mirror of
https://github.com/IT4Change/Ocelot-Social.git
synced 2025-12-13 07:45:56 +00:00
d6a8de478b
## 🍰 Pullrequest This will migrate our assets to an objectstorage via S3. Before this PR is rolled out, the S3 credentials need to be configured in the respective infrastructure repository. The migration is implemented in a backend migration, i.e. I expect the `initContainer` to take a little longer but I hope then it's going to be fine. If any errors occcur, the migration should be repeatable, since the disk volume is still there. ### Issues The backend having direct access on disk. ### Todo - [ ] Configure backend environment variables in every infrastructure repo - [ ] Remove kubernetes uploads volume in a future PR Commits: * refactor: follow @ulfgebhardt Here: https://github.com/Ocelot-Social-Community/Ocelot-Social/pull/8545#pullrequestreview-2846163417 I don't know why the PR didn't include these changes already, I believe I made a mistake during rebase and lost the relevant commits. * refactor: use typescript assertions I found it a better way to react to this comment: https://github.com/Ocelot-Social-Community/Ocelot-Social/pull/8545/files#r2092766596 * add S3 credentials * refactor: easier to remember credentials It's for local development only * give init container necessary file access * fix: wrong upload location on production * refactor: follow @ulfgebhardt's review See: https://github.com/Ocelot-Social-Community/Ocelot-Social/pull/8545#pullrequestreview-2881626504
106 lines
3.3 KiB
YAML
106 lines
3.3 KiB
YAML
# This file defines the production settings. It is overwritten by docker-compose.override.yml,
|
|
# which defines the development settings. The override.yml is loaded by default. Therefore it
|
|
# is required to explicitly define if you want an production build:
|
|
# > docker-compose -f docker-compose.yml up
|
|
|
|
services:
|
|
webapp:
|
|
image: ghcr.io/ocelot-social-community/ocelot-social/webapp:${OCELOT_VERSION:-latest}
|
|
build:
|
|
context: ./webapp
|
|
target: production
|
|
depends_on:
|
|
- backend
|
|
ports:
|
|
- 3000:3000
|
|
# Storybook: Todo externalize, its not working anyways
|
|
# - 3002:3002
|
|
environment:
|
|
# Envs used in Dockerfile
|
|
# - DOCKER_WORKDIR="/app"
|
|
# - PORT="3000"
|
|
- NODE_ENV="production"
|
|
# Application only envs
|
|
- HOST=0.0.0.0 # This is nuxt specific, alternative value is HOST=webapp
|
|
- GRAPHQL_URI=http://backend:4000
|
|
env_file:
|
|
- ./webapp/.env
|
|
|
|
frontend:
|
|
image: ghcr.io/ocelot-social-community/ocelot-social/frontend:${OCELOT_VERSION:-latest}
|
|
build:
|
|
context: ./frontend
|
|
target: production
|
|
depends_on:
|
|
- backend
|
|
ports:
|
|
- 3002:3002
|
|
environment:
|
|
# Envs used in Dockerfile
|
|
# - DOCKER_WORKDIR="/app"
|
|
# - PORT="3002"
|
|
- NODE_ENV="production"
|
|
# Application only envs
|
|
#- HOST=0.0.0.0 # This is nuxt specific, alternative value is HOST=webapp
|
|
#- GRAPHQL_URI=http://backend:4000
|
|
|
|
backend:
|
|
image: ghcr.io/ocelot-social-community/ocelot-social/backend:${OCELOT_VERSION:-latest}
|
|
build:
|
|
context: ./backend
|
|
target: production
|
|
depends_on:
|
|
- neo4j
|
|
ports:
|
|
- 4000:4000
|
|
environment:
|
|
# Envs used in Dockerfile
|
|
# - DOCKER_WORKDIR="/app"
|
|
# - PORT="4000"
|
|
- NODE_ENV="production"
|
|
# Application only envs
|
|
- DEBUG=false
|
|
- NEO4J_URI=bolt://neo4j:7687
|
|
- GRAPHQL_URI=http://backend:4000
|
|
- CLIENT_URI=http://webapp:3000
|
|
env_file:
|
|
- ./backend/.env
|
|
|
|
maintenance:
|
|
image: ghcr.io/ocelot-social-community/ocelot-social/maintenance:${OCELOT_VERSION:-latest}
|
|
build:
|
|
context: ./webapp
|
|
dockerfile: Dockerfile.maintenance
|
|
ports:
|
|
- 3001:80
|
|
|
|
neo4j:
|
|
image: ghcr.io/ocelot-social-community/ocelot-social/neo4j
|
|
build:
|
|
context: ./neo4j
|
|
# community edition 👆🏼, because we have no enterprise licence 👇🏼 at the moment
|
|
target: community
|
|
ports:
|
|
- 7687:7687
|
|
volumes:
|
|
- neo4j_data:/data
|
|
environment:
|
|
# settings reference: https://neo4j.com/docs/operations-manual/4.4/docker/ref-settings/
|
|
# TODO: This sounds scary for a production environment
|
|
- NEO4J_AUTH=none
|
|
- NEO4J_dbms_security_procedures_unrestricted=algo.*,apoc.*
|
|
- NEO4J_dbms_allow__format__migration=true
|
|
- NEO4J_dbms_allow__upgrade=true
|
|
# uncomment following line for Neo4j Enterprise version instead of Community version
|
|
# TODO: clarify if that is the only thing needed to unlock the Enterprise version
|
|
# - NEO4J_ACCEPT_LICENSE_AGREEMENT=yes
|
|
# set the name of the database to be used
|
|
# - NEO4J_dbms_default__database=graph.db
|
|
# - NEO4J_dbms_default__database=neo4j
|
|
# TODO: Remove the playground from production
|
|
# bring the database in offline mode to export or load dumps
|
|
# command: ["tail", "-f", "/dev/null"]
|
|
|
|
volumes:
|
|
neo4j_data:
|