6282d1a02f
- Added configurable SESSION_COOKIE_NAME and CSRF_COOKIE_NAME to Django settings - Main app now uses 'stiftung_sessionid' instead of default 'sessionid' - Paperless continues using default 'sessionid' for separation - All configuration centralized in .env files as requested - Updated both development and production compose configurations - Added session settings to env templates for easy deployment This resolves the session conflict where logging into one app would kick out sessions from the other app. Both applications now maintain independent login sessions.
152 lines
4.8 KiB
YAML
152 lines
4.8 KiB
YAML
# Production Docker Compose Configuration
|
|
# This file is used for production deployment via GitHub Actions
|
|
# For local development, use: docker-compose -f compose.dev.yml up
|
|
#
|
|
# IMPORTANT: This configuration requires ALL environment variables to be
|
|
# provided via the production server's .env file. No fallback values are
|
|
# included for security reasons.
|
|
|
|
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB}
|
|
POSTGRES_USER: ${POSTGRES_USER}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- dbdata:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
|
|
web:
|
|
build: ./app
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
environment:
|
|
- POSTGRES_DB=${POSTGRES_DB}
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
- DB_HOST=${DB_HOST}
|
|
- DB_PORT=${DB_PORT}
|
|
- DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY}
|
|
- DJANGO_DEBUG=${DJANGO_DEBUG}
|
|
- DJANGO_ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS}
|
|
- LANGUAGE_CODE=${LANGUAGE_CODE}
|
|
- TIME_ZONE=${TIME_ZONE}
|
|
- REDIS_URL=${REDIS_URL}
|
|
- SESSION_COOKIE_NAME=${SESSION_COOKIE_NAME}
|
|
- CSRF_COOKIE_NAME=${CSRF_COOKIE_NAME}
|
|
- PAPERLESS_API_URL=${PAPERLESS_API_URL}
|
|
- PAPERLESS_API_TOKEN=${PAPERLESS_API_TOKEN}
|
|
- PAPERLESS_REQUIRED_TAG=${PAPERLESS_REQUIRED_TAG}
|
|
- PAPERLESS_LAND_TAG=${PAPERLESS_LAND_TAG}
|
|
- PAPERLESS_ADMIN_TAG=${PAPERLESS_ADMIN_TAG}
|
|
- PAPERLESS_DESTINATAERE_TAG_ID=${PAPERLESS_DESTINATAERE_TAG_ID}
|
|
- PAPERLESS_LAND_TAG_ID=${PAPERLESS_LAND_TAG_ID}
|
|
- PAPERLESS_ADMIN_TAG_ID=${PAPERLESS_ADMIN_TAG_ID}
|
|
ports:
|
|
- "8081:8000"
|
|
volumes:
|
|
- ./app:/app
|
|
command: ["gunicorn", "core.wsgi:application", "--bind", "0.0.0.0:8000", "--workers", "3"]
|
|
|
|
worker:
|
|
build: ./app
|
|
environment:
|
|
- POSTGRES_DB=${POSTGRES_DB}
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
- DB_HOST=${DB_HOST}
|
|
- DB_PORT=${DB_PORT}
|
|
- DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY}
|
|
- DJANGO_DEBUG=${DJANGO_DEBUG}
|
|
- REDIS_URL=${REDIS_URL}
|
|
depends_on:
|
|
- redis
|
|
- db
|
|
command: ["celery", "-A", "core", "worker", "-l", "info"]
|
|
|
|
beat:
|
|
build: ./app
|
|
environment:
|
|
- POSTGRES_DB=${POSTGRES_DB}
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
- DB_HOST=${DB_HOST}
|
|
- DB_PORT=${DB_PORT}
|
|
- DJANGO_SECRET_KEY=${DJANGO_SECRET_KEY}
|
|
- DJANGO_DEBUG=${DJANGO_DEBUG}
|
|
- REDIS_URL=${REDIS_URL}
|
|
depends_on:
|
|
- redis
|
|
- db
|
|
command: ["celery", "-A", "core", "beat", "-l", "info"]
|
|
|
|
grampsweb:
|
|
image: ghcr.io/gramps-project/grampsweb:latest
|
|
ports:
|
|
- "8090:5000"
|
|
environment:
|
|
- GRAMPSWEB_SECRET_KEY=${GRAMPSWEB_SECRET_KEY}
|
|
- GRAMPSWEB_ADMIN_EMAIL=${GRAMPSWEB_ADMIN_EMAIL}
|
|
- GRAMPSWEB_ADMIN_PASSWORD=${GRAMPSWEB_ADMIN_PASSWORD}
|
|
- GRAMPSWEB_TREE=${GRAMPSWEB_TREE:-Stiftung}
|
|
- GRAMPSWEB_BASE_URL=/ahnenforschung
|
|
- GRAMPSWEB_CELERY_CONFIG__broker_url=redis://redis:6379/0
|
|
- GRAMPSWEB_CELERY_CONFIG__result_backend=redis://redis:6379/0
|
|
- GRAMPSWEB_RATELIMIT_STORAGE_URI=redis://redis:6379/1
|
|
- GRAMPSWEB_NEW_DB_BACKEND=sqlite
|
|
volumes:
|
|
- gramps_data:/app/data
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
|
|
paperless:
|
|
image: ghcr.io/remmerinio/stiftung-management-system-paperless:latest
|
|
ports:
|
|
- "8080:8000"
|
|
environment:
|
|
- PAPERLESS_REDIS=redis://redis:6379
|
|
- PAPERLESS_DBHOST=db
|
|
- PAPERLESS_DBPORT=5432
|
|
- PAPERLESS_DBNAME=${POSTGRES_DB}
|
|
- PAPERLESS_DBUSER=${POSTGRES_USER}
|
|
- PAPERLESS_DBPASS=${POSTGRES_PASSWORD}
|
|
- PAPERLESS_SECRET_KEY=${PAPERLESS_SECRET_KEY}
|
|
- PAPERLESS_URL=https://vhtv-stiftung.de
|
|
- PAPERLESS_ALLOWED_HOSTS=vhtv-stiftung.de,localhost
|
|
- PAPERLESS_CORS_ALLOWED_HOSTS=https://vhtv-stiftung.de
|
|
- PAPERLESS_FORCE_SCRIPT_NAME=/paperless
|
|
- PAPERLESS_STATIC_URL=/paperless/static/
|
|
- PAPERLESS_LOGIN_REDIRECT_URL=/paperless/
|
|
- PAPERLESS_LOGOUT_REDIRECT_URL=/paperless/
|
|
- PAPERLESS_ADMIN_USER=${PAPERLESS_ADMIN_USER}
|
|
- PAPERLESS_ADMIN_PASSWORD=${PAPERLESS_ADMIN_PASSWORD}
|
|
- PAPERLESS_ADMIN_MAIL=${PAPERLESS_ADMIN_MAIL}
|
|
volumes:
|
|
- paperless_data:/usr/src/paperless/data
|
|
- paperless_media:/usr/src/paperless/media
|
|
- paperless_export:/usr/src/paperless/export
|
|
- paperless_consume:/usr/src/paperless/consume
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
|
|
volumes:
|
|
dbdata:
|
|
gramps_data:
|
|
paperless_data:
|
|
paperless_media:
|
|
paperless_export:
|
|
paperless_consume:
|