit is contained in:
commit
556ec45efc
1 changed files with 57 additions and 77 deletions
|
@ -1,3 +1,34 @@
|
||||||
|
## Common flags:
|
||||||
|
# demo-users
|
||||||
|
# email-verification
|
||||||
|
# log-emails
|
||||||
|
# log-invitation-tokens
|
||||||
|
# login-with-github
|
||||||
|
# login-with-gitlab
|
||||||
|
# login-with-google
|
||||||
|
# login-with-ldap
|
||||||
|
# login-with-oidc
|
||||||
|
# login-with-password
|
||||||
|
# prepl-server
|
||||||
|
# registration
|
||||||
|
# secure-session-cookies
|
||||||
|
# smtp
|
||||||
|
# smtp-debug
|
||||||
|
# telemetry
|
||||||
|
# webhooks
|
||||||
|
##
|
||||||
|
## You can read more about all available flags and other
|
||||||
|
## environment variables here:
|
||||||
|
## https://help.penpot.app/technical-guide/configuration/#advanced-configuration
|
||||||
|
#
|
||||||
|
# WARNING: if you're exposing Penpot to the internet, you should remove the flags
|
||||||
|
# 'disable-secure-session-cookies' and 'disable-email-verification'
|
||||||
|
x-flags: &penpot-flags
|
||||||
|
PENPOT_FLAGS: disable-email-verification enable-smtp enable-prepl-server disable-secure-session-cookies
|
||||||
|
|
||||||
|
x-uri: &penpot-public-uri
|
||||||
|
PENPOT_PUBLIC_URI: http://localhost:9001
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
penpot:
|
penpot:
|
||||||
|
|
||||||
|
@ -71,26 +102,8 @@ services:
|
||||||
# - "traefik.http.routers.penpot-https.tls=true"
|
# - "traefik.http.routers.penpot-https.tls=true"
|
||||||
# - "traefik.http.routers.penpot-https.tls.certresolver=letsencrypt"
|
# - "traefik.http.routers.penpot-https.tls.certresolver=letsencrypt"
|
||||||
|
|
||||||
## Configuration envronment variables for the frontend container. In this case, the
|
|
||||||
## container only needs the `PENPOT_FLAGS`. This environment variable is shared with
|
|
||||||
## other services, but not all flags are relevant to all services.
|
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
## Relevant flags for frontend:
|
<< : *penpot-flags
|
||||||
## - demo-users
|
|
||||||
## - login-with-github
|
|
||||||
## - login-with-gitlab
|
|
||||||
## - login-with-google
|
|
||||||
## - login-with-ldap
|
|
||||||
## - login-with-oidc
|
|
||||||
## - login-with-password
|
|
||||||
## - registration
|
|
||||||
## - webhooks
|
|
||||||
##
|
|
||||||
## You can read more about all available flags on:
|
|
||||||
## https://help.penpot.app/technical-guide/configuration/#advanced-configuration
|
|
||||||
|
|
||||||
- PENPOT_FLAGS=enable-registration enable-login-with-password
|
|
||||||
|
|
||||||
penpot-backend:
|
penpot-backend:
|
||||||
image: "penpotapp/backend:latest"
|
image: "penpotapp/backend:latest"
|
||||||
|
@ -110,31 +123,7 @@ services:
|
||||||
## container.
|
## container.
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
|
<< : [*penpot-flags, *penpot-public-uri]
|
||||||
## Relevant flags for backend:
|
|
||||||
## - demo-users
|
|
||||||
## - email-verification
|
|
||||||
## - log-emails
|
|
||||||
## - log-invitation-tokens
|
|
||||||
## - login-with-github
|
|
||||||
## - login-with-gitlab
|
|
||||||
## - login-with-google
|
|
||||||
## - login-with-ldap
|
|
||||||
## - login-with-oidc
|
|
||||||
## - login-with-password
|
|
||||||
## - registration
|
|
||||||
## - secure-session-cookies
|
|
||||||
## - smtp
|
|
||||||
## - smtp-debug
|
|
||||||
## - telemetry
|
|
||||||
## - webhooks
|
|
||||||
## - prepl-server
|
|
||||||
##
|
|
||||||
## You can read more about all available flags and other
|
|
||||||
## environment variables for the backend here:
|
|
||||||
## https://help.penpot.app/technical-guide/configuration/#advanced-configuration
|
|
||||||
|
|
||||||
- PENPOT_FLAGS=enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server
|
|
||||||
|
|
||||||
## Penpot SECRET KEY. It serves as a master key from which other keys for subsystems
|
## Penpot SECRET KEY. It serves as a master key from which other keys for subsystems
|
||||||
## (eg http sessions, or invitations) are derived.
|
## (eg http sessions, or invitations) are derived.
|
||||||
|
@ -147,70 +136,61 @@ services:
|
||||||
##
|
##
|
||||||
## python3 -c "import secrets; print(secrets.token_urlsafe(64))"
|
## python3 -c "import secrets; print(secrets.token_urlsafe(64))"
|
||||||
|
|
||||||
# - PENPOT_SECRET_KEY=my-insecure-key
|
# PENPOT_SECRET_KEY: my-insecure-key
|
||||||
|
|
||||||
## The PREPL host. Mainly used for external programatic access to penpot backend
|
## The PREPL host. Mainly used for external programatic access to penpot backend
|
||||||
## (example: admin). By default it will listen on `localhost` but if you are going to use
|
## (example: admin). By default it will listen on `localhost` but if you are going to use
|
||||||
## the `admin`, you will need to uncomment this and set the host to `0.0.0.0`.
|
## the `admin`, you will need to uncomment this and set the host to `0.0.0.0`.
|
||||||
|
|
||||||
# - PENPOT_PREPL_HOST=0.0.0.0
|
# PENPOT_PREPL_HOST: 0.0.0.0
|
||||||
|
|
||||||
## Public URI. If you are going to expose this instance to the internet and use it
|
|
||||||
## under a different domain than 'localhost', you will need to adjust it to the final
|
|
||||||
## domain.
|
|
||||||
##
|
|
||||||
## Consider using traefik and set the 'disable-secure-session-cookies' if you are
|
|
||||||
## not going to serve penpot under HTTPS.
|
|
||||||
|
|
||||||
- PENPOT_PUBLIC_URI=http://localhost:9001
|
|
||||||
|
|
||||||
## Database connection parameters. Don't touch them unless you are using custom
|
## Database connection parameters. Don't touch them unless you are using custom
|
||||||
## postgresql connection parameters.
|
## postgresql connection parameters.
|
||||||
|
|
||||||
- PENPOT_DATABASE_URI=postgresql://penpot-postgres/penpot
|
PENPOT_DATABASE_URI: postgresql://penpot-postgres/penpot
|
||||||
- PENPOT_DATABASE_USERNAME=penpot
|
PENPOT_DATABASE_USERNAME: penpot
|
||||||
- PENPOT_DATABASE_PASSWORD=penpot
|
PENPOT_DATABASE_PASSWORD: penpot
|
||||||
|
|
||||||
## Redis is used for the websockets notifications. Don't touch unless the redis
|
## Redis is used for the websockets notifications. Don't touch unless the redis
|
||||||
## container has different parameters or different name.
|
## container has different parameters or different name.
|
||||||
|
|
||||||
- PENPOT_REDIS_URI=redis://penpot-redis/0
|
PENPOT_REDIS_URI: redis://penpot-redis/0
|
||||||
|
|
||||||
## Default configuration for assets storage: using filesystem based with all files
|
## Default configuration for assets storage: using filesystem based with all files
|
||||||
## stored in a docker volume.
|
## stored in a docker volume.
|
||||||
|
|
||||||
- PENPOT_ASSETS_STORAGE_BACKEND=assets-fs
|
PENPOT_ASSETS_STORAGE_BACKEND: assets-fs
|
||||||
- PENPOT_STORAGE_ASSETS_FS_DIRECTORY=/opt/data/assets
|
PENPOT_STORAGE_ASSETS_FS_DIRECTORY: /opt/data/assets
|
||||||
|
|
||||||
## Also can be configured to to use a S3 compatible storage
|
## Also can be configured to to use a S3 compatible storage
|
||||||
## service like MiniIO. Look below for minio service setup.
|
## service like MiniIO. Look below for minio service setup.
|
||||||
|
|
||||||
# - AWS_ACCESS_KEY_ID=<KEY_ID>
|
# AWS_ACCESS_KEY_ID: <KEY_ID>
|
||||||
# - AWS_SECRET_ACCESS_KEY=<ACCESS_KEY>
|
# AWS_SECRET_ACCESS_KEY: <ACCESS_KEY>
|
||||||
# - PENPOT_ASSETS_STORAGE_BACKEND=assets-s3
|
# PENPOT_ASSETS_STORAGE_BACKEND: assets-s3
|
||||||
# - PENPOT_STORAGE_ASSETS_S3_ENDPOINT=http://penpot-minio:9000
|
# PENPOT_STORAGE_ASSETS_S3_ENDPOINT: http://penpot-minio:9000
|
||||||
# - PENPOT_STORAGE_ASSETS_S3_BUCKET=<BUKET_NAME>
|
# PENPOT_STORAGE_ASSETS_S3_BUCKET: <BUKET_NAME>
|
||||||
|
|
||||||
## Telemetry. When enabled, a periodical process will send anonymous data about this
|
## Telemetry. When enabled, a periodical process will send anonymous data about this
|
||||||
## instance. Telemetry data will enable us to learn how the application is used,
|
## instance. Telemetry data will enable us to learn how the application is used,
|
||||||
## based on real scenarios. If you want to help us, please leave it enabled. You can
|
## based on real scenarios. If you want to help us, please leave it enabled. You can
|
||||||
## audit what data we send with the code available on github.
|
## audit what data we send with the code available on github.
|
||||||
|
|
||||||
- PENPOT_TELEMETRY_ENABLED=true
|
PENPOT_TELEMETRY_ENABLED: true
|
||||||
|
|
||||||
## Example SMTP/Email configuration. By default, emails are sent to the mailcatch
|
## Example SMTP/Email configuration. By default, emails are sent to the mailcatch
|
||||||
## service, but for production usage it is recommended to setup a real SMTP
|
## service, but for production usage it is recommended to setup a real SMTP
|
||||||
## provider. Emails are used to confirm user registrations & invitations. Look below
|
## provider. Emails are used to confirm user registrations & invitations. Look below
|
||||||
## how the mailcatch service is configured.
|
## how the mailcatch service is configured.
|
||||||
|
|
||||||
- PENPOT_SMTP_DEFAULT_FROM=no-reply@example.com
|
PENPOT_SMTP_DEFAULT_FROM: no-reply@example.com
|
||||||
- PENPOT_SMTP_DEFAULT_REPLY_TO=no-reply@example.com
|
PENPOT_SMTP_DEFAULT_REPLY_TO: no-reply@example.com
|
||||||
- PENPOT_SMTP_HOST=penpot-mailcatch
|
PENPOT_SMTP_HOST: penpot-mailcatch
|
||||||
- PENPOT_SMTP_PORT=1025
|
PENPOT_SMTP_PORT: 1025
|
||||||
- PENPOT_SMTP_USERNAME=
|
PENPOT_SMTP_USERNAME:
|
||||||
- PENPOT_SMTP_PASSWORD=
|
PENPOT_SMTP_PASSWORD:
|
||||||
- PENPOT_SMTP_TLS=false
|
PENPOT_SMTP_TLS: false
|
||||||
- PENPOT_SMTP_SSL=false
|
PENPOT_SMTP_SSL: false
|
||||||
|
|
||||||
penpot-exporter:
|
penpot-exporter:
|
||||||
image: "penpotapp/exporter:latest"
|
image: "penpotapp/exporter:latest"
|
||||||
|
@ -221,10 +201,10 @@ services:
|
||||||
environment:
|
environment:
|
||||||
# Don't touch it; this uses an internal docker network to
|
# Don't touch it; this uses an internal docker network to
|
||||||
# communicate with the frontend.
|
# communicate with the frontend.
|
||||||
- PENPOT_PUBLIC_URI=http://penpot-frontend
|
PENPOT_PUBLIC_URI: http://penpot-frontend
|
||||||
|
|
||||||
## Redis is used for the websockets notifications.
|
## Redis is used for the websockets notifications.
|
||||||
- PENPOT_REDIS_URI=redis://penpot-redis/0
|
PENPOT_REDIS_URI: redis://penpot-redis/0
|
||||||
|
|
||||||
penpot-postgres:
|
penpot-postgres:
|
||||||
image: "postgres:15"
|
image: "postgres:15"
|
||||||
|
|
Loading…
Reference in a new issue