From b78c7239244743038d6d08c70a61306433194a10 Mon Sep 17 00:00:00 2001 From: Patrick Toal Date: Sun, 19 Nov 2023 15:36:51 -0500 Subject: [PATCH] Start the project --- .vscode/settings.json | 1 + TODO.txt | 4 + files/podman-compose.yml | 831 +++++++++++++++++++++++++++++++++++++++ install.yml | 49 +++ 4 files changed, 885 insertions(+) create mode 100644 .vscode/settings.json create mode 100644 TODO.txt create mode 100644 files/podman-compose.yml create mode 100644 install.yml diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..9e26dfe --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/TODO.txt b/TODO.txt new file mode 100644 index 0000000..2a49913 --- /dev/null +++ b/TODO.txt @@ -0,0 +1,4 @@ +- Build template for ENV file with secrets management +- Deploy podman-compose.yml file (template this, too) +- Build systemd auto-startup +- podman-compose startup. diff --git a/files/podman-compose.yml b/files/podman-compose.yml new file mode 100644 index 0000000..656089e --- /dev/null +++ b/files/podman-compose.yml @@ -0,0 +1,831 @@ +# WARNING! +x-logging: &x-logging + logging: + driver: 'json-file' + options: + max-file: '5' + max-size: '10m' +version: '3' + +services: + traefik: + image: docker.io/traefik:2.9 + container_name: appwrite-traefik + <<: *x-logging + command: + - --providers.file.directory=/storage/config + - --providers.file.watch=true + - --providers.docker=true + - --providers.docker.exposedByDefault=false + - --providers.docker.constraints=Label(`traefik.constraint-label-stack`,`appwrite`) + - --entrypoints.appwrite_web.address=:80 + - --entrypoints.appwrite_websecure.address=:443 + - --accesslog=true + restart: unless-stopped + ports: + - 8080:80 + - 8443:443 + security_opt: + - label=disable + volumes: + - /run/user/1000/podman/podman.sock:/var/run/docker.sock:z + - appwrite-config:/storage/config:ro + - appwrite-certificates:/storage/certificates:ro + depends_on: + - appwrite + networks: + - gateway + - appwrite + + appwrite: + image: docker.io/appwrite/appwrite:1.4.13 + container_name: appwrite + <<: *x-logging + restart: unless-stopped + networks: + - appwrite + labels: + - traefik.enable=true + - traefik.constraint-label-stack=appwrite + - traefik.docker.network=appwrite + - traefik.http.services.appwrite_api.loadbalancer.server.port=80 + #http + - traefik.http.routers.appwrite_api_http.entrypoints=appwrite_web + - traefik.http.routers.appwrite_api_http.rule=PathPrefix(`/`) + - traefik.http.routers.appwrite_api_http.service=appwrite_api + # https + - traefik.http.routers.appwrite_api_https.entrypoints=appwrite_websecure + - traefik.http.routers.appwrite_api_https.rule=PathPrefix(`/`) + - traefik.http.routers.appwrite_api_https.service=appwrite_api + - traefik.http.routers.appwrite_api_https.tls=true + volumes: + - appwrite-uploads:/storage/uploads:rw + - appwrite-cache:/storage/cache:rw + - appwrite-config:/storage/config:rw + - appwrite-certificates:/storage/certificates:rw + - appwrite-functions:/storage/functions:rw + depends_on: + - mariadb + - redis +# - clamav + - influxdb +# entrypoint: +# - php +# - -e +# - app/http.php +# - -dopcache.preload=opcache.preload=/usr/src/code/app/preload.php + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_LOCALE=${_APP_LOCALE} + - _APP_CONSOLE_WHITELIST_ROOT=${_APP_CONSOLE_WHITELIST_ROOT} + - _APP_CONSOLE_WHITELIST_EMAILS=${_APP_CONSOLE_WHITELIST_EMAILS} + - _APP_CONSOLE_WHITELIST_IPS=${_APP_CONSOLE_WHITELIST_IPS} + - _APP_SYSTEM_EMAIL_NAME=${_APP_SYSTEM_EMAIL_NAME} + - _APP_SYSTEM_EMAIL_ADDRESS=${_APP_SYSTEM_EMAIL_ADDRESS} + - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS=${_APP_SYSTEM_SECURITY_EMAIL_ADDRESS} + - _APP_SYSTEM_RESPONSE_FORMAT=${_APP_SYSTEM_RESPONSE_FORMAT} + - _APP_OPTIONS_ABUSE=${_APP_OPTIONS_ABUSE} + - _APP_OPTIONS_ROUTER_PROTECTION=${_APP_OPTIONS_ROUTER_PROTECTION} + - _APP_OPTIONS_FORCE_HTTPS=${_APP_OPTIONS_FORCE_HTTPS} + - _APP_OPTIONS_FUNCTIONS_FORCE_HTTPS=${_APP_OPTIONS_FUNCTIONS_FORCE_HTTPS} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_DOMAIN=${_APP_DOMAIN} + - _APP_DOMAIN_TARGET=${_APP_DOMAIN_TARGET} + - _APP_DOMAIN_FUNCTIONS=${_APP_DOMAIN_FUNCTIONS} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_SMTP_HOST=${_APP_SMTP_HOST} + - _APP_SMTP_PORT=${_APP_SMTP_PORT} + - _APP_SMTP_SECURE=${_APP_SMTP_SECURE} + - _APP_SMTP_USERNAME=${_APP_SMTP_USERNAME} + - _APP_SMTP_PASSWORD=${_APP_SMTP_PASSWORD} + - _APP_USAGE_STATS=${_APP_USAGE_STATS} + - _APP_INFLUXDB_HOST=${_APP_INFLUXDB_HOST} + - _APP_INFLUXDB_PORT=${_APP_INFLUXDB_PORT} + - _APP_STORAGE_LIMIT=${_APP_STORAGE_LIMIT} + - _APP_STORAGE_PREVIEW_LIMIT=${_APP_STORAGE_PREVIEW_LIMIT} + - _APP_STORAGE_ANTIVIRUS=${_APP_STORAGE_ANTIVIRUS} + - _APP_STORAGE_ANTIVIRUS_HOST=${_APP_STORAGE_ANTIVIRUS_HOST} + - _APP_STORAGE_ANTIVIRUS_PORT=${_APP_STORAGE_ANTIVIRUS_PORT} + - _APP_STORAGE_DEVICE=${_APP_STORAGE_DEVICE} + - _APP_STORAGE_S=${_APP_STORAGE_S3_ACCESS_KEY} + - _APP_STORAGE_S=${_APP_STORAGE_S3_SECRET} + - _APP_STORAGE_S=${_APP_STORAGE_S3_REGION} + - _APP_STORAGE_S=${_APP_STORAGE_S3_BUCKET} + - _APP_STORAGE_DO_SPACES_ACCESS_KEY=${_APP_STORAGE_DO_SPACES_ACCESS_KEY} + - _APP_STORAGE_DO_SPACES_SECRET=${_APP_STORAGE_DO_SPACES_SECRET} + - _APP_STORAGE_DO_SPACES_REGION=${_APP_STORAGE_DO_SPACES_REGION} + - _APP_STORAGE_DO_SPACES_BUCKET=${_APP_STORAGE_DO_SPACES_BUCKET} + - _APP_STORAGE_BACKBLAZE_ACCESS_KEY=${_APP_STORAGE_BACKBLAZE_ACCESS_KEY} + - _APP_STORAGE_BACKBLAZE_SECRET=${_APP_STORAGE_BACKBLAZE_SECRET} + - _APP_STORAGE_BACKBLAZE_REGION=${_APP_STORAGE_BACKBLAZE_REGION} + - _APP_STORAGE_BACKBLAZE_BUCKET=${_APP_STORAGE_BACKBLAZE_BUCKET} + - _APP_STORAGE_LINODE_ACCESS_KEY=${_APP_STORAGE_LINODE_ACCESS_KEY} + - _APP_STORAGE_LINODE_SECRET=${_APP_STORAGE_LINODE_SECRET} + - _APP_STORAGE_LINODE_REGION=${_APP_STORAGE_LINODE_REGION} + - _APP_STORAGE_LINODE_BUCKET=${_APP_STORAGE_LINODE_BUCKET} + - _APP_STORAGE_WASABI_ACCESS_KEY=${_APP_STORAGE_WASABI_ACCESS_KEY} + - _APP_STORAGE_WASABI_SECRET=${_APP_STORAGE_WASABI_SECRET} + - _APP_STORAGE_WASABI_REGION=${_APP_STORAGE_WASABI_REGION} + - _APP_STORAGE_WASABI_BUCKET=${_APP_STORAGE_WASABI_BUCKET} + - _APP_FUNCTIONS_SIZE_LIMIT=${_APP_FUNCTIONS_SIZE_LIMIT} + - _APP_FUNCTIONS_TIMEOUT=${_APP_FUNCTIONS_TIMEOUT} + - _APP_FUNCTIONS_BUILD_TIMEOUT=${_APP_FUNCTIONS_BUILD_TIMEOUT} + - _APP_FUNCTIONS_CPUS=${_APP_FUNCTIONS_CPUS} + - _APP_FUNCTIONS_MEMORY=${_APP_FUNCTIONS_MEMORY} + - _APP_FUNCTIONS_RUNTIMES=${_APP_FUNCTIONS_RUNTIMES} + - _APP_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} + - _APP_EXECUTOR_HOST=${_APP_EXECUTOR_HOST} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - _APP_STATSD_HOST=${_APP_STATSD_HOST} + - _APP_STATSD_PORT=${_APP_STATSD_PORT} + - _APP_MAINTENANCE_INTERVAL=${_APP_MAINTENANCE_INTERVAL} + - _APP_MAINTENANCE_RETENTION_EXECUTION=${_APP_MAINTENANCE_RETENTION_EXECUTION} + - _APP_MAINTENANCE_RETENTION_CACHE=${_APP_MAINTENANCE_RETENTION_CACHE} + - _APP_MAINTENANCE_RETENTION_ABUSE=${_APP_MAINTENANCE_RETENTION_ABUSE} + - _APP_MAINTENANCE_RETENTION_AUDIT=${_APP_MAINTENANCE_RETENTION_AUDIT} + - _APP_MAINTENANCE_RETENTION_USAGE_HOURLY=${_APP_MAINTENANCE_RETENTION_USAGE_HOURLY} + - _APP_MAINTENANCE_RETENTION_SCHEDULES=${_APP_MAINTENANCE_RETENTION_SCHEDULES} + - _APP_SMS_PROVIDER=${_APP_SMS_PROVIDER} + - _APP_SMS_FROM=${_APP_SMS_FROM} + - _APP_GRAPHQL_MAX_BATCH_SIZE=${_APP_GRAPHQL_MAX_BATCH_SIZE} + - _APP_GRAPHQL_MAX_COMPLEXITY=${_APP_GRAPHQL_MAX_COMPLEXITY} + - _APP_GRAPHQL_MAX_DEPTH=${_APP_GRAPHQL_MAX_DEPTH} + - _APP_VCS_GITHUB_APP_NAME=${_APP_VCS_GITHUB_APP_NAME} + - _APP_VCS_GITHUB_PRIVATE_KEY=${_APP_VCS_GITHUB_PRIVATE_KEY} + - _APP_VCS_GITHUB_APP_ID=${_APP_VCS_GITHUB_APP_ID} + - _APP_VCS_GITHUB_WEBHOOK_SECRET=${_APP_VCS_GITHUB_WEBHOOK_SECRET} + - _APP_VCS_GITHUB_CLIENT_SECRET=${_APP_VCS_GITHUB_CLIENT_SECRET} + - _APP_VCS_GITHUB_CLIENT_ID=${_APP_VCS_GITHUB_CLIENT_ID} + - _APP_MIGRATIONS_FIREBASE_CLIENT_ID=${_APP_MIGRATIONS_FIREBASE_CLIENT_ID} + - _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET=${_APP_MIGRATIONS_FIREBASE_CLIENT_SECRET} + - _APP_ASSISTANT_OPENAI_API_KEY=${_APP_ASSISTANT_OPENAI_API_KEY} + + appwrite-realtime: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: realtime + container_name: appwrite-realtime + <<: *x-logging + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.constraint-label-stack=appwrite" + - "traefik.docker.network=appwrite" + - "traefik.http.services.appwrite_realtime.loadbalancer.server.port=80" + #ws + - traefik.http.routers.appwrite_realtime_ws.entrypoints=appwrite_web + - traefik.http.routers.appwrite_realtime_ws.rule=PathPrefix(`/v1/realtime`) + - traefik.http.routers.appwrite_realtime_ws.service=appwrite_realtime + # wss + - traefik.http.routers.appwrite_realtime_wss.entrypoints=appwrite_websecure + - traefik.http.routers.appwrite_realtime_wss.rule=PathPrefix(`/v1/realtime`) + - traefik.http.routers.appwrite_realtime_wss.service=appwrite_realtime + - traefik.http.routers.appwrite_realtime_wss.tls=true + networks: + - appwrite + depends_on: + - mariadb + - redis + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPTIONS_ABUSE=${_APP_OPTIONS_ABUSE} + - _APP_OPTIONS_ROUTER_PROTECTION=${_APP_OPTIONS_ROUTER_PROTECTION} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_USAGE_STATS=${_APP_USAGE_STATS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-audits: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-audits + <<: *x-logging + container_name: appwrite-worker-audits + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-webhooks: + entrypoint: worker-webhooks + <<: *x-logging + container_name: appwrite-worker-webhooks + image: docker.io/appwrite/appwrite:1.4.13 + networks: + - appwrite +# volumes: +# - ./app:/usr/src/code/app +# - ./src:/usr/src/code/src + depends_on: + - redis + - mariadb + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS=${_APP_SYSTEM_SECURITY_EMAIL_ADDRESS} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-deletes: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-deletes + <<: *x-logging + container_name: appwrite-worker-deletes + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + volumes: + - appwrite-uploads:/storage/uploads:rw + - appwrite-cache:/storage/cache:rw + - appwrite-functions:/storage/functions:rw + - appwrite-builds:/storage/builds:rw + - appwrite-certificates:/storage/certificates:rw + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_STORAGE_DEVICE=${_APP_STORAGE_DEVICE} + - _APP_STORAGE_S=${_APP_STORAGE_S3_ACCESS_KEY} + - _APP_STORAGE_S=${_APP_STORAGE_S3_SECRET} + - _APP_STORAGE_S=${_APP_STORAGE_S3_REGION} + - _APP_STORAGE_S=${_APP_STORAGE_S3_BUCKET} + - _APP_STORAGE_DO_SPACES_ACCESS_KEY=${_APP_STORAGE_DO_SPACES_ACCESS_KEY} + - _APP_STORAGE_DO_SPACES_SECRET=${_APP_STORAGE_DO_SPACES_SECRET} + - _APP_STORAGE_DO_SPACES_REGION=${_APP_STORAGE_DO_SPACES_REGION} + - _APP_STORAGE_DO_SPACES_BUCKET=${_APP_STORAGE_DO_SPACES_BUCKET} + - _APP_STORAGE_BACKBLAZE_ACCESS_KEY=${_APP_STORAGE_BACKBLAZE_ACCESS_KEY} + - _APP_STORAGE_BACKBLAZE_SECRET=${_APP_STORAGE_BACKBLAZE_SECRET} + - _APP_STORAGE_BACKBLAZE_REGION=${_APP_STORAGE_BACKBLAZE_REGION} + - _APP_STORAGE_BACKBLAZE_BUCKET=${_APP_STORAGE_BACKBLAZE_BUCKET} + - _APP_STORAGE_LINODE_ACCESS_KEY=${_APP_STORAGE_LINODE_ACCESS_KEY} + - _APP_STORAGE_LINODE_SECRET=${_APP_STORAGE_LINODE_SECRET} + - _APP_STORAGE_LINODE_REGION=${_APP_STORAGE_LINODE_REGION} + - _APP_STORAGE_LINODE_BUCKET=${_APP_STORAGE_LINODE_BUCKET} + - _APP_STORAGE_WASABI_ACCESS_KEY=${_APP_STORAGE_WASABI_ACCESS_KEY} + - _APP_STORAGE_WASABI_SECRET=${_APP_STORAGE_WASABI_SECRET} + - _APP_STORAGE_WASABI_REGION=${_APP_STORAGE_WASABI_REGION} + - _APP_STORAGE_WASABI_BUCKET=${_APP_STORAGE_WASABI_BUCKET} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - _APP_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} + - _APP_EXECUTOR_HOST=${_APP_EXECUTOR_HOST} + + appwrite-worker-databases: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-databases + <<: *x-logging + container_name: appwrite-worker-databases + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-builds: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-builds + <<: *x-logging + container_name: appwrite-worker-builds + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + volumes: + - appwrite-functions:/storage/functions:rw + - appwrite-builds:/storage/builds:rw + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} + - _APP_EXECUTOR_HOST=${_APP_EXECUTOR_HOST} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - _APP_VCS_GITHUB_APP_NAME=${_APP_VCS_GITHUB_APP_NAME} + - _APP_VCS_GITHUB_PRIVATE_KEY=${_APP_VCS_GITHUB_PRIVATE_KEY} + - _APP_VCS_GITHUB_APP_ID=${_APP_VCS_GITHUB_APP_ID} + - _APP_FUNCTIONS_TIMEOUT=${_APP_FUNCTIONS_TIMEOUT} + - _APP_FUNCTIONS_BUILD_TIMEOUT=${_APP_FUNCTIONS_BUILD_TIMEOUT} + - _APP_FUNCTIONS_CPUS=${_APP_FUNCTIONS_CPUS} + - _APP_FUNCTIONS_MEMORY=${_APP_FUNCTIONS_MEMORY} + - _APP_FUNCTIONS_SIZE_LIMIT=${_APP_FUNCTIONS_SIZE_LIMIT} + - _APP_OPTIONS_FORCE_HTTPS=${_APP_OPTIONS_FORCE_HTTPS} + - _APP_OPTIONS_FUNCTIONS_FORCE_HTTPS=${_APP_OPTIONS_FUNCTIONS_FORCE_HTTPS} + - _APP_DOMAIN=${_APP_DOMAIN} + - _APP_STORAGE_DEVICE=${_APP_STORAGE_DEVICE} + - _APP_STORAGE_S=${_APP_STORAGE_S3_ACCESS_KEY} + - _APP_STORAGE_S=${_APP_STORAGE_S3_SECRET} + - _APP_STORAGE_S=${_APP_STORAGE_S3_REGION} + - _APP_STORAGE_S=${_APP_STORAGE_S3_BUCKET} + - _APP_STORAGE_DO_SPACES_ACCESS_KEY=${_APP_STORAGE_DO_SPACES_ACCESS_KEY} + - _APP_STORAGE_DO_SPACES_SECRET=${_APP_STORAGE_DO_SPACES_SECRET} + - _APP_STORAGE_DO_SPACES_REGION=${_APP_STORAGE_DO_SPACES_REGION} + - _APP_STORAGE_DO_SPACES_BUCKET=${_APP_STORAGE_DO_SPACES_BUCKET} + - _APP_STORAGE_BACKBLAZE_ACCESS_KEY=${_APP_STORAGE_BACKBLAZE_ACCESS_KEY} + - _APP_STORAGE_BACKBLAZE_SECRET=${_APP_STORAGE_BACKBLAZE_SECRET} + - _APP_STORAGE_BACKBLAZE_REGION=${_APP_STORAGE_BACKBLAZE_REGION} + - _APP_STORAGE_BACKBLAZE_BUCKET=${_APP_STORAGE_BACKBLAZE_BUCKET} + - _APP_STORAGE_LINODE_ACCESS_KEY=${_APP_STORAGE_LINODE_ACCESS_KEY} + - _APP_STORAGE_LINODE_SECRET=${_APP_STORAGE_LINODE_SECRET} + - _APP_STORAGE_LINODE_REGION=${_APP_STORAGE_LINODE_REGION} + - _APP_STORAGE_LINODE_BUCKET=${_APP_STORAGE_LINODE_BUCKET} + - _APP_STORAGE_WASABI_ACCESS_KEY=${_APP_STORAGE_WASABI_ACCESS_KEY} + - _APP_STORAGE_WASABI_SECRET=${_APP_STORAGE_WASABI_SECRET} + - _APP_STORAGE_WASABI_REGION=${_APP_STORAGE_WASABI_REGION} + - _APP_STORAGE_WASABI_BUCKET=${_APP_STORAGE_WASABI_BUCKET} + + appwrite-worker-certificates: + entrypoint: worker-certificates + <<: *x-logging + container_name: appwrite-worker-certificates + image: docker.io/appwrite/appwrite:1.4.13 + networks: + - appwrite + depends_on: + - redis + - mariadb + volumes: + - appwrite-config:/storage/config:rw + - appwrite-certificates:/storage/certificates:rw + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_DOMAIN=${_APP_DOMAIN} + - _APP_DOMAIN_TARGET=${_APP_DOMAIN_TARGET} + - _APP_DOMAIN_FUNCTIONS=${_APP_DOMAIN_FUNCTIONS} + - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS=${_APP_SYSTEM_SECURITY_EMAIL_ADDRESS} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-functions: + entrypoint: worker-functions + <<: *x-logging + container_name: appwrite-worker-functions + image: docker.io/appwrite/appwrite:1.4.13 + networks: + - appwrite + depends_on: + - redis + - mariadb + - openruntimes-executor + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_FUNCTIONS_TIMEOUT=${_APP_FUNCTIONS_TIMEOUT} + - _APP_FUNCTIONS_BUILD_TIMEOUT=${_APP_FUNCTIONS_BUILD_TIMEOUT} + - _APP_FUNCTIONS_CPUS=${_APP_FUNCTIONS_CPUS} + - _APP_FUNCTIONS_MEMORY=${_APP_FUNCTIONS_MEMORY} + - _APP_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} + - _APP_EXECUTOR_HOST=${_APP_EXECUTOR_HOST} + - _APP_USAGE_STATS=${_APP_USAGE_STATS} + - _APP_DOCKER_HUB_USERNAME=${_APP_DOCKER_HUB_USERNAME} + - _APP_DOCKER_HUB_PASSWORD=${_APP_DOCKER_HUB_PASSWORD} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + + appwrite-worker-mails: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-mails + <<: *x-logging + container_name: appwrite-worker-mails + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_SYSTEM_EMAIL_NAME=${_APP_SYSTEM_EMAIL_NAME} + - _APP_SYSTEM_EMAIL_ADDRESS=${_APP_SYSTEM_EMAIL_ADDRESS} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_SMTP_HOST=${_APP_SMTP_HOST} + - _APP_SMTP_PORT=${_APP_SMTP_PORT} + - _APP_SMTP_SECURE=${_APP_SMTP_SECURE} + - _APP_SMTP_USERNAME=${_APP_SMTP_USERNAME} + - _APP_SMTP_PASSWORD=${_APP_SMTP_PASSWORD} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-messaging: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-messaging + <<: *x-logging + container_name: appwrite-worker-messaging + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_SMS_PROVIDER=${_APP_SMS_PROVIDER} + - _APP_SMS_FROM=${_APP_SMS_FROM} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-worker-migrations: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: worker-migrations + <<: *x-logging + container_name: appwrite-worker-migrations + restart: unless-stopped + networks: + - appwrite + depends_on: + - mariadb + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_DOMAIN=${_APP_DOMAIN} + - _APP_DOMAIN_TARGET=${_APP_DOMAIN_TARGET} + - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS=${_APP_SYSTEM_SECURITY_EMAIL_ADDRESS} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - _APP_MIGRATIONS_FIREBASE_CLIENT_ID=${_APP_MIGRATIONS_FIREBASE_CLIENT_ID} + - _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET=${_APP_MIGRATIONS_FIREBASE_CLIENT_SECRET} + + appwrite-maintenance: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: maintenance + <<: *x-logging + container_name: appwrite-maintenance + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_DOMAIN=${_APP_DOMAIN} + - _APP_DOMAIN_TARGET=${_APP_DOMAIN_TARGET} + - _APP_DOMAIN_FUNCTIONS=${_APP_DOMAIN_FUNCTIONS} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_MAINTENANCE_INTERVAL=${_APP_MAINTENANCE_INTERVAL} + - _APP_MAINTENANCE_RETENTION_EXECUTION=${_APP_MAINTENANCE_RETENTION_EXECUTION} + - _APP_MAINTENANCE_RETENTION_CACHE=${_APP_MAINTENANCE_RETENTION_CACHE} + - _APP_MAINTENANCE_RETENTION_ABUSE=${_APP_MAINTENANCE_RETENTION_ABUSE} + - _APP_MAINTENANCE_RETENTION_AUDIT=${_APP_MAINTENANCE_RETENTION_AUDIT} + - _APP_MAINTENANCE_RETENTION_USAGE_HOURLY=${_APP_MAINTENANCE_RETENTION_USAGE_HOURLY} + - _APP_MAINTENANCE_RETENTION_SCHEDULES=${_APP_MAINTENANCE_RETENTION_SCHEDULES} + + appwrite-usage: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: usage + <<: *x-logging + container_name: appwrite-usage + restart: unless-stopped + networks: + - appwrite + depends_on: + - influxdb + - mariadb + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + - _APP_INFLUXDB_HOST=${_APP_INFLUXDB_HOST} + - _APP_INFLUXDB_PORT=${_APP_INFLUXDB_PORT} + - _APP_USAGE_AGGREGATION_INTERVAL=${_APP_USAGE_AGGREGATION_INTERVAL} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_USAGE_STATS=${_APP_USAGE_STATS} + - _APP_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - _APP_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + + appwrite-schedule: + image: docker.io/appwrite/appwrite:1.4.13 + entrypoint: schedule + <<: *x-logging + container_name: appwrite-schedule + restart: unless-stopped + networks: + - appwrite + depends_on: + - mariadb + - redis + environment: + - _APP_ENV=${_APP_ENV} + - _APP_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} + - _APP_OPENSSL_KEY_V1=${_APP_OPENSSL_KEY_V1} + - _APP_REDIS_HOST=${_APP_REDIS_HOST} + - _APP_REDIS_PORT=${_APP_REDIS_PORT} + - _APP_REDIS_USER=${_APP_REDIS_USER} + - _APP_REDIS_PASS=${_APP_REDIS_PASS} + - _APP_DB_HOST=${_APP_DB_HOST} + - _APP_DB_PORT=${_APP_DB_PORT} + - _APP_DB_SCHEMA=${_APP_DB_SCHEMA} + - _APP_DB_USER=${_APP_DB_USER} + - _APP_DB_PASS=${_APP_DB_PASS} + + appwrite-assistant: + image: docker.io/appwrite/assistant:0.2.2 + container_name: appwrite-assistant + restart: unless-stopped + networks: + - appwrite + environment: + - _APP_ASSISTANT_OPENAI_API_KEY=${_APP_ASSISTANT_OPENAI_API_KEY} + + openruntimes-executor: + container_name: openruntimes-executor + hostname: appwrite-executor + <<: *x-logging + restart: unless-stopped + stop_signal: SIGINT + image: docker.io/openruntimes/executor:0.4.5 + networks: + - appwrite + - runtimes + security_opt: + - label=disable + volumes: + - /run/user/1000/podman/podman.sock:/var/run/docker.sock:z + - appwrite-builds:/storage/builds:rw + - appwrite-functions:/storage/functions:rw + # Host mount nessessary to share files between executor and runtimes. + # It's not possible to share mount file between 2 containers without host mount (copying is too slow) + - /home/ptoal/appwrite/tmp:/tmp:z + environment: + - OPR_EXECUTOR_INACTIVE_TRESHOLD=${_APP_FUNCTIONS_INACTIVE_THRESHOLD}} + - OPR_EXECUTOR_MAINTENANCE_INTERVAL=${_APP_FUNCTIONS_MAINTENANCE_INTERVAL} + - OPR_EXECUTOR_NETWORK=${_APP_FUNCTIONS_RUNTIMES_NETWORK} + - OPR_EXECUTOR_DOCKER_HUB_USERNAME=${_APP_DOCKER_HUB_USERNAME} + - OPR_EXECUTOR_DOCKER_HUB_PASSWORD=${_APP_DOCKER_HUB_PASSWORD} + - OPR_EXECUTOR_ENV=${_APP_ENV} + - OPR_EXECUTOR_RUNTIMES=${_APP_FUNCTIONS_RUNTIMES} + - OPR_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} + - OPR_EXECUTOR_RUNTIME_VERSIONS=v2,v3 + - OPR_EXECUTOR_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} + - OPR_EXECUTOR_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} + - OPR_EXECUTOR_STORAGE_DEVICE=${_APP_STORAGE_DEVICE} + - OPR_EXECUTOR_STORAGE_S3_ACCESS_KEY=${_APP_STORAGE_S3_ACCESS_KEY} + - OPR_EXECUTOR_STORAGE_S3_SECRET=${_APP_STORAGE_S3_SECRET} + - OPR_EXECUTOR_STORAGE_S3_REGION=${_APP_STORAGE_S3_REGION} + - OPR_EXECUTOR_STORAGE_S3_BUCKET=${_APP_STORAGE_S3_BUCKET} + - OPR_EXECUTOR_STORAGE_DO_SPACES_ACCESS_KEY=${_APP_STORAGE_DO_SPACES_ACCESS_KEY} + - OPR_EXECUTOR_STORAGE_DO_SPACES_SECRET=${_APP_STORAGE_DO_SPACES_SECRET} + - OPR_EXECUTOR_STORAGE_DO_SPACES_REGION=${_APP_STORAGE_DO_SPACES_REGION} + - OPR_EXECUTOR_STORAGE_DO_SPACES_BUCKET=${_APP_STORAGE_DO_SPACES_BUCKET} + - OPR_EXECUTOR_STORAGE_BACKBLAZE_ACCESS_KEY=${_APP_STORAGE_BACKBLAZE_ACCESS_KEY} + - OPR_EXECUTOR_STORAGE_BACKBLAZE_SECRET=${_APP_STORAGE_BACKBLAZE_SECRET} + - OPR_EXECUTOR_STORAGE_BACKBLAZE_REGION=${_APP_STORAGE_BACKBLAZE_REGION} + - OPR_EXECUTOR_STORAGE_BACKBLAZE_BUCKET=${_APP_STORAGE_BACKBLAZE_BUCKET} + - OPR_EXECUTOR_STORAGE_LINODE_ACCESS_KEY=${_APP_STORAGE_LINODE_ACCESS_KEY} + - OPR_EXECUTOR_STORAGE_LINODE_SECRET=${_APP_STORAGE_LINODE_SECRET} + - OPR_EXECUTOR_STORAGE_LINODE_REGION=${_APP_STORAGE_LINODE_REGION} + - OPR_EXECUTOR_STORAGE_LINODE_BUCKET=${_APP_STORAGE_LINODE_BUCKET} + - OPR_EXECUTOR_STORAGE_WASABI_ACCESS_KEY=${_APP_STORAGE_WASABI_ACCESS_KEY} + - OPR_EXECUTOR_STORAGE_WASABI_SECRET=${_APP_STORAGE_WASABI_SECRET} + - OPR_EXECUTOR_STORAGE_WASABI_REGION=${_APP_STORAGE_WASABI_REGION} + - OPR_EXECUTOR_STORAGE_WASABI_BUCKET=${_APP_STORAGE_WASABI_BUCKET} + +# openruntimes-proxy: +# container_name: openruntimes-proxy +# hostname: proxy +# <<: *x-logging +# stop_signal: SIGINT +# image: docker.io/openruntimes/proxy:0.3.1 +# networks: +# - appwrite +# - runtimes +# environment: +# - OPR_PROXY_WORKER_PER_CORE=${_APP_WORKER_PER_CORE} +# - OPR_PROXY_ENV=${_APP_ENV} +# - OPR_PROXY_EXECUTOR_SECRET=${_APP_EXECUTOR_SECRET} +# - OPR_PROXY_SECRET=${_APP_EXECUTOR_SECRET} +# - OPR_PROXY_LOGGING_PROVIDER=${_APP_LOGGING_PROVIDER} +# - OPR_PROXY_LOGGING_CONFIG=${_APP_LOGGING_CONFIG} +# - OPR_PROXY_ALGORITHM=random +# - OPR_PROXY_EXECUTORS=appwrite-executor +# - OPR_PROXY_HEALTHCHECK_INTERVAL=10000 +# - OPR_PROXY_MAX_TIMEOUT=600 +# - OPR_PROXY_HEALTHCHECK=enabled + + mariadb: + image: docker.io/mariadb:10.7 # fix issues when upgrading using: mysql_upgrade -u root -p + container_name: appwrite-mariadb + <<: *x-logging + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-mariadb:/var/lib/mysql:rw + environment: + - MYSQL_ROOT_PASSWORD=${_APP_DB_ROOT_PASS} + - MYSQL_DATABASE=${_APP_DB_SCHEMA} + - MYSQL_USER=${_APP_DB_USER} + - MYSQL_PASSWORD=${_APP_DB_PASS} + command: 'mysqld --innodb-flush-method=fsync' + + # smtp: + # image: appwrite/smtp:1.2.0 + # container_name: appwrite-smtp + # restart: unless-stopped + # networks: + # - appwrite + # environment: + # - LOCAL_DOMAINS=@ + # - RELAY_FROM_HOSTS=192.168.0.0/16 ; *.yourdomain.com + # - SMARTHOST_HOST=smtp + # - SMARTHOST_PORT=587 + + redis: + image: docker.io/redis:7.0.4-alpine + <<: *x-logging + container_name: appwrite-redis + restart: unless-stopped + command: > + redis-server + --maxmemory 512mb + --maxmemory-policy allkeys-lru + --maxmemory-samples 5 + networks: + - appwrite + volumes: + - appwrite-redis:/data:rw + +# clamav: +# image: docker.io/appwrite/clamav:1.2.0 +# container_name: appwrite-clamav +# networks: +# - appwrite +# volumes: +# - appwrite-uploads:/storage/uploads + + influxdb: + image: docker.io/appwrite/influxdb:1.5.0 + container_name: appwrite-influxdb + <<: *x-logging + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-influxdb:/var/lib/influxdb:rw + + telegraf: + image: docker.io/appwrite/telegraf:1.4.0 + container_name: appwrite-telegraf + <<: *x-logging + restart: unless-stopped + networks: + - appwrite + environment: + - _APP_INFLUXDB_HOST=${_APP_INFLUXDB_HOST} + - _APP_INFLUXDB_PORT=${_APP_INFLUXDB_PORT} + +networks: + gateway: + name: gateway + appwrite: + name: appwrite + runtimes: + name: runtimes + +volumes: + appwrite-mariadb: + appwrite-redis: + appwrite-cache: + appwrite-uploads: + appwrite-certificates: + appwrite-functions: + appwrite-builds: + appwrite-influxdb: + appwrite-config: + # appwrite-chronograf: + diff --git a/install.yml b/install.yml new file mode 100644 index 0000000..e4ce06a --- /dev/null +++ b/install.yml @@ -0,0 +1,49 @@ +--- +- name: Prepare Backend Host for BAB + hosts: bab1.mgmt.toal.ca + become: true + + tasks: + - name: Update all packages to latest + ansible.builtin.dnf: + name: "*" + state: latest + + - name: CodeReady Builder Repo Enabled + community.general.rhsm_repository: + name: "codeready-builder-for-rhel-9-{{ ansible_architecture }}-rpms" + state: enabled + + - name: EPEL GPG Key installed + ansible.builtin.rpm_key: + key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-9 + state: present + fingerprint: 'FF8A D134 4597 106E CE81 3B91 8A38 72BF 3228 467C' + + - name: Dependencies are installed + ansible.builtin.dnf: + name: + - podman + - https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm + state: latest + + - name: podman-compose installed + ansible.builtin.dnf: + name: + - podman-compose + +- name: Userspace setup + hosts: bab1.mgmt.toal.ca + tasks: + + - name: podman socket enabled + ansible.builtin.systemd: + name: podman.socket + scope: user + enabled: true + state: started + + - name: appwrite image pulled from docker hub + containers.podman.podman_image: + name: docker.io/appwrite/appwrite + tag: 1.4.13