diff --git a/templates/compose/ente.yaml b/templates/compose/ente.yaml index a0c940f87..78ca81418 100644 --- a/templates/compose/ente.yaml +++ b/templates/compose/ente.yaml @@ -3,112 +3,60 @@ # category: media # tags: photos, backup, encryption, sharing, privacy, media, storage, encryption, minio, postgresql # logo: svgs/ente.png -# port: 8081 3000, 3001, 3002, 3003, 3004, 3200 services: museum: image: ghcr.io/ente-io/server:latest - ports: - - 8081:8080 environment: - SERVICE_URL_MUSEUM_8081: ${SERVICE_URL_MUSEUM_8081:-http://localhost:8081} + - SERVICE_URL_MUSEUM_8080 - ENTE_HTTP_USE_TLS: ${ENTE_HTTP_USE_TLS:-false} + - ENTE_HTTP_USE_TLS=${ENTE_HTTP_USE_TLS:-false} - ENTE_APPS_PUBLIC_ALBUMS: ${SERVICE_URL_WEB_3002:-http://localhost:3002} - ENTE_APPS_CAST: ${SERVICE_URL_WEB_3004:-http://localhost:3004} - ENTE_APPS_ACCOUNTS: ${SERVICE_URL_WEB_3001:-http://localhost:3001} - ENTE_APPS_PUBLIC_LOCKER: ${SERVICE_URL_WEB_3003:-http://localhost:3003} - ENTE_APPS_CUSTOM_DOMAIN_CNAME: ${ENTE_APPS_CUSTOM_DOMAIN_CNAME} + - ENTE_APPS_PUBLIC_ALBUMS=${SERVICE_URL_WEB_3002} + - ENTE_APPS_CAST=${SERVICE_URL_WEB_3004} + - ENTE_APPS_ACCOUNTS=${SERVICE_URL_WEB_3001} - ENTE_DB_HOST: ${ENTE_DB_HOST:-postgres} - ENTE_DB_PORT: ${ENTE_DB_PORT:-5432} - ENTE_DB_NAME: ${ENTE_DB_NAME:-ente_db} - ENTE_DB_SSLMODE: ${ENTE_DB_SSLMODE:-disable} - ENTE_DB_USER: ${SERVICE_USER_POSTGRES:-pguser} - ENTE_DB_PASSWORD: ${SERVICE_PASSWORD_POSTGRES} + - ENTE_DB_HOST=${ENTE_DB_HOST:-postgres} + - ENTE_DB_PORT=${ENTE_DB_PORT:-5432} + - ENTE_DB_NAME=${ENTE_DB_NAME:-ente_db} + - ENTE_DB_USER=${SERVICE_USER_POSTGRES:-pguser} + - ENTE_DB_PASSWORD=${SERVICE_PASSWORD_POSTGRES} - ENTE_KEY_ENCRYPTION: ${MUSEUM_ENCRYPTION_KEY} - ENTE_KEY_HASH: ${MUSEUM_HASH_KEY} + - ENTE_KEY_ENCRYPTION=${SERVICE_REALBASE64_ENCRYPTION} + - ENTE_KEY_HASH=${SERVICE_REALBASE64_64_HASH} - ENTE_JWT_SECRET: ${MUSEUM_JWT_KEY} + - ENTE_JWT_SECRET=${SERVICE_REALBASE64_JWT} - ENTE_INTERNAL_SILENT: ${ENTE_INTERNAL_SILENT:-false} - ENTE_INTERNAL_HEALTH_CHECK_URL: ${ENTE_INTERNAL_HEALTH_CHECK_URL} - ENTE_INTERNAL_HARDCODED_OTT_EMAILS: ${ENTE_INTERNAL_HARDCODED_OTT_EMAIL} - ENTE_INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_SUFFIX: ${ENTE_INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_SUFFIX} - ENTE_INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_VALUE: ${ENTE_INTERNAL_HARDCODED_OTT_LOCAL_DOMAIN_VALUE} - ENTE_INTERNAL_ADMINS: ${ENTE_INTERNAL_ADMINS} - ENTE_INTERNAL_ADMIN: 1580559962386438 - ENTE_INTERNAL_DISABLE_REGISTRATION: ${ENTE_INTERNAL_DISABLE_REGISTRATION:-false} + - ENTE_INTERNAL_ADMIN=${ENTE_INTERNAL_ADMIN:-1580559962386438} + - ENTE_INTERNAL_DISABLE_REGISTRATION=${ENTE_INTERNAL_DISABLE_REGISTRATION:-false} - ENTE_S3_ARE_LOCAL_BUCKETS: ${ENTE_S3_ARE_LOCAL_BUCKETS:-true} - ENTE_S3_USE_PATH_STYLE_URLS: ${ENTE_S3_USE_PATH_STYLE_URLS:-true} - - ENTE_S3_B2_EU_CEN_KEY: ${SERVICE_USER_MINIO} - ENTE_S3_B2_EU_CEN_SECRET: ${SERVICE_PASSWORD_MINIO} - ENTE_S3_B2_EU_CEN_ENDPOINT: ${SERVICE_URL_MINIO}:3200 - ENTE_S3_B2_EU_CEN_REGION: ${PRIMARY_STORAGE_REGION:-eu-central-2} - ENTE_S3_B2_EU_CEN_BUCKET: ${PRIMARY_STORAGE_BUCKET:-b2-eu-cen} - ENTE_S3_B2_EU_CEN_ARE_LOCAL_BUCKETS: ${PRIMARY_STORAGE_ARE_LOCAL_BUCKETS:-false} - ENTE_S3_B2_EU_CEN_USE_PATH_STYLE_URLS: ${PRIMARY_STORAGE_USE_PATH_STYLE_URLS:-false} - - ENTE_S3_WASABI_EU_CENTRAL_2_V3_KEY: ${SERVICE_USER_MINIO} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_SECRET: ${SERVICE_PASSWORD_MINIO} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_ENDPOINT: ${SERVICE_URL_MINIO}:3200 - ENTE_S3_WASABI_EU_CENTRAL_2_V3_REGION: ${SECONDARY_STORAGE_REGION:-eu-central-2} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_BUCKET: ${SECONDARY_STORAGE_BUCKET:-wasabi-eu-central-2-v3} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_ARE_LOCAL_BUCKETS: ${SECONDARY_STORAGE_ARE_LOCAL_BUCKETS:-false} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_USE_PATH_STYLE_URLS: ${SECONDARY_STORAGE_USE_PATH_STYLE_URLS:-false} - ENTE_S3_WASABI_EU_CENTRAL_2_V3_COMPLIANCE: ${SECONDARY_STORAGE_COMPLIANCE:-true} - - ENTE_S3_SCW_EU_FR_V3_KEY: ${SERVICE_USER_MINIO} - ENTE_S3_SCW_EU_FR_V3_SECRET: ${SERVICE_PASSWORD_MINIO} - ENTE_S3_SCW_EU_FR_V3_ENDPOINT: ${SERVICE_URL_MINIO}:3200 - ENTE_S3_SCW_EU_FR_V3_REGION: ${SECONDARY_STORAGE_REGION:-eu-central-2} - ENTE_S3_SCW_EU_FR_V3_BUCKET: ${COLD_STORAGE_BUCKET:-scw-eu-fr-v3} - ENTE_S3_SCW_EU_FR_V3_ARE_LOCAL_BUCKETS: ${COLD_STORAGE_ARE_LOCAL_BUCKETS:-true} - ENTE_S3_SCW_EU_FR_V3_USE_PATH_STYLE_URLS: ${COLD_STORAGE_USE_PATH_STYLE_URLS:-true} + - ENTE_S3_B2_EU_CEN_ARE_LOCAL_BUCKETS=${PRIMARY_STORAGE_ARE_LOCAL_BUCKETS:-false} + - ENTE_S3_B2_EU_CEN_USE_PATH_STYLE_URLS=${PRIMARY_STORAGE_USE_PATH_STYLE_URLS:-true} + - ENTE_S3_B2_EU_CEN_KEY=${S3_STORAGE_KEY:?} + - ENTE_S3_B2_EU_CEN_SECRET=${S3_STORAGE_SECRET:?} + - ENTE_S3_B2_EU_CEN_ENDPOINT=${S3_STORAGE_ENDPOINT:?} + - ENTE_S3_B2_EU_CEN_REGION=${S3_STORAGE_REGION:us-east-1} + - ENTE_S3_B2_EU_CEN_BUCKET=${S3_STORAGE_BUCKET:?} depends_on: postgres: condition: service_healthy - minio: - condition: service_healthy volumes: - museum-data:/data:rw healthcheck: - test: ["CMD", "curl", "--fail", "http://localhost:8081/ping"] + test: ["CMD", "wget", "-qO-", "http://localhost:8080/ping"] interval: 60s timeout: 5s retries: 3 start_period: 10s restart: unless-stopped - networks: - - ente-network - - socat: - image: alpine/socat - network_mode: service:museum - depends_on: [museum] - command: "TCP-LISTEN:3200,fork,reuseaddr TCP:minio:3200" - restart: unless-stopped web: image: ghcr.io/ente-io/web - # ports: - # - 3000:3000 # Photos web app - # - 3001:3001 # Accounts - # - 3002:3002 # Public albums - # - 3003:3003 # Auth - # - 3004:3004 # Cast environment: - ENTE_API_ORIGIN: ${SERVICE_URL_MUSEUM:-http://localhost}:8081 - SERVICE_URL_WEB_3000: ${SERVICE_URL_WEB_3000:-http://localhost:3000} - ENTE_ALBUMS_ORIGIN: ${SERVICE_URL_WEB_3002:-http://localhost:3002} - SERVICE_URL_WEB_3001: ${SERVICE_URL_WEB_3001:-http://localhost:3001} - SERVICE_URL_WEB_3003: ${SERVICE_URL_WEB_3003:-http://localhost:3003} - SERVICE_URL_WEB_3004: ${SERVICE_URL_WEB_3004:-http://localhost:3004} + - SERVICE_URL_WEB_3000 + - ENTE_API_ORIGIN=${SERVICE_URL_MUSEUM} + - ENTE_ALBUMS_ORIGIN=${SERVICE_URL_WEB_3002} restart: unless-stopped healthcheck: @@ -117,8 +65,6 @@ services: timeout: 10s retries: 3 start_period: 10s - networks: - - ente-network postgres: image: postgres:15 @@ -129,61 +75,13 @@ services: volumes: - postgres-data:/var/lib/postgresql/data healthcheck: - test: - [ - "CMD-SHELL", - "pg_isready -U ${SERVICE_USER_POSTGRES:-pguser} -d ${SERVICE_DB_NAME:-ente_db}", - ] + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"] interval: 10s timeout: 5s retries: 5 start_period: 30s restart: unless-stopped - networks: - - ente-network - - minio: - image: minio/minio - ports: - - 3200:3200 - environment: - SERVICE_URL_MINIO_3200: ${SERVICE_URL_MINIO_3200} - MINIO_ROOT_USER: ${SERVICE_USER_MINIO} - MINIO_ROOT_PASSWORD: ${SERVICE_PASSWORD_MINIO} - command: server /data --address ":3200" --console-address ":3201" - volumes: - - minio-data:/data - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:3200/minio/health/live"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 30s - post_start: - - command: | - sh -c ' - #!/bin/sh - - while ! mc alias set h0 http://minio:3200 ${SERVICE_USER_MINIO} ${SERVICE_PASSWORD_MINIO} 2>/dev/null - do - echo "Waiting for minio..." - sleep 0.5 - done - - cd /data - - mc mb -p b2-eu-cen - mc mb -p wasabi-eu-central-2-v3 - mc mb -p scw-eu-fr-v3 - ' - networks: - - ente-network volumes: postgres-data: - minio-data: museum-data: - -networks: - ente-network: - name: ente-network