diff --git a/bin/mixin-secrets b/bin/mixin-secrets new file mode 100755 index 0000000..4b2e639 --- /dev/null +++ b/bin/mixin-secrets @@ -0,0 +1,21 @@ +#!/bin/bash +# +# Generates a fancy docker-compose.yml based on the template by +# mixing in production secrets. +# +# Olivia Mackintosh + +THISDIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) +TEMPLATE=${THISDIR}/../docker-compose.yml.template + +if [ -z "$DATABASE_PASSWORD" ]; then + echo "Error: Please set \$DATABASE_PASSWORD" + exit 1 +fi + +if [ -z "$SMTP_PASSWORD" ]; then + echo "Error: Please set \$SMTP_PASSWORD" + exit 1 +fi + +envsubst < $TEMPLATE | cat - diff --git a/docker-compose.yml.template b/docker-compose.yml.template new file mode 100644 index 0000000..dc763f1 --- /dev/null +++ b/docker-compose.yml.template @@ -0,0 +1,73 @@ +map: + build: . + links: + - db:db + volumes: + - /containers/map/static:/app/static + - /containers/map/gunicorn.sock:/app/gunicorn.sock + environment: + - "DEBUG=0" + - "ALLOWED_HOSTS=map.ojuso.org" + - "DATABASE_HOST=db" + - "DATABASE_NAME=postgres" + - "DATABASE_PASSWORD=${DATABASE_PASSWORD}" + - "EMAIL_HOST=mail.gandi.net" + - "EMAIL_HOST_USER=admin@ojuso.org" + - "EMAIL_HOST_PASSWORD=${SMTP_PASSWORD}" + - "EMAIL_PORT=587" + - "EMAIL_USE_TLS=1" + - "SERVER_EMAIL=Ojuso Platform Notification " + command: /bin/sh -c "python3 manage.py migrate && python3 manage.py collectstatic --noinput && gunicorn --bind 0.0.0.0:8000 ojusomap.wsgi" + +db: + image: mdillon/postgis:9.6-alpine + volumes: + - /containers/db:/var/lib/postgresql/data + environment: + - "POSTGRES_PASSWORD=${DATABASE_PASSWORD}" + +web: + image: nginx:alpine + volumes: + - ./support/nginx/nginx.template:/etc/nginx/conf.d/nginx.template + - ./support/nginx/directives:/etc/nginx/directives + - /containers/tls/acme:/web/acme + - /containers/tls/certs:/web/certs + - /var/discourse/shared/standalone/nginx.http.sock:/web/run/discourse.sock + - /containers/map/gunicorn.sock:/web/run/gunicorn.sock + - /containers/map/static:/web/static + ports: + - "80:80" + - "443:443" + links: + - forum:forum + - map:map + environment: + - "NGINX_ROOT=/web/static/" + command: /bin/sh -c "cat /etc/nginx/conf.d/nginx.template > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'" + +forum: + image: local_discourse/app + restart: always + hostname: discourse + environment: + - "DISCOURSE_DB_SOCKET=/var/run/postgresql" + - "DISCOURSE_DEVELOPER_EMAILS=admin@ojuso.org" + - "DISCOURSE_HOSTNAME=forum.ojuso.org" + - "DISCOURSE_SMTP_ADDRESS=mail.gandi.net" + - "DISCOURSE_SMTP_PASSWORD=${SMTP_PASSWORD}" + - "DISCOURSE_SMTP_PORT=587" + - "DISCOURSE_SMTP_USER_NAME=admin@ojuso.org" + - "DOCKER_HOST_IP=172.17.0.1" + - "LANG=en_US.UTF-8" + - "RAILS_ENV=production" + - "RUBY_GC_HEAP_GROWTH_MAX_SLOTS=40000" + - "RUBY_GC_HEAP_INIT_SLOTS=400000" + - "RUBY_GC_HEAP_OLDOBJECT_LIMIT_FACTOR=1.5" + - "RUBY_GLOBAL_METHOD_CACHE_SIZE=131072" + - "UNICORN_SIDEKIQS=1" + - "UNICORN_WORKERS=4" + volumes: + - /var/discourse/shared/standalone:/shared + - /var/discourse/shared/standalone/log/var-log:/var/log + command: /sbin/boot