Files
plane/deploy/cli-install/docker-compose-caddy.yml
Nikhil 72ca7c77b3 [INFRA-144] airgap implementation (#3271)
* feat: airgapped draft

* feat: enhance airgapped installation script and build process

- Added installation checks for Docker and Docker Compose versions.
- Implemented yq for dynamic updates to docker-compose.yml, including setting environment variables and handling service volumes.
- Improved build.sh to install yq if not present and manage Docker images for airgapped setups.
- Updated install.sh to streamline the installation process and ensure necessary files are in place before proceeding.

* feat: enhance airgapped install script with domain input and OS compatibility

- Added prompts for user input of installation directory and application domain/IP address.
- Implemented OS-specific handling for `sed` commands to ensure compatibility across macOS and Linux.
- Improved user experience with additional confirmation messages during installation.

* feat: update installation script and versioning for airgapped deployment

- Enhanced the installation script to prompt for confirmation when the setup directory is not empty, allowing users to proceed with caution.
- Updated application version to v1.9.2 in both the docker-compose configuration and environment variables for consistency.
- Improved final confirmation message for clarity during installation.

* chore: airgapped upload license endpoint

* feat: added endpoint for uploading file in airgapped mode

* chore: file upload to handle formdata

* feat: license activation using file upload

* feat: add GitHub Actions workflow for building airgapped images

- Introduced a new workflow to build airgapped images with customizable platform options.
- Implemented steps for dependency installation, Docker setup, AWS credentials configuration, and environment preparation.
- Enhanced docker-compose.yml processing to include airgapped-specific configurations and manage service volumes.
- Added functionality to pull and save Docker images, and create a distribution tarball for S3 upload.

* feat: enhance build script for airgapped deployment

- Added support for customizable build platform and application release version through command-line flags.
- Implemented usage instructions for the build script to guide users on required and optional parameters.
- Improved handling of environment variable updates in docker-compose.yml and plane.env for different operating systems.
- Included cleanup steps to remove temporary data and logs after the build process.

* checking build

* refactor: simplify Docker setup in GitHub Actions workflow

- Removed redundant volume configuration for buildx cache in the build-branch-ee.yml workflow.

* feat: enhance build process by installing yq if missing

- Added a check in the GitHub Actions workflow to install yq if it is not already present, ensuring the build script can dynamically update docker-compose.yml.
- Removed redundant directory creation in the build script, streamlining the volume mapping process.
- Adjusted sed command handling for macOS and Linux to improve compatibility.

* feat: update airgapped artifact packaging in GitHub Actions workflow

- Modified the condition for packaging airgapped artifacts to include 'Release' build type.
- Streamlined the setup of yq by using an action instead of manual installation.
- Enhanced the build script to dynamically set the release version based on the build type, improving flexibility for different deployment scenarios.
- Updated S3 upload path to include the artifact suffix for better organization.

* feat: add AWS credentials to GitHub Actions workflow

- Introduced environment variables for AWS access key and secret key in the build-branch-ee.yml workflow, enabling secure access to AWS resources during the build process.

* fix: correct syntax for environment variable assignment in GitHub Actions workflow

- Updated the assignment of environment variables in the build-branch-ee.yml workflow to use the correct syntax for string interpolation.
- Ensured consistency in setting the AIRGAPPED_RELEASE_VERSION based on the build type condition.

* feat: add AWS CLI installation step to GitHub Actions workflow

- Introduced a step to install the AWS CLI in the build-branch-ee.yml workflow, ensuring necessary tools are available for AWS interactions.
- Updated environment variable assignments for consistency and clarity in the packaging process of airgapped artifacts.

* fix: streamline S3 upload command in GitHub Actions workflow

- Simplified the S3 upload command in the build-branch-ee.yml workflow by removing unnecessary directory navigation, directly referencing the airgapped tarball for upload.
- Improved clarity and efficiency in the artifact deployment process.

* chore: comment out S3 upload command in GitHub Actions workflow

- Commented out the S3 upload command in the build-branch-ee.yml workflow to prevent execution during the build process.
- This change allows for easier testing and debugging of the artifact packaging without uploading to S3.

* fix: correct syntax in GitHub Actions workflow for airgapped release version

- Fixed the conditional syntax in the build-branch-ee.yml workflow to properly close the if statement.
- Ensured the S3 upload command is correctly referenced, maintaining clarity in the artifact deployment process.

* fix: install yq if not present in GitHub Actions workflow

- Added a conditional check to install yq in the build-branch-ee.yml workflow if it is not already installed, ensuring the build process can proceed without errors related to missing dependencies.
- This change enhances the reliability of the workflow by automating the installation of necessary tools.

* fix: optimize Docker cleanup and S3 upload command in GitHub Actions workflow

- Added Docker cleanup commands to remove unused images and prune the system, improving resource management during the build process.
- Streamlined the S3 upload command to directly pipe the tarball, enhancing efficiency in artifact deployment.

* fix: improve confirmation prompt in installation script

- Added README.md contents
- Updated the confirmation prompt in install.sh for clarity, changing "YES" to "Yes" to enhance user understanding during the installation process.

* fix: update runner configuration for airgapped artifacts packaging in GitHub Actions workflow

- Changed the runner from 'ubuntu-22.04' to 'ubuntu-22.04-4-cores' to optimize resource allocation during the packaging process of airgapped artifacts.
- This adjustment aims to enhance performance and efficiency in the build workflow.

* fix: update runner configuration for airgapped artifacts packaging in GitHub Actions workflow

- Changed the runner from 'ubuntu-22.04-4-cores' to 'ubuntu-latest-4-cores' to ensure the use of the latest stable environment for improved compatibility and performance during the packaging process of airgapped artifacts.

* fix: update runner configuration for airgapped artifacts packaging in GitHub Actions workflow

- Changed the runner from 'ubuntu-latest-4-cores' back to 'ubuntu-22.04' to align with the previous configuration, ensuring compatibility and stability during the packaging process of airgapped artifacts.

* fix: simplify yq installation in GitHub Actions workflow

- Removed the conditional check for yq installation in the build-branch-ee.yml workflow, ensuring yq is always installed during the setup process. This change enhances the reliability of the workflow by eliminating potential errors related to missing dependencies.

* refactor: reorganize build steps in GitHub Actions workflow

- Restored and structured the build-push steps for various Docker images (admin, web, space, live, silo, apiserver, proxy, monitor, email) in the build-branch-ee.yml workflow.
- Updated the dependencies for the packaging of airgapped artifacts to ensure all build steps are executed in the correct order.
- Enhanced clarity and maintainability of the workflow by explicitly defining each build-push job.

* fix: comment out hardcoded airgapped release version in GitHub Actions workflow

- Commented out the hardcoded AIRGAPPED_RELEASE_VERSION in the build-branch-ee.yml workflow to allow for dynamic versioning based on the branch name, enhancing flexibility in the build process.

* refactor: update image handling in airgapped build and install scripts

- Modified build.sh to save each Docker image individually to a tar file and remove the image after saving, improving image management.
- Updated install.sh to load multiple tar files instead of a single hardcoded tarball, enhancing flexibility in image loading during setup.

* test build

* enhance: add build summary and usage instructions for airgapped artifacts in GitHub Actions workflow

- Introduced a build summary section in the build-branch-ee.yml workflow to provide details about the airgapped artifacts, including release version and S3 path.
- Added usage instructions for downloading and installing the airgapped artifacts, improving user guidance and accessibility.

* chore: remove deprecated build-airgapped workflow

- Deleted the build-airgapped.yml workflow file as it is no longer needed.
- Updated build-branch-ee.yml to streamline the packaging process for airgapped artifacts and improve S3 upload commands.

* fix: update file handling for license activation to support JSON format

- Changed file validation to accept only .json files in the frontend and backend.
- Updated the API to read and forward the activation file correctly.
- Enhanced error handling for unsupported file types and server responses.

* enhance: improve build summary and usage instructions in GitHub Actions workflow

- Added Git commit hash and branch information to the build summary in build-branch-ee.yml for better traceability.
- Updated usage instructions formatting to enhance clarity and user experience when downloading and installing airgapped artifacts.

* enhance: add presigned URL generation for airgapped artifacts in GitHub Actions workflow

- Implemented the creation of a presigned URL for airgapped artifacts, allowing for secure access for 30 days.
- Updated the build summary to include the presigned URL, improving user guidance for downloading artifacts.

* style: improve formatting of usage instructions in GitHub Actions workflow

- Updated the usage instructions in build-branch-ee.yml to use inline code formatting for better readability and clarity.
- Enhanced user guidance for downloading and installing airgapped artifacts.

* refactor: enhance build summary and usage instructions in GitHub Actions workflow

- Improved the formatting of the build summary in build-branch-ee.yml for better readability.
- Updated usage instructions to include code blocks, enhancing clarity for users downloading and installing airgapped artifacts.

* fix: time format issue with RFC, added custom marshaller

* feat: integrate crane for optimized image handling in airgapped build process

- Added installation of crane in the GitHub Actions workflow to enhance image pulling and saving efficiency.
- Updated build.sh to utilize crane for pulling images when available, providing a fallback to Docker if not.
- Improved user feedback during image handling, ensuring clarity on the process and success of operations.

* fix: update crane installation method in GitHub Actions workflow

- Changed the crane installation command to download the tarball to a file before extraction, improving reliability and error handling during the installation process.

* fix: streamline crane installation in GitHub Actions workflow

- Updated the crane installation command to directly pipe the download into extraction, simplifying the process and reducing the need for intermediate files.

* feat: add airgapped mode support for license file handling

- Introduced a new setting to enable airgapped mode.
- Added LicenseFileFetchEndpoint to fetch license files for workspaces in airgapped mode.
- Enhanced LicenseDeActivateEndpoint to delete license files when in airgapped mode.
- Updated LicenseActivateUploadEndpoint to restrict access based on airgapped mode.
- Implemented S3Storage method for deleting files from S3.

* fix: update environment variable formatting in GitHub Actions workflow

- Changed the format of environment variable assignments in build-branch-ee.yml to use `key=value` syntax, improving clarity and consistency in the workflow.

* fix: update airgapped artifact packaging in GitHub Actions workflow

- Refactored the packaging step in build-branch-ee.yml to utilize environment variables for better clarity and maintainability.
- Enhanced the presigned URL generation to extend the expiry to 90 days, improving access security for airgapped artifacts.

* fix: refine AIRGAPPED_RELEASE_VERSION handling in GitHub Actions workflow

- Updated the assignment of AIRGAPPED_RELEASE_VERSION to improve clarity and consistency in the build process.
- Enhanced the build summary to reflect the changes in variable usage, ensuring accurate information is presented to users.
- Streamlined the presigned URL handling for better integration within the workflow.

* fix: update airgapped artifact workflow with environment variable enhancements

- Refactored the build process in build-branch-ee.yml to utilize environment variables for AIRGAPPED_RELEASE_VERSION, S3_PATH, COMMIT_HASH, and PRESIGNED_URL, improving clarity and maintainability.
- Enhanced the build summary to reflect the updated variable usage, ensuring accurate information is presented to users.
- Streamlined the presigned URL handling and extended its expiry to 90 days for improved access security.

* improvement: upload license file form UI

* fix: enhance airgapped build summary in GitHub Actions workflow

- Updated the build summary in build-branch-ee.yml to include a temporary file for the presigned URL, improving security and clarity.
- Added the Git commit hash to the summary for better traceability of builds.
- Streamlined the summary formatting for improved readability and user guidance.

* fix: update airgapped artifact workflow to include presigned URL upload

- Commented out the previous artifact packaging steps for airgapped builds to streamline the process.
- Added functionality to create a temporary file for the presigned URL and upload it as an artifact, enhancing accessibility and security.
- Improved clarity in the workflow by ensuring the presigned URL is logged and stored appropriately.

* fix: reduce presigned URL expiry in airgapped artifact workflow

- Updated the PRESIGNED_URL_EXPIRY from 90 days to 7 days to enhance security and limit access duration.
- Commented out the previous expiry setting for clarity and future reference.

* fix: enhance airgapped artifact workflow with S3 region support

- Added S3_REGION environment variable to specify the AWS region for presigned URL generation, improving flexibility and accuracy in artifact handling.
- Updated the presigned URL command to include the region parameter, ensuring correct URL generation for S3 access.
- Modified the build summary to replace the presigned URL placeholder with a generic "<presigned-url>" for clarity in usage instructions.

* fix: streamline airgapped artifact workflow by enabling packaging steps

- Re-enabled the packaging steps for airgapped artifacts in the workflow, ensuring that the build process includes the creation and upload of artifacts to S3.
- Clarified the presigned URL expiry comment to indicate it is set to the maximum allowed by AWS for improved understanding of security settings.

* fix: enhance airgapped artifact workflow with multi-platform support

- Added support for building and uploading airgapped artifacts for both amd64 and arm64 architectures in the GitHub Actions workflow.
- Updated the S3 paths and presigned URL handling to accommodate the new architecture-specific artifacts.
- Improved user guidance in the installation script by providing clearer instructions for starting services and checking logs.

* fix: update airgapped artifact workflow to use consistent build platform flag

- Changed the build platform flag from `--build-platform` to `--platform` in the airgapped artifact workflow for both amd64 and arm64 builds, ensuring consistency across the build commands.

* chore: license activation changes

* feat: added mock implemation of airgapped api

* fix: enhance airgapped artifact workflow with detailed service images

- Added specific Docker image references for various services in the airgapped installation README, improving clarity on required files for offline deployment.
- Updated the workflow to ensure all necessary images are included for a comprehensive airgapped setup.

* fix: cases for workspace replace and seats

* fix: improve airgapped artifact workflow with conditional arm64 build support

- Added conditional logic to build and package arm64 artifacts based on the AIRGAPPED_ARM64_BUILD environment variable, enhancing flexibility in the workflow.
- Updated the presigned URL handling for arm64 artifacts to ensure proper access management.
- Improved the build summary to include arm64 S3 path only when applicable, streamlining output clarity.

* fix: update airgapped README to include email service Docker image

- Added reference to the Docker image for the email service in the airgapped installation README, enhancing clarity on required files for offline deployment.

* fix: add arm64 build support to airgapped artifact workflow

- Introduced ARM64_BUILD environment variable to manage conditional logic for arm64 builds in the workflow.
- Updated the build steps to set ARM64_BUILD based on the target branch, enhancing flexibility for multi-architecture support.

* fix: refactored logic for license management

* fix: ensure members_list is properly formatted as JSON in license activation

* fix: verification threshold

* feat: enhance airgapped license handling with versioning and improved error logging

- Added `Version` field to `AirgappedLicensePayload` for better tracking.
- Updated database population logic to use the new `Version` field.
- Improved error handling in `GetManualSyncHandler` with additional logging for license and feature flag refresh failures.
- Refined license deactivation logic for airgapped licenses based on current period end date.

* chore: update workspace activation check

* feat: improve airgapped handling in API views and tasks

- Added checks for airgapped settings in `CheckUpdateEndpoint`, `version_check`, and `register_instance_ee` to return early if the environment is airgapped.
- Enhanced code readability and maintainability by centralizing airgapped logic.

* improvement: remove seat management and subscription management for airgapped workspaces

* fix: update airgapped artifact workflow to extract tarball into specific directory

- Modified the extraction command in the airgapped installation instructions to specify the target directory, improving organization and clarity for users during the installation process.

* fix: update application version to v1.10.0 in deployment configurations

- Updated the APP_VERSION in coolify-compose.yml, docker-compose-caddy.yml, portainer-compose.yml, and variables.env to reflect the new version v1.10.0, ensuring consistency across deployment files.

* feat: enhance license activation response with workspace member details

- Updated the LicenseFileFetchEndpoint to include a list of active workspace members in the response.
- Converted user IDs to strings for consistency in the returned data structure.

* feat: added sync endpoint for download file

* feat: added logic for manual sync handler

* feat: added private key to prime airgapped api

* feat: implement job registration for instance license resync in airgapped mode

- Added a new job to the worker for resyncing instance licenses using a context-aware handler.
- Updated the HTTP handler port to "8090" for consistency.
- Changed the airgapped check to always return true in the workspace product handler.

* fix: update license activation response to return workspace members directly

- Modified the LicenseFileFetchEndpoint to return the workspace members list directly instead of converting it to a list, ensuring the response structure is consistent with the expected data format.

* feat: add command configuration for monitor service in airgapped build script

- Updated the build script to include a command for the monitor service, setting it to ["prime-monitor", "start-airgapped"] when the service is detected.

* docs: update airgapped README with installation instructions and prerequisites

- Enhanced the prerequisites section for clarity on Docker and Docker Compose requirements.
- Added a detailed installation process, including steps for running the installation script and the resulting directory structure.
- Updated post-installation steps to guide users on starting services and monitoring logs.

* improvement: handle error message for license activation

* feat: enhance airgapped cron job scheduling

- Introduced a new cron handler for scheduling airgapped cron jobs, including a License Refresh Job.
- Updated the worker to register the new cron job for instance license resync.

* minor fixes as sugged by reviewer

* fix: update HTTP handler port to use dynamic PORT variable in airgapped command

* fix: added version and api environment variables

* chore: update handlers to use isAirgapped method

* fix: converted db open calls to transactions in product handler

* fix: ensure UUIDs are only generated for unset IDs in License, UserLicense, and Flags models

* chore: update error message

* fix: add API_HOSTNAME environment variable to deployment configurations

- Introduced API_HOSTNAME variable in coolify-compose.yml, docker-compose-caddy.yml, portainer-compose.yml, and variables.env to standardize API endpoint configuration across deployment files.

* fix: update API_HOSTNAME format in deployment configurations

- Changed the API_HOSTNAME variable in coolify-compose.yml, docker-compose-caddy.yml, portainer-compose.yml, and variables.env to include the protocol (http://), ensuring consistent and correct API endpoint formatting across deployment files.

* feat: enhance airgapped installation and configuration

- Updated build.sh to insert "name: Plane-airgapped" into the docker-compose.yml file.
- Modified install.sh to set a default installation directory, improve user prompts, and handle upgrades more gracefully.
- Added checks for existing installations and running instances to prevent conflicts during upgrades.
- Enhanced the configuration display for better user clarity during setup.

* feat: improve environment variable handling in airgapped installation script

- Added a new function to update environment variables in the plane.env file.
- Enhanced the logic for reading and processing key-value pairs from the backup file, ensuring proper trimming and handling of empty values.
- Streamlined the update process for environment variables during installation and upgrades.

* feat: add Docker and docker-compose version checks in airgapped installation script

- Implemented checks for Docker version to ensure it meets the minimum requirement.
- Added validation to confirm that Docker is running before proceeding with installation.
- Included checks for the presence of either docker-compose or the new docker compose command.
- Enhanced error handling for version checks to improve user feedback during installation.

---------

Co-authored-by: Thomas Taylor <twtaylor7@gmail.com>
Co-authored-by: Manish Gupta <manish@plane.so>
Co-authored-by: Henit Chobisa <chobisa.henit@gmail.com>
Co-authored-by: Prateek Shourya <prateekshourya29@gmail.com>
Co-authored-by: Manish Gupta <59428681+mguptahub@users.noreply.github.com>
Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com>
Co-authored-by: akshat5302 <akshatjain9782@gmail.com>
2025-06-03 13:20:10 +05:30

356 lines
11 KiB
YAML

x-plane: &plane
APP_VERSION: ${APP_RELEASE_VERSION:-v1.10.0}
APP_DOMAIN: ${DOMAIN_NAME:-localhost}
MACHINE_SIGNATURE: ${MACHINE_SIGNATURE}
DEPLOY_PLATFORM: docker_compose
PRIME_HOST: https://prime.plane.so
x-monitor-env: &monitor-env
SERVICE_HTTP_WEB: web:3000
SERVICE_HTTP_API: api:8000
SERVICE_HTTP_LIVE: live:3000
SERVICE_HTTP_PROXY: proxy:80
SERVICE_HTTP_MINIO: plane-minio:9090
SERVICE_TCP_REDIS: plane-redis:6379
SERVICE_TCP_POSTGRES: plane-db:5432
TRUSTED_PROXIES: ${TRUSTED_PROXIES:-0.0.0.0/0}
API_HOSTNAME: ${API_HOSTNAME:-http://api:8000}
x-email-env: &email-env
SMTP_DOMAIN: ${SMTP_DOMAIN:-0.0.0.0}
EMAIL_SAVE_ENDPOINT: http://api:8000/intake/email/
TLS_CERT_PATH: ${TLS_CERT_PATH:-}
TLS_PRIV_KEY_PATH: ${TLS_PRIV_KEY_PATH:-}
x-proxy-env: &proxy-env
SITE_ADDRESS: ${SITE_ADDRESS:-localhost:80}
CERT_EMAIL: ${CERT_EMAIL:-admin@example.com}
CERT_ACME_CA: ${CERT_ACME_CA}
CERT_ACME_DNS: ${CERT_ACME_DNS}
BUCKET_NAME: ${BUCKET_NAME:-uploads}
FILE_SIZE_LIMIT: ${FILE_SIZE_LIMIT:-5242880}
LISTEN_HTTP_PORT: ${LISTEN_HTTP_PORT:-80}
LISTEN_HTTPS_PORT: ${LISTEN_HTTPS_PORT:-443}
LISTEN_SMTP_PORT_25: ${LISTEN_SMTP_PORT_25:-25}
LISTEN_SMTP_PORT_465: ${LISTEN_SMTP_PORT_465:-465}
LISTEN_SMTP_PORT_587: ${LISTEN_SMTP_PORT_587:-587}
x-pg-env: &pg-env
POSTGRES_USER: ${POSTGRES_USER:-plane}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-plane}
POSTGRES_DB: ${POSTGRES_DB:-plane}
PGDATA: ${PGDATA:-/var/lib/postgresql/data}
DATABASE_URL: ${DATABASE_URL:-postgresql://plane:plane@plane-db/plane}
DB_URL: ${DATABASE_URL:-postgresql://plane:plane@plane-db/plane}
x-rabbitmq-env: &rabbitmq-env
RABBITMQ_HOST: ${RABBITMQ_HOST:-plane-mq}
RABBITMQ_PORT: ${RABBITMQ_PORT:-5672}
RABBITMQ_DEFAULT_USER: ${RABBITMQ_USER:-plane}
RABBITMQ_DEFAULT_PASS: ${RABBITMQ_PASSWORD:-plane}
RABBITMQ_DEFAULT_VHOST: ${RABBITMQ_VHOST:-plane}
RABBITMQ_VHOST: ${RABBITMQ_VHOST:-plane}
AMQP_URL: ${AMQP_URL:-amqp://plane:plane@plane-mq:5672/plane}
x-redis-env: &redis-env
REDIS_HOST: ${REDIS_HOST:-plane-redis}
REDIS_PORT: ${REDIS_PORT:-6379}
REDIS_URL: ${REDIS_URL:-redis://plane-redis:6379/}
x-docstore-env: &docstore-env
USE_MINIO: ${USE_MINIO:-1}
MINIO_ROOT_USER: ${MINIO_ROOT_USER:-access-key}
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD:-secret-key}
BUCKET_NAME: ${BUCKET_NAME:-uploads}
AWS_REGION: ${AWS_REGION}
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-access-key}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-secret-key}
AWS_S3_ENDPOINT_URL: ${AWS_S3_ENDPOINT_URL:-http://plane-minio:9000}
AWS_S3_BUCKET_NAME: ${AWS_S3_BUCKET_NAME:-uploads}
x-silo-env: &silo-env
PORT: 3000
# Silo App Envs
BATCH_SIZE: ${BATCH_SIZE:-60}
DEDUP_INTERVAL: ${DEDUP_INTERVAL:-3}
APP_BASE_URL: ${SITE_ADDRESS}
API_BASE_URL: ${API_BASE_URL:-http://api:8000}
SILO_API_BASE_URL: ${INTEGRATION_CALLBACK_BASE_URL}
SILO_BASE_PATH: ${SILO_BASE_PATH:-/silo}
WEBHOOK_SECRET: ${WEBHOOK_SECRET:-plane-silo}
MQ_PREFETCH_COUNT: ${MQ_PREFETCH_COUNT:-10}
# Authentication
SILO_HMAC_SECRET_KEY: ${SILO_HMAC_SECRET_KEY:-tnbbvj6ATPvze4zaygdujxg4dpk4hqx0WDW}
AES_SECRET_KEY: ${AES_SECRET_KEY:-wvRonyo2xksk00E2h0hAbR5pFETQwbBK}
# Feature Flag Envs
FEATURE_FLAG_SERVER_BASE_URL: ${FEATURE_FLAG_SERVER_BASE_URL}
# Github Envs
GITHUB_APP_NAME: ${GITHUB_APP_NAME}
GITHUB_APP_ID: ${GITHUB_APP_ID}
GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID}
GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET}
GITHUB_PRIVATE_KEY: ${GITHUB_PRIVATE_KEY}
# Gitlab Envs
GITLAB_CLIENT_ID: ${GITLAB_CLIENT_ID}
GITLAB_CLIENT_SECRET: ${GITLAB_CLIENT_SECRET}
# Slack Envs
SLACK_CLIENT_ID: ${SLACK_CLIENT_ID}
SLACK_CLIENT_SECRET: ${SLACK_CLIENT_SECRET}
x-app-env: &app-env
WEB_URL: ${WEB_URL:-http://localhost}
DEBUG: ${DEBUG:-0}
CORS_ALLOWED_ORIGINS: ${CORS_ALLOWED_ORIGINS}
API_BASE_URL: ${API_BASE_URL:-http://api:8000}
LIVE_BASE_URL: ${LIVE_BASE_URL:-http://live:3000}
LIVE_BASE_PATH: ${LIVE_BASE_PATH:-/live}
# Gunicorn Workers
GUNICORN_WORKERS: ${GUNICORN_WORKERS:-2}
# Application secret
SECRET_KEY: ${SECRET_KEY:-60gp0byfz2dvffa45cxl20p1scy9xbpf6d8c5y0geejgkyp1b5}
FILE_SIZE_LIMIT: ${FILE_SIZE_LIMIT:-5242880}
SSL_VERIFY: ${SSL_VERIFY:-1}
FEATURE_FLAG_SERVER_BASE_URL: ${FEATURE_FLAG_SERVER_BASE_URL:-http://monitor:8080}
PAYMENT_SERVER_BASE_URL: ${PAYMENT_SERVER_BASE_URL:-http://monitor:8080}
# Enternal Services Config
SILO_HMAC_SECRET_KEY: ${SILO_HMAC_SECRET_KEY:-tnbbvj6ATPvze4zaygdujxg4dpk4hqx0WDW}
AES_SECRET_KEY: ${AES_SECRET_KEY:-wvRonyo2xksk00E2h0hAbR5pFETQwbBK}
# API key rate limit
API_KEY_RATE_LIMIT: ${API_KEY_RATE_LIMIT:-60/minute}
# Force HTTPS for handling SSL Termination
MINIO_ENDPOINT_SSL: ${MINIO_ENDPOINT_SSL:-0}
# Live Server Secret Key
LIVE_SERVER_SECRET_KEY: ${LIVE_SERVER_SECRET_KEY:-htbqvBJAgpm9bzvf3r4urJer0ENReatceh}
# Intake Email Domain
INTAKE_EMAIL_DOMAIN: ${INTAKE_EMAIL_DOMAIN:-example.com}
x-live-env: &live-env
API_BASE_URL: ${API_BASE_URL:-http://api:8000}
LIVE_SERVER_SECRET_KEY: ${LIVE_SERVER_SECRET_KEY:-htbqvBJAgpm9bzvf3r4urJer0ENReatceh}
services:
admin:
image: artifacts.plane.so/makeplane/admin-commercial:${APP_RELEASE_VERSION}
command: node admin/server.js admin
restart: unless-stopped
deploy:
replicas: ${ADMIN_REPLICAS:-1}
depends_on:
- api
- web
web:
image: artifacts.plane.so/makeplane/web-commercial:${APP_RELEASE_VERSION}
command: node web/server.js web
restart: unless-stopped
deploy:
replicas: ${WEB_REPLICAS:-1}
depends_on:
- api
- worker
space:
image: artifacts.plane.so/makeplane/space-commercial:${APP_RELEASE_VERSION}
command: node space/server.js space
restart: unless-stopped
deploy:
replicas: ${SPACE_REPLICAS:-1}
depends_on:
- api
- web
live:
image: artifacts.plane.so/makeplane/live-commercial:${APP_RELEASE_VERSION}
command: node live/dist/start.js live
environment:
<<: [*live-env, *redis-env]
restart: unless-stopped
deploy:
replicas: ${LIVE_REPLICAS:-1}
depends_on:
- api
- web
monitor:
image: artifacts.plane.so/makeplane/monitor-commercial:${APP_RELEASE_VERSION}
volumes:
- ${INSTALL_DIR:-./plane}/data/monitor:/app
environment:
<<: [*plane, *monitor-env]
restart: unless-stopped
deploy:
replicas: 1
api:
image: artifacts.plane.so/makeplane/backend-commercial:${APP_RELEASE_VERSION}
command: ./bin/docker-entrypoint-api-ee.sh
environment:
<<: [*plane, *app-env, *pg-env, *redis-env, *rabbitmq-env, *docstore-env]
restart: unless-stopped
deploy:
replicas: ${API_REPLICAS:-1}
volumes:
- ${INSTALL_DIR:-./plane}/logs/api:/code/plane/logs
depends_on:
- plane-db
- plane-redis
worker:
image: artifacts.plane.so/makeplane/backend-commercial:${APP_RELEASE_VERSION}
command: ./bin/docker-entrypoint-worker.sh
environment:
<<: [*plane, *app-env, *pg-env, *redis-env, *rabbitmq-env, *docstore-env]
restart: unless-stopped
deploy:
replicas: ${WORKER_REPLICAS:-1}
volumes:
- ${INSTALL_DIR:-./plane}/logs/worker:/code/plane/logs
depends_on:
- api
- plane-db
- plane-redis
beat-worker:
image: artifacts.plane.so/makeplane/backend-commercial:${APP_RELEASE_VERSION}
command: ./bin/docker-entrypoint-beat.sh
environment:
<<: [*plane, *app-env, *pg-env, *redis-env, *rabbitmq-env, *docstore-env]
restart: unless-stopped
deploy:
replicas: ${BEAT_WORKER_REPLICAS:-1}
volumes:
- ${INSTALL_DIR:-./plane}/logs/beat-worker:/code/plane/logs
depends_on:
- api
- plane-db
- plane-redis
migrator:
image: artifacts.plane.so/makeplane/backend-commercial:${APP_RELEASE_VERSION}
command: ./bin/docker-entrypoint-migrator.sh
environment:
<<: [*plane, *app-env, *pg-env, *redis-env, *rabbitmq-env, *docstore-env]
restart: "no"
deploy:
replicas: 1
volumes:
- ${INSTALL_DIR:-./plane}/logs/migrator:/code/plane/logs
depends_on:
- plane-db
- plane-redis
plane-db:
image: postgres:15.7-alpine
command: postgres -c 'max_connections=1000'
environment:
<<: [*pg-env]
restart: unless-stopped
deploy:
replicas: 1
volumes:
- ${INSTALL_DIR:-./plane}/data/db:/var/lib/postgresql/data
plane-redis:
image: valkey/valkey:7.2.5-alpine
environment:
<<: [*redis-env]
restart: unless-stopped
deploy:
replicas: 1
volumes:
- ${INSTALL_DIR:-./plane}/data/redis:/data
plane-mq:
image: rabbitmq:3.13.6-management-alpine
environment:
<<: [*rabbitmq-env]
restart: unless-stopped
deploy:
replicas: 1
volumes:
- ${INSTALL_DIR:-./plane}/data/mq:/var/lib/rabbitmq
plane-minio:
image: minio/minio:latest
command: server /export --console-address ":9090"
environment:
<<: [*docstore-env]
restart: unless-stopped
deploy:
replicas: 1
volumes:
- ${INSTALL_DIR:-./plane}/data/minio/uploads:/export
- ${INSTALL_DIR:-./plane}/data/minio/data:/data
silo:
image: artifacts.plane.so/makeplane/silo-commercial:${APP_RELEASE_VERSION}
restart: unless-stopped
command: node silo/start.cjs
environment:
<<: [*silo-env, *pg-env, *rabbitmq-env, *redis-env]
deploy:
replicas: ${SILO_REPLICAS:-1}
depends_on:
- plane-redis
- plane-mq
email:
image: artifacts.plane.so/makeplane/email-commercial:${APP_RELEASE_VERSION}
volumes:
- ${INSTALL_DIR:-./plane}/data/email/tls:/opt/email/tls
environment:
<<: [*email-env]
healthcheck:
test: ["CMD", "nc", "-zv", "localhost", "10025"]
interval: 1m30s
timeout: 30s
retries: 5
start_period: 30s
restart: unless-stopped
deploy:
replicas: ${EMAIL_REPLICAS:-1}
# Comment this if you already have a reverse proxy running
proxy:
image: artifacts.plane.so/makeplane/proxy-commercial:${APP_RELEASE_VERSION}
restart: unless-stopped
environment:
<<: [*proxy-env]
ports:
- target: 80
published: ${LISTEN_HTTP_PORT:-80}
protocol: tcp
mode: host
- target: 443
published: ${LISTEN_HTTPS_PORT:-443}
protocol: tcp
mode: host
- target: 10025
published: ${LISTEN_SMTP_PORT_25:-25}
protocol: tcp
mode: host
- target: 10465
published: ${LISTEN_SMTP_PORT_465:-465}
protocol: tcp
mode: host
- target: 10587
published: ${LISTEN_SMTP_PORT_587:-587}
protocol: tcp
mode: host
volumes:
- ${INSTALL_DIR:-./plane}/caddy/config:/config
- ${INSTALL_DIR:-./plane}/caddy/data:/data
depends_on:
- web
- api
- space
- admin
- live
- email