forked from wekan/wekan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose-postgresql.yml
244 lines (238 loc) · 10.2 KB
/
docker-compose-postgresql.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
version: '2'
# Docker: Wekan <=> MongoDB <=> ToroDB => PostgreSQL read-only mirroring
# for reporting with SQL, and accessing with any programming language,
# reporting package and Office suite that can connect to PostgreSQL.
# https://github.com/wekan/wekan-postgresql
services:
torodb-stampede:
image: torodb/stampede:1.0.0-SNAPSHOT
networks:
- wekan-tier
links:
- postgres
- mongodb
environment:
- POSTGRES_PASSWORD
- TORODB_SETUP=true
- TORODB_SYNC_SOURCE=mongodb:27017
- TORODB_BACKEND_HOST=postgres
- TORODB_BACKEND_PORT=5432
- TORODB_BACKEND_DATABASE=wekan
- TORODB_BACKEND_USER=wekan
- TORODB_BACKEND_PASSWORD=wekan
- DEBUG
postgres:
image: postgres:9.6
networks:
- wekan-tier
environment:
- POSTGRES_PASSWORD
ports:
- "15432:5432"
mongodb:
image: mongo:3.2
networks:
- wekan-tier
ports:
- "28017:27017"
entrypoint:
- /bin/bash
- "-c"
- mongo --nodb --eval '
var db;
while (!db) {
try {
db = new Mongo("mongodb:27017").getDB("local");
} catch(ex) {}
sleep(3000);
};
rs.initiate({_id:"rs1",members:[{_id:0,host:"mongodb:27017"}]});
' 1>/dev/null 2>&1 &
mongod --replSet rs1
wekan:
image: quay.io/wekan/wekan
container_name: wekan-app
restart: always
networks:
- wekan-tier
ports:
- 80:8080
environment:
- MONGO_URL=mongodb://mongodb:27017/wekan
- ROOT_URL=http://localhost
#---------------------------------------------------------------
# == WEKAN API ==
# Wekan Export Board works when WITH_API='true'.
# If you disable Wekan API, Export Board does not work.
- WITH_API=true
# Optional: Integration with Matomo https://matomo.org that is installed to your server
# The address of the server where Matomo is hosted.
# example: - MATOMO_ADDRESS=https://example.com/matomo
#- MATOMO_ADDRESS=
# The value of the site ID given in Matomo server for Wekan
# example: - MATOMO_SITE_ID=12345
#- MATOMO_SITE_ID=
# The option do not track which enables users to not be tracked by matomo
# example: - MATOMO_DO_NOT_TRACK=false
#- MATOMO_DO_NOT_TRACK=
# The option that allows matomo to retrieve the username:
# example: MATOMO_WITH_USERNAME=true
#- MATOMO_WITH_USERNAME=false
# Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
# Setting this to false is not recommended, it also disables all other browser policy protections
# and allows all iframing etc. See wekan/server/policy.js
- BROWSER_POLICY_ENABLED=true
# When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
#- TRUSTED_URL=
# What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
# example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
#- WEBHOOKS_ATTRIBUTES=
# Enable the OAuth2 connection
# example: OAUTH2_ENABLED=true
#- OAUTH2_ENABLED=false
# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
# OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
# example: OAUTH2_CLIENT_ID=abcde12345
#- OAUTH2_CLIENT_ID=
# OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
# example: OAUTH2_SECRET=54321abcde
#- OAUTH2_SECRET=
# OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
# example: OAUTH2_SERVER_URL=https://chat.example.com
#- OAUTH2_SERVER_URL=
# OAuth2 Authorization Endpoint. Example: /oauth/authorize
# example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize
#- OAUTH2_AUTH_ENDPOINT=
# OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
# example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
#- OAUTH2_USERINFO_ENDPOINT=
# OAuth2 Token Endpoint. Example: /oauth/token
# example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
#- OAUTH2_TOKEN_ENDPOINT=
# LDAP_ENABLE : Enable or not the connection by the LDAP
# example : LDAP_ENABLE=true
#- LDAP_ENABLE=false
# LDAP_PORT : The port of the LDAP server
# example : LDAP_PORT=389
#- LDAP_PORT=389
# LDAP_HOST : The host server for the LDAP server
# example : LDAP_HOST=localhost
#- LDAP_HOST=
# LDAP_BASEDN : The base DN for the LDAP Tree
# example : LDAP_BASEDN=ou=user,dc=example,dc=org
#- LDAP_BASEDN=
# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
# example : LDAP_LOGIN_FALLBACK=true
#- LDAP_LOGIN_FALLBACK=false
# LDAP_RECONNECT : Reconnect to the server if the connection is lost
# example : LDAP_RECONNECT=false
#- LDAP_RECONNECT=true
# LDAP_TIMEOUT : Overall timeout, in milliseconds
# example : LDAP_TIMEOUT=12345
#- LDAP_TIMEOUT=10000
# LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
# example : LDAP_IDLE_TIMEOUT=12345
#- LDAP_IDLE_TIMEOUT=10000
# LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
# example : LDAP_CONNECT_TIMEOUT=12345
#- LDAP_CONNECT_TIMEOUT=10000
# LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
# example : LDAP_AUTHENTIFICATION=true
#- LDAP_AUTHENTIFICATION=false
# LDAP_AUTHENTIFICATION_USERDN : The search user DN
# example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
#- LDAP_AUTHENTIFICATION_USERDN=
# LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
# example : AUTHENTIFICATION_PASSWORD=admin
#- LDAP_AUTHENTIFICATION_PASSWORD=
# LDAP_LOG_ENABLED : Enable logs for the module
# example : LDAP_LOG_ENABLED=true
#- LDAP_LOG_ENABLED=false
# LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
# example : LDAP_BACKGROUND_SYNC=true
#- LDAP_BACKGROUND_SYNC=false
# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
# example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
#- LDAP_BACKGROUND_SYNC_INTERVAL=100
# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
# example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
#- LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
# LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
# example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
#- LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
# LDAP_ENCRYPTION : If using LDAPS
# example : LDAP_ENCRYPTION=ssl
#- LDAP_ENCRYPTION=false
# LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
# example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
#- LDAP_CA_CERT=
# LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
# example : LDAP_REJECT_UNAUTHORIZED=true
#- LDAP_REJECT_UNAUTHORIZED=false
# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
# example : LDAP_USER_SEARCH_FILTER=
#- LDAP_USER_SEARCH_FILTER=
# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
# example : LDAP_USER_SEARCH_SCOPE=one
#- LDAP_USER_SEARCH_SCOPE=
# LDAP_USER_SEARCH_FIELD : Which field is used to find the user
# example : LDAP_USER_SEARCH_FIELD=uid
#- LDAP_USER_SEARCH_FIELD=
# LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
# example : LDAP_SEARCH_PAGE_SIZE=12345
#- LDAP_SEARCH_PAGE_SIZE=0
# LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
# example : LDAP_SEARCH_SIZE_LIMIT=12345
#- LDAP_SEARCH_SIZE_LIMIT=0
# LDAP_GROUP_FILTER_ENABLE : Enable group filtering
# example : LDAP_GROUP_FILTER_ENABLE=true
#- LDAP_GROUP_FILTER_ENABLE=false
# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
# example : LDAP_GROUP_FILTER_OBJECTCLASS=group
#- LDAP_GROUP_FILTER_OBJECTCLASS=
# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
# example :
#- LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
# example :
#- LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
# example :
#- LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
# LDAP_GROUP_FILTER_GROUP_NAME :
# example :
#- LDAP_GROUP_FILTER_GROUP_NAME=
# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
# example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
#- LDAP_UNIQUE_IDENTIFIER_FIELD=
# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
# example : LDAP_UTF8_NAMES_SLUGIFY=false
#- LDAP_UTF8_NAMES_SLUGIFY=true
# LDAP_USERNAME_FIELD : Which field contains the ldap username
# example : LDAP_USERNAME_FIELD=username
#- LDAP_USERNAME_FIELD=
# LDAP_MERGE_EXISTING_USERS :
# example : LDAP_MERGE_EXISTING_USERS=true
#- LDAP_MERGE_EXISTING_USERS=false
# LDAP_SYNC_USER_DATA :
# example : LDAP_SYNC_USER_DATA=true
#- LDAP_SYNC_USER_DATA=false
# LDAP_SYNC_USER_DATA_FIELDMAP :
# example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
#- LDAP_SYNC_USER_DATA_FIELDMAP=
# LDAP_SYNC_GROUP_ROLES :
# example :
#- LDAP_SYNC_GROUP_ROLES=
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
# example :
#- LDAP_DEFAULT_DOMAIN=
depends_on:
- mongodb
volumes:
mongodb:
driver: local
mongodb-dump:
driver: local
networks:
wekan-tier:
driver: bridge