generated from coop-cloud/example
Initial working stack
This commit is contained in:
parent
9724879c00
commit
149478f0bf
|
@ -4,3 +4,72 @@ export DOMAIN=kutt.example.com
|
|||
## Domain aliases
|
||||
#export EXTRA_DOMAINS=', `www.kutt.example.com`'
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
# Kutt settings
|
||||
export SITE_NAME=Kutt
|
||||
|
||||
# Generated link length
|
||||
export LINK_LENGTH=6
|
||||
|
||||
# Postgres database credential details
|
||||
export DB_PASSWORD=metro8focal5yolk
|
||||
|
||||
# Disable registration
|
||||
export DISALLOW_REGISTRATION=true
|
||||
|
||||
# Disable anonymous link creation
|
||||
export DISALLOW_ANONYMOUS_LINKS=false
|
||||
|
||||
# The daily limit for each user
|
||||
export USER_LIMIT_PER_DAY=50
|
||||
|
||||
# Create a cooldown for non-logged in users in minutes
|
||||
# Set 0 to disable
|
||||
export NON_USER_COOLDOWN=0
|
||||
|
||||
# Max number of visits for each link to have detailed stats
|
||||
export DEFAULT_MAX_STATS_PER_LINK=5000
|
||||
|
||||
# Use HTTPS for links with custom domain
|
||||
export CUSTOM_DOMAIN_USE_HTTPS=false
|
||||
|
||||
# A passphrase to encrypt JWT. Use a long and secure key.
|
||||
export JWT_SECRET=securekey
|
||||
|
||||
# Admin emails so they can access admin actions on settings page
|
||||
# Comma seperated
|
||||
export ADMIN_EMAILS=
|
||||
|
||||
# Invisible reCaptcha secret key
|
||||
# Create one in https://www.google.com/recaptcha/intro/
|
||||
export RECAPTCHA_SITE_KEY=
|
||||
export RECAPTCHA_SECRET_KEY=
|
||||
|
||||
# Google Cloud API to prevent from users from submitting malware URLs.
|
||||
# Get it from https://developers.google.com/safe-browsing/v4/get-started
|
||||
export GOOGLE_SAFE_BROWSING_KEY=
|
||||
|
||||
# Google Analytics tracking ID for universal analytics.
|
||||
# Example: UA-XXXX-XX
|
||||
export GOOGLE_ANALYTICS=
|
||||
export GOOGLE_ANALYTICS_UNIVERSAL=
|
||||
|
||||
# Google Analytics tracking ID for universal analytics
|
||||
# This one is used for links
|
||||
export GOOGLE_ANALYTICS_UNIVERSAL=
|
||||
|
||||
# Your email host details to use to send verification emails.
|
||||
# More info on http://nodemailer.com/
|
||||
# Mail from example "Kutt <support@kutt.it>". Leave empty to use MAIL_USER
|
||||
export MAIL_HOST=
|
||||
export MAIL_PORT=
|
||||
export MAIL_SECURE=true
|
||||
export MAIL_USER=
|
||||
export MAIL_FROM=
|
||||
export MAIL_PASSWORD=
|
||||
|
||||
# The email address that will receive submitted reports.
|
||||
export REPORT_EMAIL=
|
||||
|
||||
# Support email to show on the app
|
||||
export CONTACT_EMAIL=
|
||||
|
|
70
compose.yml
70
compose.yml
|
@ -3,15 +3,52 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: nginx:1.19.2
|
||||
image: kutt/kutt
|
||||
depends_on:
|
||||
- db
|
||||
- redis
|
||||
command: ["./wait-for-it.sh", "db:5432", "--", "npm", "start"]
|
||||
environment:
|
||||
REDIS_HOST: redis
|
||||
DEFAULT_DOMAIN: ${DOMAIN}
|
||||
DB_HOST: db
|
||||
DB_PORT: 5432
|
||||
DB_NAME: kutt
|
||||
DB_USER: kutt
|
||||
# FIXME 3wc: replace with secret
|
||||
DB_PASSWORD:
|
||||
DB_SSL: "false"
|
||||
SITE_NAME:
|
||||
LINK_LENGTH:
|
||||
DISALLOW_REGISTRATION:
|
||||
DISALLOW_ANONYMOUS_LINKS:
|
||||
USER_LIMIT_PER_DAY:
|
||||
NON_USER_COOLDOWN:
|
||||
DEFAULT_MAX_STATS_PER_LINK:
|
||||
CUSTOM_DOMAIN_USE_HTTPS:
|
||||
JWT_SECRET:
|
||||
ADMIN_EMAILS:
|
||||
RECAPTCHA_SITE_KEY:
|
||||
RECAPTCHA_SECRET_KEY:
|
||||
GOOGLE_SAFE_BROWSING_KEY:
|
||||
GOOGLE_ANALYTICS:
|
||||
GOOGLE_ANALYTICS_UNIVERSAL:
|
||||
GOOGLE_ANALYTICS_UNIVERSAL:
|
||||
MAIL_HOST:
|
||||
MAIL_PORT:
|
||||
MAIL_SECURE:
|
||||
MAIL_USER:
|
||||
MAIL_FROM:
|
||||
MAIL_PASSWORD:
|
||||
networks:
|
||||
- proxy
|
||||
- internal
|
||||
deploy:
|
||||
restart_policy:
|
||||
condition: on-failure
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
|
@ -19,13 +56,30 @@ services:
|
|||
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 1m
|
||||
|
||||
redis:
|
||||
image: redis:6.0-alpine
|
||||
volumes:
|
||||
- redis_data:/data
|
||||
networks:
|
||||
- internal
|
||||
|
||||
db:
|
||||
image: postgres:12-alpine
|
||||
environment:
|
||||
POSTGRES_USER: kutt
|
||||
POSTGRES_PASSWORD: ${DB_PASSWORD}
|
||||
POSTGRES_DB: kutt
|
||||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
networks:
|
||||
- internal
|
||||
|
||||
volumes:
|
||||
redis_data:
|
||||
postgres_data:
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
internal:
|
||||
|
|
Reference in New Issue