-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdocker-compose.yml
132 lines (129 loc) · 5.45 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: partecipo
### Configure rails istances with environments
x-rails_conf: &rails_conf
# SECRET_KEY_BASE, This key used to sign and encrypt cookies. Change this before production
SECRET_KEY_BASE: aa3747d1fe11c393a790f27a19c31d5192bfa14b9e3e0d8f795fbbc3f25e83a31bc3f62284cd66dc51db854e84fb84eea672cef7a370f3d19705343d6005690d
### RAILS_RESTRICTED, If true entire site require authentication
# RAILS_RESTRICTED: true
RAILS_MASTER_KEY: 5cdcc57160c136623510fa73c7a7587f
### RAILS_ICON, Used for navbar
RAILS_ICON: fas fa-signature
### RAILS_TITLE, used for html head title, email and navbar
RAILS_TITLE: Partecipo
RAILS_DESCRIPTION: Partecipo description
RAILS_HEAD_URL: /head.html
RAILS_FOOTER_URL: /footer.html
### RAILS_SHOW_RESERVED, if true anonymous and not member user can view reserved events but can't get tickets
RAILS_SHOW_RESERVED: false
### RAILS_CLEAN_AFTER_DAYS, destroy old happening and ticket after this number of days. If nil isn't removed anything
RAILS_CLEAN_AFTER_DAYS: 60
### RAILS_REMINDER, if set as 'true', at 06:00AM is sent a mail reminder for next day booking
RAILS_REMINDER: true
### RAILS_PORT, port used for generate oidc url, use 80 for localhost demo, 443 on production
RAILS_PORT: 80
### RAILS_SCHEME, Scheme user for generate oidc url, use "http" for localhost demo, "https" on production
RAILS_SCHEME: http
### RAILS_HOST, hostname used to generate oidc url
RAILS_HOST: localhost
### RAILS_ASSUME_SSL, Assume all access to the app is happening through a SSL-terminating reverse proxy
RAILS_ASSUME_SSL: false
### RAILS_FORCE_SSL, Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies
### Use false for run a demo on localhost, set true on production
RAILS_FORCE_SSL: false
### RAILS_DEVISE_MODULES, Mudules for devise authentication
### - only database
### database_authenticatable registerable recoverable rememberable validatable confirmable timeoutable trackable lockable
### - Mixed database and omniauth (OIDC)
### database_authenticatable registerable recoverable rememberable validatable confirmable timeoutable trackable lockable omniauthable
### - Only omniauth (OIDC)
### validatable timeoutable trackable omniauthable
RAILS_DEVISE_MODULES: database_authenticatable registerable recoverable rememberable validatable confirmable timeoutable trackable lockable omniauthable
### RAILS_OIDC_ISSIER, OIDC IDP base url
RAILS_OIDC_ISSUER: https://my_issuer.com
### RAILS_OIDC_USERNAME, Claim used to set user `username`
RAILS_OIDC_USERNAME: email
### RAILS_OIDC_NAME, claim used to set user `name` param
RAILS_OIDC_NAME: given_name
### RAILS_OIDC_SURNAME, claim used to set user `surname` param
RAILS_OIDC_SURNAME: family_name
### RAILS_OIDC_IDENTIFIER, String required to identify this OIDC RP from the IDP
RAILS_OIDC_IDENTIFIER: partecipo
### RAILS_OIDC_SECRET, Secret string to identify this OIDC RP from the IDP
RAILS_OIDC_SECRET: MySuperSecureSecret
### RAILS_OIDC_CLAIMS, list of claims required
RAILS_OIDC_CLAIMS: sub email given_name family_name
### RAILS_OIDC_MEMBER, claim used to define member status
RAILS_OIDC: member
### RAILS_OIDC_MEMBER_VALUE, string value to compare with RAILS_OIDC_MEMBER for check member statusRAILS_OIDC_MEMBER
RAILS_OIDC_MEMBER: 'true'
### RAILS_MAX_THREADS, pool connection to PG database
RAILS_MAX_THREADS: 5
### RAILS_DB_HOST, PG hostname server, pg is the name of compose service
RAILS_DB_HOST: pg
### RAILS_DB_USER, PG user
RAILS_DB_USER: partecipo
### RAILS_DB_PASS, PG user password
RAILS_DB_PASS: ChangeMe
### RAILS_SMTP_USERNAME, username for smtp server
RAILS_SMTP_USERNAME: partecipo
### RAILS_SMTP_PASSWORD, password for smtp server
RAILS_SMTP_PASSWORD: MyPassword
### RAILS_SMTP_ADDRESS, hostname to call smtp server
RAILS_SMTP_ADDRESS: smtp.partecipo.it
### RAILS_SMPT_PORT, tcp port to smtp server
RAILS_SMPT_PORT: 587
### RAILS_SMTP_AUTHENTICATION, authentication method
RAILS_SMTP_AUTHENTICATION: plain
### TLS_DOMAIN, if present, Thruster server enable TLS with Let's encrypt
# TLS_DOMAIN: partecipo.it
### BAD_GATEWAY_PAGE, address for proxy error page
BAD_GATEWAY_PAGE: ./public/500.html
### SOLID_QUEUE_IN_PUMA, if present solid_queue is executed with rails, if nil silid queue must be run with queue service
### The queue service can be starter automatically with docker profile 'queue'
SOLID_QUEUE_IN_PUMA: true
### Configure Postgresql istance with environments
x-pg_conf: &pg_conf
POSTGRES_USER: postgres
POSTGRES_PASSWORD: ChangeMe
PARTECIPO_USER: partecipo
PARTECIPO_PASSWORD: ChangeMe
services:
pg:
image: postgres:latest
environment:
<<: *pg_conf
volumes:
- pg-data:/var/lib/postgresql/data
- ./init_pg.sh:/docker-entrypoint-initdb.d/init_pg.sh
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d partecipo_production -U $${POSTGRES_USER}" ]
interval: 1s
timeout: 5s
retries: 5
rails:
image: partecipo
build: ./
depends_on:
pg:
condition: service_healthy
volumes:
- rails-storage:/rails/storage
# - ./lib/custom/oidc.rb:/rails/lib/custom/oidc.rb
environment:
<<: *rails_conf
ports:
- "80:80"
- "443:443"
queue:
image: partecipo
profiles:
- queue
depends_on:
pg:
condition: service_healthy
environment:
<<: *rails_conf
command: "./bin/jobs"
volumes:
rails-storage:
pg-data: