##// END OF EJS Templates
rhodecode-enterprise-docker
RSS
docker: multiple changes...
super-admin -
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,5 b''
1 # basic auth for traefik middleware.
2 # format here is <user>:<bcrypt_password>
3 # to generate bcrypt password one can use
4 # curl --verbose --request POST --data "password=XlokiAuth101&cost=10" https://www.toptal.com/developers/bcrypt/api/generate-hash.json
5 loki-auth:$2b$10$U8Cui8cO9ZXehYV.7atv8uPuA6rBVrA.Mxzvt8EsdheztkyXZagv6
Show file before | Show file after | Hide comments
@@ -0,0 +1,30 b''
1
2 ## Setting up the middleware for redirect to https ##
3 ## This is mounted in /etc/traefik_dynamic dir
4
5 http:
6
7 middlewares:
8
9 https-redirect:
10 redirectScheme:
11 scheme: https
12 # permanent: true
13
14 middlewares-rate-limit:
15 rateLimit:
16 average: 100
17 burst: 50
18
19 basic-auth:
20 basicAuth:
21 usersfile: /etc/traefik_dynamic/.htpasswd
22
23 # Dynamic configuration for standard file based SSL cert
24 # create a custom copy of the traefik into .custom/ and remount this
25 # to enable custom certificates
26 #tls:
27 # certificates:
28 # # first certificate
29 # - certFile: /etc/traefik/certs/yourdomain-com.cert
30 # keyFile: /etc/traefik/certs/yourdomain-com.key
Show file before | Show file after | Hide comments
@@ -0,0 +1,18 b''
1 TO Enable SSL, uncomment the traefik entrypoints labels in .custom folder docmpose overrides files.
2
3 Those files are:
4 - docker-compose-apps.override.yaml
5 - docker-compose-metrics.override.yaml
6 - docker-compose-router.override.yaml
7 - docker-compose-services.override.yaml
8
9 Search for `# Enable http+https endpoints` comment, and uncomment specific
10 label. For example to enable ssl mode for RhodeCode:
11
12 service:
13 rhodecode:
14 labels: <-- this section was uncommented
15 # Enable http+https endpoints to serve SSL, select just 1 to disable the other
16 - "traefik.http.routers.rhodecode.entrypoints=http,https"
17
18 Now the service will work on both http and https, to disable plain mode leave only https entrypoint No newline at end of file
Show file before | Show file after | Hide comments
@@ -100,7 +100,7 b' Those are step-by-step installation/run steps.'
100
100
101 ---
101 ---
102 CONTAINER ID IMAGE STATUS NAMES PORTS
102 CONTAINER ID IMAGE STATUS NAMES PORTS
103 ef54fc528e3a traefik:v2.9.5 Up 19 hours rc_cluster_router-traefik-1 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:3022->3022/tcp, :::3022->3022/tcp
103 ef54fc528e3a traefik:v2.9.5 Up 19 hours rc_cluster_router-traefik-1 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:9022->9022/tcp, :::9022->9022/tcp
104 f3ea0539e8b0 rhodecode/rhodecode-ee:4.28.0 Up About a minute (healthy) rc_cluster_apps-rhodecode-1 0.0.0.0:10020->10020/tcp, :::10020->10020/tcp
104 f3ea0539e8b0 rhodecode/rhodecode-ee:4.28.0 Up About a minute (healthy) rc_cluster_apps-rhodecode-1 0.0.0.0:10020->10020/tcp, :::10020->10020/tcp
105 2be52ba58ffe rhodecode/rhodecode-ee:4.28.0 Up About a minute (healthy) rc_cluster_apps-vcsserver-1
105 2be52ba58ffe rhodecode/rhodecode-ee:4.28.0 Up About a minute (healthy) rc_cluster_apps-vcsserver-1
106 7cd730ad3263 rhodecode/rhodecode-ee:4.28.0 Up About a minute rc_cluster_apps-celery-1
106 7cd730ad3263 rhodecode/rhodecode-ee:4.28.0 Up About a minute rc_cluster_apps-celery-1
Show file before | Show file after | Hide comments
@@ -1,37 +1,3 b''
1 # read more here http://tautt.com/best-nginx-configuration-for-security/
2
3 # config to don't allow the browser to render the page inside an frame or iframe
4 # and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
5 # if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
6 # https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
7 #add_header X-Frame-Options SAMEORIGIN;
8
9 # when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
10 # to disable content-type sniffing on some browsers.
11 # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
12 # currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx
13 # http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx
14 # 'soon' on Firefox https://bugzilla.mozilla.org/show_bug.cgi?id=471020
15 #add_header X-Content-Type-Options nosniff;
16
17 # This header enables the Cross-site scripting (XSS) filter built into most recent web browsers.
18 # It's usually enabled by default anyway, so the role of this header is to re-enable the filter for
19 # this particular website if it was disabled by the user.
20 # https://www.owasp.org/index.php/List_of_useful_HTTP_headers
21 #add_header X-XSS-Protection "1; mode=block";
22
23 # with Content Security Policy (CSP) enabled(and a browser that supports it(http://caniuse.com/#feat=contentsecuritypolicy),
24 # you can tell the browser that it can only download content from the domains you explicitly allow
25 # http://www.html5rocks.com/en/tutorials/security/content-security-policy/
26 # https://www.owasp.org/index.php/Content_Security_Policy
27 # I need to change our application code so we can increase security by disabling 'unsafe-inline' 'unsafe-eval'
28 # directives for css and js(if you have inline css or js, you will need to keep it too).
29 # more: http://www.html5rocks.com/en/tutorials/security/content-security-policy/#inline-code-considered-harmful
30 #add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'";
31
32 ## rate limiter for certain pages to prevent brute force attacks
33 limit_req_zone $binary_remote_addr zone=http_req_limit:10m rate=1r/s;
34
35 ## custom log format
1 ## custom log format
36 log_format http_log_custom '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time $upstream_response_time $pipe';
2 log_format http_log_custom '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time $upstream_response_time $pipe';
37
3
@@ -58,8 +24,8 b' log_format json_log_custom escape=json'
58 server {
24 server {
59 listen 80 default;
25 listen 80 default;
60 # ensure we get the proper Docker DNS resolver for load balancing.
26 # ensure we get the proper Docker DNS resolver for load balancing.
61 resolver 127.0.0.11 ipv6=off valid=10s;
27 resolver 127.0.0.11 ipv6=off valid=10s;
62 server_name localhost 127.0.0.1;
28 server_name localhost 127.0.0.1;
63 access_log /dev/stdout json_log_custom;
29 access_log /dev/stdout json_log_custom;
64 error_log /dev/stdout;
30 error_log /dev/stdout;
65
31
@@ -89,50 +55,6 b' server {'
89 alias /var/opt/rhodecode_data/static;
55 alias /var/opt/rhodecode_data/static;
90 }
56 }
91
57
92 ## channelstream location handler, if channelstream live chat and notifications
93 ## are enable this will proxy the requests to channelstream websocket server
94 set $upstream_channelstream channelstream:8000;
95 location /_channelstream {
96 rewrite /_channelstream/(.*) /$1 break;
97 gzip off;
98 tcp_nodelay off;
99
100 proxy_connect_timeout 10;
101 proxy_send_timeout 10m;
102 proxy_read_timeout 10m;
103
104 proxy_set_header Host $host;
105 proxy_set_header Referer $http_referer;
106 proxy_set_header X-Url-Scheme $scheme;
107 proxy_set_header X-Real-IP $remote_addr;
108 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
109 proxy_set_header X-Forwarded-Proto $scheme;
110
111 proxy_http_version 1.1;
112 proxy_set_header Upgrade $http_upgrade;
113 proxy_set_header Connection "upgrade";
114
115 proxy_pass http://$upstream_channelstream;
116 proxy_redirect http://$upstream_channelstream/ /_channelstream;
117 }
118
119 # ## rate limit this endpoint to prevent login page brute-force attacks
120 # location /_admin/login {
121 # limit_req zone=http_req_limit burst=10 nodelay;
122 # try_files $uri @rhodecode_http;
123 # }
124
125 # location / {
126 # include /etc/nginx/proxy.conf;
127 # try_files $uri @rhodecode_http;
128 # }
129 #
130 # set $upstream http://rhodecode:10020;
131 # location @rhodecode_http {
132 # include /etc/nginx/proxy.conf;
133 # proxy_pass $upstream;
134 # }
135
136 ## Custom 502 error page.
58 ## Custom 502 error page.
137 ## Will be displayed while RhodeCode server is turned off
59 ## Will be displayed while RhodeCode server is turned off
138 error_page 502 /502.html;
60 error_page 502 /502.html;
Show file before | Show file after | Hide comments
@@ -1,14 +1,24 b''
1 ## Static configuration, needs traefik reload
1 ## Static configuration, needs traefik reload
2
2
3 global:
4 checkNewVersion: false
5
6 serversTransport:
7 #this disables SSL certificate verification for legacy own cert services like NextCloud etc
8 insecureSkipVerify: true
9
3 entryPoints:
10 entryPoints:
11
4 http:
12 http:
5 address: ":80"
13 address: ":80"
6
14
7 https:
15 https:
8 address: ":443"
16 address: ":443"
17 http:
18 tls: {}
9
19
10 ssh:
20 ssh:
11 address: ":${RC_SSH_PORT:?must-specify-ssh-port}"
21 address: ":9022"
12
22
13 loki:
23 loki:
14 address: ":3100"
24 address: ":3100"
@@ -29,19 +39,12 b' log:'
29 metrics:
39 metrics:
30 prometheus: {}
40 prometheus: {}
31
41
32
33 providers:
42 providers:
34 docker:
43 docker:
35 exposedByDefault: false
44 exposedByDefault: false
36 swarmMode: false
45 swarmMode: false
37 endpoint: "unix:///var/run/docker.sock"
46 endpoint: "unix:///var/run/docker.sock"
38 watch: true
47 watch: true
39
40 file:
48 file:
41 filename: "/etc/traefik/traefik_dynamic.yaml"
49 directory: "/etc/traefik_dynamic"
42 watch: true
50 watch: true
43
44
45 serversTransport:
46 #this disables SSL certificate verification for legacy own cert services like NextCloud etc
47 insecureSkipVerify: true
Show file before | Show file after | Hide comments
@@ -96,15 +96,12 b' services:'
96 - "autoheal=true"
96 - "autoheal=true"
97 - "traefik.enable=true"
97 - "traefik.enable=true"
98 - "traefik.http.routers.rhodecode.entrypoints=http"
98 - "traefik.http.routers.rhodecode.entrypoints=http"
99 - "traefik.http.routers.rhodecode.priority=10"
99 - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
100 - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
100 - "traefik.http.routers.rhodecode.service=rhodecode-web"
101 - "traefik.http.routers.rhodecode.service=rhodecode-web"
101 - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020"
102 - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020"
102 # SSL + proxy prefix example, should be put into .custom/docker-compose-apps.override.yaml
103 # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml
103 #- "traefik.http.routers.rhodecode-rt.entrypoints=https"
104 #- "traefik.http.routers.rhodecode.entrypoints=http,https"
104 #- "traefik.http.routers.rhodecode-rt.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)"
105 #- "traefik.http.routers.rhodecode-rt.tls=true"
106 #- "traefik.http.routers.rhodecode-rt.service=rhodecode-ssl"
107 #- "traefik.http.services.rhodecode-ssl.loadbalancer.server.port=10020"
108
105
109 vcsserver:
106 vcsserver:
110 networks:
107 networks:
@@ -205,8 +202,6 b' services:'
205 logging:
202 logging:
206 *custom-logging
203 *custom-logging
207
204
208 labels:
209 - "traefik.enable=false"
210
205
211 celery-beat:
206 celery-beat:
212 # This service is not scalable
207 # This service is not scalable
@@ -252,8 +247,6 b' services:'
252 logging:
247 logging:
253 *custom-logging
248 *custom-logging
254
249
255 labels:
256 - "traefik.enable=false"
257
250
258 svn:
251 svn:
259 networks:
252 networks:
@@ -332,7 +325,7 b' services:'
332
325
333 # ports:
326 # ports:
334 # # set from .env file
327 # # set from .env file
335 # - "${RC_SSH_PORT:?must-specify-ssh-port}:22"
328 # - "9022:22"
336
329
337 volumes:
330 volumes:
338 - confvolume:/etc/rhodecode/conf
331 - confvolume:/etc/rhodecode/conf
@@ -349,4 +342,4 b' services:'
349 - "traefik.http.routers.sshd.entrypoints=ssh"
342 - "traefik.http.routers.sshd.entrypoints=ssh"
350 - "traefik.http.routers.sshd.rule=Host(`*`)"
343 - "traefik.http.routers.sshd.rule=Host(`*`)"
351 - "traefik.http.routers.sshd.service=rhodecode-ssh"
344 - "traefik.http.routers.sshd.service=rhodecode-ssh"
352 - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=${RC_SSH_PORT:?must-specify-ssh-port}"
345 - "traefik.http.services.rhodecode-ssh.loadbalancer.server.port=22"
Show file before | Show file after | Hide comments
@@ -94,15 +94,12 b' services:'
94 labels:
94 labels:
95 - "traefik.enable=true"
95 - "traefik.enable=true"
96 - "traefik.http.routers.grafana.entrypoints=http"
96 - "traefik.http.routers.grafana.entrypoints=http"
97 - "traefik.http.routers.grafana.rule=PathPrefix(`/_grafana`)"
97 - "traefik.http.routers.grafana.priority=20"
98 - "traefik.http.routers.grafana.service=grafana-http"
98 - "traefik.http.routers.grafana.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_grafana`)"
99 - "traefik.http.services.grafana-http.loadbalancer.server.port=3000"
99 - "traefik.http.routers.grafana.service=grafana-web"
100 - "traefik.http.services.grafana-web.loadbalancer.server.port=3000"
100 # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml
101 # SSL + proxy prefix example, should be put into .custom/docker-compose-metrics.override.yaml
101 #- "traefik.http.routers.grafana-rt.entrypoints=https"
102 #- "traefik.http.routers.grafana.entrypoints=http,https"
102 #- "traefik.http.routers.grafana-rt.rule=Host(`metrics.example.com`) && PathPrefix(`/_grafana`)"
103 #- "traefik.http.routers.grafana-rt.tls=true"
104 #- "traefik.http.routers.grafana-rt.service=grafana-ssl"
105 #- "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000"
106
103
107 loki:
104 loki:
108 image: grafana/loki:2.7.1
105 image: grafana/loki:2.7.1
@@ -128,8 +125,8 b' services:'
128 - "traefik.http.routers.loki.entrypoints=loki"
125 - "traefik.http.routers.loki.entrypoints=loki"
129 - "traefik.http.routers.loki.rule=PathPrefix(`/`)"
126 - "traefik.http.routers.loki.rule=PathPrefix(`/`)"
130 - "traefik.http.routers.loki.middlewares=basic-auth@file"
127 - "traefik.http.routers.loki.middlewares=basic-auth@file"
131 - "traefik.http.routers.loki.service=loki-http"
128 - "traefik.http.routers.loki.service=loki-web"
132 - "traefik.http.services.loki-http.loadbalancer.server.port=3100"
129 - "traefik.http.services.loki-web.loadbalancer.server.port=3100"
133
130
134 promtail:
131 promtail:
135 image: grafana/promtail:2.7.1
132 image: grafana/promtail:2.7.1
Show file before | Show file after | Hide comments
@@ -23,14 +23,15 b' services:'
23 - "80:80"
23 - "80:80"
24 # The HTTPS port, exposed as https entrypoint
24 # The HTTPS port, exposed as https entrypoint
25 - "443:443"
25 - "443:443"
26 # The loki port, exposed as http entrypoint behind auth
26 # The loki port, exposed as loki entrypoint behind auth
27 - "3100:3100"
27 - "3100:3100"
28 # The SSH port
28 # The SSH port exposed as sshd entrypoint, default 9022
29 - "${RC_SSH_PORT}:${RC_SSH_PORT}"
29 - "${RC_SSH_PORT:-9022}:${RC_SSH_PORT:-9022}"
30 volumes:
30 volumes:
31 # So that Traefik can listen to the Docker events
31 # So that Traefik can listen to the Docker events
32 - /var/run/docker.sock:/var/run/docker.sock
32 - /var/run/docker.sock:/var/run/docker.sock
33 - ./config/traefik:/etc/traefik
33 - ./config/traefik:/etc/traefik
34 - ./config/traefik/dynamic:/etc/traefik_dynamic
34 deploy:
35 deploy:
35 placement:
36 placement:
36 constraints:
37 constraints:
Show file before | Show file after | Hide comments
@@ -41,7 +41,7 b' services:'
41 restart: always
41 restart: always
42
42
43 # ports:
43 # ports:
44 # - "127.0.0.1:9800:9800"
44 # - "127.0.0.1:8000:8000"
45 env_file:
45 env_file:
46 - ${RC_ENV_FILE:?must-specify-rc-env-file}
46 - ${RC_ENV_FILE:?must-specify-rc-env-file}
47 command: ["channelstream"]
47 command: ["channelstream"]
@@ -60,9 +60,16 b' services:'
60 *custom-logging
60 *custom-logging
61
61
62 labels:
62 labels:
63 - "traefik.enable=false"
63 - "traefik.enable=true"
64 #- "traefik.http.routers.channelstream.entrypoints=http"
64 - "traefik.http.routers.channelstream.entrypoints=http"
65 #- "traefik.http.services.channelstream.loadbalancer.server.port=9800"
65 - "traefik.http.routers.channelstream.priority=20"
66 - "traefik.http.routers.channelstream.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_channelstream`)"
67 - "traefik.http.routers.channelstream.service=channelstream-web"
68 - "traefik.http.routers.channelstream.middlewares=strip-cs"
69 - "traefik.http.middlewares.strip-cs.stripprefix.prefixes=/_channelstream"
70 - "traefik.http.services.channelstream-web.loadbalancer.server.port=8000"
71 # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml
72 #- "traefik.http.routers.channelstream.entrypoints=http,https"
66
73
67 profiles:
74 profiles:
68 ["channelstream"]
75 ["channelstream"]
@@ -102,8 +109,11 b' services:'
102 labels:
109 labels:
103 - "traefik.enable=true"
110 - "traefik.enable=true"
104 - "traefik.http.routers.nginx.entrypoints=http"
111 - "traefik.http.routers.nginx.entrypoints=http"
105 - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && ( PathPrefix(`/_health`) || PathPrefix(`/_channelstream`) || PathPrefix(`/_static/rhodecode`) )"
112 - "traefik.http.routers.nginx.priority=40"
113 - "traefik.http.routers.nginx.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`) && PathPrefix(`/_static/rhodecode`)"
106 - "traefik.http.services.nginx.loadbalancer.server.port=80"
114 - "traefik.http.services.nginx.loadbalancer.server.port=80"
115 # HTTP + SSL example, should be put into .custom/docker-compose-services.override.yaml
116 #- "traefik.http.routers.nginx.entrypoints=http,https"
107
117
108 elasticsearch:
118 elasticsearch:
109 networks:
119 networks:
@@ -142,7 +152,7 b' services:'
142 redis:
152 redis:
143 networks:
153 networks:
144 - rhodecode_network
154 - rhodecode_network
145 image: library/redis:7.0.6
155 image: library/redis:7.0.7
146
156
147 restart: always
157 restart: always
148 env_file:
158 env_file:
@@ -246,3 +256,4 b' services:'
246
256
247 logging:
257 logging:
248 *custom-logging
258 *custom-logging
259
Show file before | Show file after | Hide comments
@@ -36,8 +36,9 b' rccontrol_usage() {'
36 echo
36 echo
37 # :command.usage_commands
37 # :command.usage_commands
38 printf "Commands:\n"
38 printf "Commands:\n"
39 echo " get-started Print instructions to get started with rhodecode docker stack"
39 echo " self-update update rccontrol and it's docker definitions"
40 echo " self-update update rccontrol and it's docker definitions"
40 echo " bootstrap Bootstrap this machine, check docker version and install rhodecode-network"
41 echo " init Bootstrap this machine, check docker version and install rhodecode-network"
41 echo
42 echo
42 printf "Build Commands:\n"
43 printf "Build Commands:\n"
43 echo " get-build-artifacts Fetch Artifacts to run installer based build"
44 echo " get-build-artifacts Fetch Artifacts to run installer based build"
@@ -128,6 +129,35 b' rccontrol_usage() {'
128 }
129 }
129
130
130 # :command.usage
131 # :command.usage
132 rccontrol_get_started_usage() {
133 if [[ -n $long_usage ]]; then
134 printf "rccontrol get-started - Print instructions to get started with rhodecode docker stack\n"
135 echo
136
137 else
138 printf "rccontrol get-started - Print instructions to get started with rhodecode docker stack\n"
139 echo
140
141 fi
142
143 printf "Usage:\n"
144 printf " rccontrol get-started\n"
145 printf " rccontrol get-started --help | -h\n"
146 echo
147
148 # :command.long_usage
149 if [[ -n $long_usage ]]; then
150 printf "Options:\n"
151
152 # :command.usage_fixed_flags
153 echo " --help, -h"
154 printf " Show this help\n"
155 echo
156
157 fi
158 }
159
160 # :command.usage
131 rccontrol_self_update_usage() {
161 rccontrol_self_update_usage() {
132 if [[ -n $long_usage ]]; then
162 if [[ -n $long_usage ]]; then
133 printf "rccontrol self-update - update rccontrol and it's docker definitions\n"
163 printf "rccontrol self-update - update rccontrol and it's docker definitions\n"
@@ -175,23 +205,20 b' rccontrol_self_update_usage() {'
175 }
205 }
176
206
177 # :command.usage
207 # :command.usage
178 rccontrol_bootstrap_usage() {
208 rccontrol_init_usage() {
179 if [[ -n $long_usage ]]; then
209 if [[ -n $long_usage ]]; then
180 printf "rccontrol bootstrap - Bootstrap this machine, check docker version and install rhodecode-network\n"
210 printf "rccontrol init - Bootstrap this machine, check docker version and install rhodecode-network\n"
181 echo
211 echo
182
212
183 else
213 else
184 printf "rccontrol bootstrap - Bootstrap this machine, check docker version and install rhodecode-network\n"
214 printf "rccontrol init - Bootstrap this machine, check docker version and install rhodecode-network\n"
185 echo
215 echo
186
216
187 fi
217 fi
188
218
189 printf "Alias: init\n"
190 echo
191
192 printf "Usage:\n"
219 printf "Usage:\n"
193 printf " rccontrol bootstrap [OPTIONS]\n"
220 printf " rccontrol init [OPTIONS]\n"
194 printf " rccontrol bootstrap --help | -h\n"
221 printf " rccontrol init --help | -h\n"
195 echo
222 echo
196
223
197 # :command.long_usage
224 # :command.long_usage
@@ -457,7 +484,7 b' rccontrol_stack_usage() {'
457
484
458 # :command.usage_examples
485 # :command.usage_examples
459 printf "Examples:\n"
486 printf "Examples:\n"
460 printf " - ./rccontrol stack router up # run router stack with output to\n stdout\n - ./rccontrol stack router up --detach # run router stack detached\n - ./rccontrol stack router down # stop whole router stack\n - ./rccontrol stack router ps # check status of router stack\n \n # scale a single stack service[s] to more replicas (horizontally)\n - ./rccontrol stack rhodecode up --detach --no-recreate --scale rhodecode=2\n --scale vcsserver=2\n \n # run router stack with your overrides compose file\n - ./rccontrol stack router -f docker-overrides.yaml up -d\n \n # Upgrade whole metrics stack\n - ./rccontrol stack metrics up --force-recreate --build --detach\n"
487 printf " # running stack\n - ./rccontrol stack router up # run router stack with output to\n stdout\n - ./rccontrol stack router up --detach # run router stack detached\n - ./rccontrol stack router down # stop whole router stack\n - ./rccontrol stack router ps # check status of router stack\n \n # logs, use logs -f to follow/tail --until 1h to limit for last time\n - ./rccontrol stack services logs -f database\n \n # scale a single stack service[s] to more replicas (horizontally), use\n overrides files to permanently set scale\n - ./rccontrol stack rhodecode up --detach --no-recreate --scale rhodecode=2\n --scale vcsserver=2\n \n # run router stack with your overrides compose file\n - ./rccontrol stack router -f docker-overrides.yaml up -d\n"
461 echo
488 echo
462
489
463 fi
490 fi
@@ -714,6 +741,11 b' rccontrol_stack_upgrade_usage() {'
714 printf " Show this help\n"
741 printf " Show this help\n"
715 echo
742 echo
716
743
744 # :command.usage_examples
745 printf "Examples:\n"
746 printf " # Upgrading stack\n - ./rccontrol stack-upgrade router\n \n # RhodeCode stack upgrades with 0 downtime using container rotation\n - ./rccontrol stack-upgrade rhodecode\n"
747 echo
748
717 fi
749 fi
718 }
750 }
719
751
@@ -1174,7 +1206,7 b' for stage in $BOOTSTRAP_STAGES; do'
1174 stage_func=$(echo $stage | cut -d ":" -f 2)
1206 stage_func=$(echo $stage | cut -d ":" -f 2)
1175 if ! config_has_key $stage_name ; then
1207 if ! config_has_key $stage_name ; then
1176 echo "$(yellow WARNING:) bootstrap key $stage_name not found in config file $CONFIG_FILE!"
1208 echo "$(yellow WARNING:) bootstrap key $stage_name not found in config file $CONFIG_FILE!"
1177 echo "$(yellow NOTICE:) Please run ./rccontrol bootstrap first"
1209 echo "$(yellow NOTICE:) Please run ./rccontrol init first"
1178 exit
1210 exit
1179 fi
1211 fi
1180 done
1212 done
@@ -1606,6 +1638,12 b' validate_stack_exists() {'
1606
1638
1607 # :command.command_functions
1639 # :command.command_functions
1608 # :command.function
1640 # :command.function
1641 rccontrol_get_started_command() {
1642 # src/get_started_command.sh
1643 get_started_full
1644 }
1645
1646 # :command.function
1609 rccontrol_self_update_command() {
1647 rccontrol_self_update_command() {
1610 # src/self_update_command.sh
1648 # src/self_update_command.sh
1611 check_bootstrap
1649 check_bootstrap
@@ -1676,8 +1714,8 b' rccontrol_self_update_command() {'
1676 }
1714 }
1677
1715
1678 # :command.function
1716 # :command.function
1679 rccontrol_bootstrap_command() {
1717 rccontrol_init_command() {
1680 # src/bootstrap_command.sh
1718 # src/init_command.sh
1681 DEBUG=${args[--debug]}
1719 DEBUG=${args[--debug]}
1682 force=${args[--force]}
1720 force=${args[--force]}
1683
1721
@@ -1744,7 +1782,6 b' rccontrol_bootstrap_command() {'
1744 # TODO: change formatter to json for loki usage
1782 # TODO: change formatter to json for loki usage
1745 log_formatter=generic
1783 log_formatter=generic
1746 base_domain=docker-dev
1784 base_domain=docker-dev
1747 base_url=http://$base_domain
1748 DB_USER='rhodecode'
1785 DB_USER='rhodecode'
1749 DB_NAME='rhodecode'
1786 DB_NAME='rhodecode'
1750
1787
@@ -1771,27 +1808,28 b' rccontrol_bootstrap_command() {'
1771
1808
1772 .env set DB_PASSWORD=$db_key
1809 .env set DB_PASSWORD=$db_key
1773
1810
1774 .env set +RC_ENCRYPTED_SECRET=$shared_key
1811 .env set RC_ENCRYPTED_SECRET=$shared_key
1775 .env set +RC_DB_URL="postgresql://$DB_USER:$db_key@database/$DB_NAME"
1812 .env set RC_DB_URL="postgresql://$DB_USER:$db_key@database/$DB_NAME"
1776 .env set +RC_SQLALCHEMY_DB1_URL="postgresql://$DB_USER:$db_key@database/$DB_NAME"
1813 .env set RC_SQLALCHEMY_DB1_URL="postgresql://$DB_USER:$db_key@database/$DB_NAME"
1777
1814
1778 .env set +RC_LICENSE_TOKEN=$license_token
1815 .env set RC_LICENSE_TOKEN=$license_token
1779 .env set +RC_APP_BASE_URL=$base_url
1816 .env set RC_HOSTNAME=$base_domain
1817 .env set RC_APP_BASE_URL=http://$base_domain
1780
1818
1781 .env puts '# Log formatter option'
1819 .env puts '# Log formatter option'
1782 .env set +RC_LOGGING_FORMATTER=$log_formatter
1820 .env set RC_LOGGING_FORMATTER=$log_formatter
1783 .env set +RC_USE_CELERY=true
1821 .env set RC_USE_CELERY=true
1784
1822
1785 .env puts '# Channelstream config'
1823 .env puts '# Channelstream config'
1786 .env set +RC_CHANNELSTREAM_SERVER=channelstream:8000
1824 .env set RC_CHANNELSTREAM_SERVER=channelstream:8000
1787 .env set +RC_CHANNELSTREAM_WS_URL=ws:/$base_domain/_channelstream
1825 .env set RC_CHANNELSTREAM_WS_URL=ws:/$base_domain/_channelstream
1788 .env set +CHANNELSTREAM_ALLOW_POSTING_FROM=0.0.0.0
1826 .env set CHANNELSTREAM_ALLOW_POSTING_FROM=0.0.0.0
1789
1827
1790 .env set +CHANNELSTREAM_SECRET=$shared_key
1828 .env set CHANNELSTREAM_SECRET=$shared_key
1791 .env set +RC_CHANNELSTREAM_SECRET=$shared_key
1829 .env set RC_CHANNELSTREAM_SECRET=$shared_key
1792
1830
1793 .env set +CHANNELSTREAM_ADMIN_SECRET=$shared_key
1831 .env set CHANNELSTREAM_ADMIN_SECRET=$shared_key
1794 .env set +RC_CHANNELSTREAM_ADMIN_SECRET=$shared_key
1832 .env set RC_CHANNELSTREAM_ADMIN_SECRET=$shared_key
1795
1833
1796 else
1834 else
1797 echo "bootstrap_config: $BOOTSTRAP_RUNTIME_ENV file exists, not adding any configuration..."
1835 echo "bootstrap_config: $BOOTSTRAP_RUNTIME_ENV file exists, not adding any configuration..."
@@ -2191,6 +2229,10 b' rccontrol_stack_status_command() {'
2191 DEBUG=${args[--debug]}
2229 DEBUG=${args[--debug]}
2192 DETAILED=${args[--detailed]}
2230 DETAILED=${args[--detailed]}
2193
2231
2232 .env --file $RUNTIME_ENV
2233 .env get RC_APP_BASE_URL
2234 RC_APP_BASE_URL=$REPLY
2235
2194 if [[ $DEBUG ]]; then
2236 if [[ $DEBUG ]]; then
2195 echo "---"
2237 echo "---"
2196 ps_cmd=$(docker ps --filter=name=rc_cluster --format="{{.ID}}")
2238 ps_cmd=$(docker ps --filter=name=rc_cluster --format="{{.ID}}")
@@ -2207,6 +2249,7 b' rccontrol_stack_status_command() {'
2207 echo "---"
2249 echo "---"
2208 fi
2250 fi
2209
2251
2252 echo "Running hostname: $RC_APP_BASE_URL"
2210 if [[ $DETAILED ]]; then
2253 if [[ $DETAILED ]]; then
2211 ps_cmd=$(docker ps --filter=name=rc_cluster --format="{{.ID}}")
2254 ps_cmd=$(docker ps --filter=name=rc_cluster --format="{{.ID}}")
2212
2255
@@ -2291,7 +2334,7 b' rccontrol_stack_upgrade_rhodecode_command() {'
2291 fi
2334 fi
2292
2335
2293 echo "Pulling new image: rhodecode/rhodecode-ee:${RC_VERSION}"
2336 echo "Pulling new image: rhodecode/rhodecode-ee:${RC_VERSION}"
2294 #eval "docker pull rhodecode/rhodecode-ee:${RC_VERSION}"
2337 echo "./rccontrol stack rhodecode pull"
2295
2338
2296 stop_containers() {
2339 stop_containers() {
2297 target_container=$1
2340 target_container=$1
@@ -2639,6 +2682,13 b' parse_requirements() {'
2639 case $action in
2682 case $action in
2640 -*) ;;
2683 -*) ;;
2641
2684
2685 get-started)
2686 action="get-started"
2687 shift
2688 rccontrol_get_started_parse_requirements "$@"
2689 shift $#
2690 ;;
2691
2642 self-update)
2692 self-update)
2643 action="self-update"
2693 action="self-update"
2644 shift
2694 shift
@@ -2646,10 +2696,10 b' parse_requirements() {'
2646 shift $#
2696 shift $#
2647 ;;
2697 ;;
2648
2698
2649 bootstrap | init)
2699 init)
2650 action="bootstrap"
2700 action="init"
2651 shift
2701 shift
2652 rccontrol_bootstrap_parse_requirements "$@"
2702 rccontrol_init_parse_requirements "$@"
2653 shift $#
2703 shift $#
2654 ;;
2704 ;;
2655
2705
@@ -2767,6 +2817,50 b' parse_requirements() {'
2767 }
2817 }
2768
2818
2769 # :command.parse_requirements
2819 # :command.parse_requirements
2820 rccontrol_get_started_parse_requirements() {
2821 # :command.fixed_flags_filter
2822 while [[ $# -gt 0 ]]; do
2823 case "${1:-}" in
2824 --help | -h)
2825 long_usage=yes
2826 rccontrol_get_started_usage
2827 exit
2828 ;;
2829
2830 *)
2831 break
2832 ;;
2833
2834 esac
2835 done
2836
2837 # :command.command_filter
2838 action="get-started"
2839
2840 # :command.parse_requirements_while
2841 while [[ $# -gt 0 ]]; do
2842 key="$1"
2843 case "$key" in
2844
2845 -?*)
2846 printf "invalid option: %s\n" "$key" >&2
2847 exit 1
2848 ;;
2849
2850 *)
2851 # :command.parse_requirements_case
2852 # :command.parse_requirements_case_simple
2853 printf "invalid argument: %s\n" "$key" >&2
2854 exit 1
2855
2856 ;;
2857
2858 esac
2859 done
2860
2861 }
2862
2863 # :command.parse_requirements
2770 rccontrol_self_update_parse_requirements() {
2864 rccontrol_self_update_parse_requirements() {
2771 # :command.fixed_flags_filter
2865 # :command.fixed_flags_filter
2772 while [[ $# -gt 0 ]]; do
2866 while [[ $# -gt 0 ]]; do
@@ -2870,13 +2964,13 b' rccontrol_self_update_parse_requirements() {'
2870 }
2964 }
2871
2965
2872 # :command.parse_requirements
2966 # :command.parse_requirements
2873 rccontrol_bootstrap_parse_requirements() {
2967 rccontrol_init_parse_requirements() {
2874 # :command.fixed_flags_filter
2968 # :command.fixed_flags_filter
2875 while [[ $# -gt 0 ]]; do
2969 while [[ $# -gt 0 ]]; do
2876 case "${1:-}" in
2970 case "${1:-}" in
2877 --help | -h)
2971 --help | -h)
2878 long_usage=yes
2972 long_usage=yes
2879 rccontrol_bootstrap_usage
2973 rccontrol_init_usage
2880 exit
2974 exit
2881 ;;
2975 ;;
2882
2976
@@ -2909,7 +3003,7 b' rccontrol_bootstrap_parse_requirements() {'
2909 fi
3003 fi
2910
3004
2911 # :command.command_filter
3005 # :command.command_filter
2912 action="bootstrap"
3006 action="init"
2913
3007
2914 # :command.parse_requirements_while
3008 # :command.parse_requirements_while
2915 while [[ $# -gt 0 ]]; do
3009 while [[ $# -gt 0 ]]; do
@@ -4542,9 +4636,9 b' initialize() {'
4542
4636
4543 get_started() {
4637 get_started() {
4544 echo ""
4638 echo ""
4545 echo "To start using RhodeCode run the following stacks using ./rccontrol stack [STACK_NAME]"
4639 echo "To start using RhodeCode run the following stacks using './rccontrol stack [STACK_NAME]'"
4546 echo ""
4640 echo ""
4547 echo "$(yellow_bold [Optional]): run the edge router to control domain and SSL"
4641 echo "$(yellow_bold [Optional]): run the edge router to control traffic / domain and optionally SSL termination"
4548 echo "./rccontrol stack router up --detach"
4642 echo "./rccontrol stack router up --detach"
4549 echo ""
4643 echo ""
4550 echo "$(green_bold [Mandatory]): run the services, like database, redis, channelstream etc..."
4644 echo "$(green_bold [Mandatory]): run the services, like database, redis, channelstream etc..."
@@ -4553,15 +4647,27 b' initialize() {'
4553 echo "$(green_bold [Mandatory]): run the rhodecode app stack"
4647 echo "$(green_bold [Mandatory]): run the rhodecode app stack"
4554 echo "./rccontrol stack rhodecode up --detach"
4648 echo "./rccontrol stack rhodecode up --detach"
4555 echo ""
4649 echo ""
4556 echo "$(yellow_bold [Optional]): run the monitoring stack, this includes grafana/promethues logging/metrics system"
4650 echo "$(yellow_bold [Optional]): run the monitoring stack, this includes grafana/prometheus logging/metrics system"
4557 echo "./rccontrol stack metrics up --detach"
4651 echo "./rccontrol stack metrics up --detach"
4558 echo ""
4652 echo ""
4559 echo "$(bold [Status]): check services run status, ports etc.."
4653 echo "$(bold [Status]): check services run status, ports etc.."
4560 echo "./rccontrol status"
4654 echo "./rccontrol status"
4561 echo ""
4655 echo ""
4562 echo "$(bold [Logs]): check service logs"
4656 echo "$(bold [Logs]): check service logs"
4563 echo "./rccontrol logs SERVICE_NAME"
4657 echo "./rccontrol stack [STACK_NAME] logs"
4564 }
4658 }
4659
4660 get_started_full() {
4661 echo "$(blue_bold [~~~~ GET STARTED ~~~~~])"
4662 echo "./rccontrol is a CLI based installer/manager for RhodeCode Cluster Stack"
4663 echo "./rccontrol -h is your friend, in case of doubt, check examples and usage options with -h / --help flag"
4664 echo ""
4665 echo "$(yellow_bold [First time run])"
4666 echo "run './rccontrol init' to setup docker and download required installer files"
4667
4668 get_started
4669 }
4670
4565 }
4671 }
4566
4672
4567 # :command.run
4673 # :command.run
@@ -4573,6 +4679,15 b' run() {'
4573 parse_requirements "${input[@]}"
4679 parse_requirements "${input[@]}"
4574
4680
4575 case "$action" in
4681 case "$action" in
4682 "get-started")
4683 if [[ ${args[--help]:-} ]]; then
4684 long_usage=yes
4685 rccontrol_get_started_usage
4686 else
4687 rccontrol_get_started_command
4688 fi
4689 ;;
4690
4576 "self-update")
4691 "self-update")
4577 if [[ ${args[--help]:-} ]]; then
4692 if [[ ${args[--help]:-} ]]; then
4578 long_usage=yes
4693 long_usage=yes
@@ -4582,12 +4697,12 b' run() {'
4582 fi
4697 fi
4583 ;;
4698 ;;
4584
4699
4585 "bootstrap")
4700 "init")
4586 if [[ ${args[--help]:-} ]]; then
4701 if [[ ${args[--help]:-} ]]; then
4587 long_usage=yes
4702 long_usage=yes
4588 rccontrol_bootstrap_usage
4703 rccontrol_init_usage
4589 else
4704 else
4590 rccontrol_bootstrap_command
4705 rccontrol_init_command
4591 fi
4706 fi
4592 ;;
4707 ;;
4593
4708
Show file before | Show file after | Hide comments
@@ -7,16 +7,24 b' services:'
7 # # expose port for optional direct port connection
7 # # expose port for optional direct port connection
8 # - "10020:10020"
8 # - "10020:10020"
9 environment:
9 environment:
10 DB_UPGRADE: 0 # run the DB upgrade
10 RC_EXAMPLE_KEY: 'ok'
11 SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
11 #DB_UPGRADE: 0 # 1 run the DB upgrade, 0 disable db upgrade at startup
12 #SETUP_APP: 0 # run the application default settings setup, can be turned off after initial run
12
13
13 #healthcheck:
14 #healthcheck:
14 # # disable the healthcheck
15 # # disable the healthcheck for faster signal handling
16 # # generally not recommended
15 # test: ['CMD','true']
17 # test: ['CMD','true']
16
18
19 #labels:
20 # # Enable http+https endpoints to serve SSL, select just 1 to disable the other
21 # - "traefik.http.routers.rhodecode.entrypoints=http,https"
22
23
17 deploy:
24 deploy:
18 replicas: 1
25 replicas: 1
19
26
27
20 vcsserver:
28 vcsserver:
21
29
22 environment:
30 environment:
@@ -26,7 +34,8 b' services:'
26 replicas: 1
34 replicas: 1
27
35
28 #healthcheck:
36 #healthcheck:
29 # # disable the healthcheck
37 # # disable the healthcheck for faster signal handling
38 # # generally not recommended
30 # test: ['CMD','true']
39 # test: ['CMD','true']
31
40
32 sshd:
41 sshd:
@@ -34,7 +43,8 b' services:'
34 replicas: 1
43 replicas: 1
35
44
36 svn:
45 svn:
37 {}
46 deploy:
47 replicas: 1
38
48
39 celery-beat:
49 celery-beat:
40 deploy:
50 deploy:
Show file before | Show file after | Hide comments
@@ -2,15 +2,17 b" version: '3.9'"
2
2
3 services:
3 services:
4
4
5 grafana:
6 {}
7 #labels:
8 # # Enable http+https endpoints to serve SSL, select just 1 to disable the other
9 # - "traefik.http.routers.grafana.entrypoints=http,https"
10
5 promtail:
11 promtail:
6 {}
12 {}
7
13
8 loki:
14 loki:
9 {}
15 {}
10 # labels:
11 # - "traefik.enable=true"
12 # - "traefik.http.services.loki.loadbalancer.server.port=3100"
13 # - "traefik.http.services.loki.loadbalancer.server.port=9095"
14
16
15 prometheus:
17 prometheus:
16 {}
18 {}
@@ -21,12 +23,3 b' services:'
21 statsd-exporter:
23 statsd-exporter:
22 {}
24 {}
23
25
24 grafana:
25
26 labels:
27 # SSL + proxy prefix
28 - "traefik.http.routers.grafana-rt.service=grafana-ssl"
29 - "traefik.http.routers.grafana-rt.entrypoints=https"
30 - "traefik.http.routers.grafana-rt.rule=Host(`your-domain.com`) && PathPrefix(`/_grafana`)"
31 - "traefik.http.routers.grafana-rt.tls=true"
32 - "traefik.http.services.grafana-ssl.loadbalancer.server.port=3000" No newline at end of file
Show file before | Show file after | Hide comments
@@ -13,36 +13,7 b' services:'
13 # So that Traefik can listen to the Docker events
13 # So that Traefik can listen to the Docker events
14 - /var/run/docker.sock:/var/run/docker.sock
14 - /var/run/docker.sock:/var/run/docker.sock
15 # custom traefik config, enable SSL etc..
15 # custom traefik config, enable SSL etc..
16 # put your traefik setup in this directory
16 # put your traefik setup in this directory structure, and uncomment to override
17 - $PWD/.custom/traefik_custom:/etc/traefik
17 # default traefik static/dynamic configs
18
18 #- $PWD/.custom/traefik_custom:/etc/traefik:ro
19 portainer:
19 #- $PWD/.custom/traefik_custom/dynamic:/etc/traefik_dynamic:ro
20 # Run with COMPOSE_PROFILES=portainer
21 # to access portainer set HEADER `X-Docker-Host=portainer`
22 image: portainer/portainer-ce:latest
23 restart: always
24 volumes:
25 - portainer_data:/data
26 - /var/run/docker.sock:/var/run/docker.sock
27 deploy:
28 mode: replicated
29 replicas: 1
30 placement:
31 constraints:
32 # limit swarm deploy to MANAGER only
33 - node.role == manager
34
35 networks:
36 - rhodecode_network
37 labels:
38 - "traefik.enable=true"
39 - "traefik.http.routers.portainer.entrypoints=https"
40 - "traefik.http.routers.portainer.rule=Headers(`X-Docker-Host`, `portainer`)"
41 - "traefik.http.services.portainer.loadbalancer.server.port=9000"
42
43 profiles:
44 ["portainer"]
45
46 volumes:
47 portainer_data:
48 external: true No newline at end of file
Show file before | Show file after | Hide comments
@@ -7,19 +7,19 b' services:'
7
7
8 database:
8 database:
9 {}
9 {}
10 # to disable usage of this service
10 # to disable usage of this service using your own postgres instance
11 #deploy:
11 #deploy:
12 # replicas: 0
12 # replicas: 0
13
13
14 database-mysql:
14 database-mysql:
15 {}
15 {}
16 # to disable usage of this service
16 # to disable usage of this service, running your own mysql instance
17 #deploy:
17 #deploy:
18 # replicas: 0
18 # replicas: 0
19
19
20 redis:
20 redis:
21 {}
21 {}
22 # to disable usage of this service
22 # to disable usage of this service using external redis
23 #deploy:
23 #deploy:
24 # replicas: 0
24 # replicas: 0
25
25
@@ -30,4 +30,41 b' services:'
30 {}
30 {}
31
31
32 channelstream:
32 channelstream:
33 {} No newline at end of file
33 {}
34 # Enable http+https endpoints to serve SSL, select just 1 to disable the other
35 #labels:
36 # - "traefik.http.routers.channelstream.entrypoints=http,https
37
38
39 portainer:
40 # Run with COMPOSE_PROFILES=portainer
41 # to access portainer set separate domain for portainer
42 # also needs a external new volume
43 # docker volume create --label keep=1 --name=portainer_data
44 image: portainer/portainer-ce:latest
45 restart: always
46 volumes:
47 - portainer_data:/data
48 - /var/run/docker.sock:/var/run/docker.sock
49 deploy:
50 mode: replicated
51 replicas: 1
52 placement:
53 constraints:
54 # limit swarm deploy to MANAGER only
55 - node.role == manager
56
57 networks:
58 - rhodecode_network
59 labels:
60 - "traefik.enable=true"
61 - "traefik.http.routers.portainer.entrypoints=https"
62 - "traefik.http.routers.portainer.rule=Host(`portainer.yourdomain.com`)"
63 - "traefik.http.services.portainer.loadbalancer.server.port=9000"
64
65 profiles:
66 ["portainer"]
67
68 volumes:
69 portainer_data:
70 external: true
Show file before | Show file after | Hide comments
@@ -1,17 +1,28 b''
1 ## BUILD ARGS
1 ## BUILD/RUN ARGS ##
2 ####################
3
2 TZ="UTC"
4 TZ="UTC"
3
5
4 # Version to deploy and run
6 # Version to deploy and run
7 # rccontrol will automatically update and adjust this if needed
5 RC_VERSION="4.28.0"
8 RC_VERSION="4.28.0"
6
9
7 # ce, or ee
10 # Select RhodeCode edition ce (free community), or ee (paid/enterprise)
8 RC_EDITION=ee
11 RC_EDITION=ee
9
12
10 # GENERATED ARGS, Please don't change those
13 # GENERATED ARGS #
14 ##################
15
16 # set limit of redis in-memory cache before keys get evicted using LRU cache
17 RC_REDIS_MAXMEMORY=1024mb
18
19 # set the size of ramdisk used for locking files
20 RC_DATA_RAMDISK_SIZE=512M
11
21
12 # Database bootstrap/access credentials
22 # Database bootstrap/access credentials
13 # Bootstrap container with specific password
23 # Bootstrap container with specific password
14 # This password will be used to generate new account and password for the database
24 # This password will be used to generate new account and password for the database
25 # Please don't change those unless you use your own database
15 DB_NAME=rhodecode
26 DB_NAME=rhodecode
16 DB_USER=rhodecode
27 DB_USER=rhodecode
17 DB_PASSWORD=GENERATED_AT_BOOTSTRAP
28 DB_PASSWORD=GENERATED_AT_BOOTSTRAP
@@ -22,6 +33,16 b' RHODECODE_USER_EMAIL=admin@server-com'
22 RHODECODE_USER_NAME=admin
33 RHODECODE_USER_NAME=admin
23 RHODECODE_USER_PASS=secret4
34 RHODECODE_USER_PASS=secret4
24
35
36 # prependend to loki url prefix, this will be generated
37 RC_LOKI_AUTH=loki-auth:password@
38
25 RC_USE_CELERY=true
39 RC_USE_CELERY=true
26
40
27 RC_APP_BASE_URL=base-url No newline at end of file
41 # base url for running app, this is used for traefik hasname matching, so accessing this host will redirect
42 # traffic to the running instance. This needs to be the same as RC_APP_BASE_URL
43 # replace this with your name of host. e.g yourdomain.com or rc.company.local
44 RC_HOSTNAME=base-url
45
46 # application base url, at which location including a scheme (http/https) this app will be
47 # running, this needs to be a valid resolvable domain for rhodecode links to work properly
48 RC_APP_BASE_URL=http://base-url No newline at end of file
Show file before | Show file after | Hide comments
1 NO CONTENT: file was removed
NO CONTENT: file was removed
Show file before | Show file after | Hide comments
1 NO CONTENT: file was removed
NO CONTENT: file was removed
Show file before | Show file after | Hide comments
1 NO CONTENT: file was removed
NO CONTENT: file was removed
General Comments 0
You need to be logged in to leave comments. Login now