diff --git a/docker-compose-old.yml b/docker-compose-old.yml new file mode 100644 index 0000000..5d48fe2 --- /dev/null +++ b/docker-compose-old.yml @@ -0,0 +1,309 @@ +volumes: + lago_postgres_data: + lago_redis_data: + lago_storage_data: + +services: + db: + image: postgres:14-alpine + container_name: lago-db + restart: unless-stopped + environment: + POSTGRES_DB: ${POSTGRES_DB:-lago} + POSTGRES_USER: ${POSTGRES_USER:-lago} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-changeme} + PGDATA: /data/postgres + PGPORT: ${POSTGRES_PORT:-5432} + POSTGRES_SCHEMA: public + volumes: + - lago_postgres_data:/data/postgres + ports: + - ${POSTGRES_PORT:-5432}:${POSTGRES_PORT:-5432} + + redis: + image: redis:6-alpine + container_name: lago-redis + restart: unless-stopped + command: --port ${REDIS_PORT:-6379} + volumes: + - lago_redis_data:/data + ports: + - ${REDIS_PORT:-6379}:${REDIS_PORT:-6379} + + api: + container_name: lago-api + image: getlago/api:v1.12.2 + restart: unless-stopped + depends_on: + - db + - redis + command: ['./scripts/start.sh'] + healthcheck: + test: curl -f http://localhost:3000/health || exit 1 + interval: 10s + start_period: 30s + timeout: 60s + # uncomment for a potentially faster startup if you have docker --version > 25.0.0 + # start_interval: 2s + environment: + - LAGO_API_URL=${LAGO_API_URL:-http://localhost:3000} + - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + - REDIS_PASSWORD=${REDIS_PASSWORD} + - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + - RAILS_ENV=production + - RAILS_LOG_TO_STDOUT=${LAGO_RAILS_STDOUT:-true} + - SENTRY_DSN=${SENTRY_DSN} + - LAGO_FRONT_URL=${LAGO_FRONT_URL:-http://localhost} + - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - LAGO_SIDEKIQ_WEB=${LAGO_SIDEKIQ_WEB} + - LAGO_ENCRYPTION_PRIMARY_KEY=${LAGO_ENCRYPTION_PRIMARY_KEY:-your-encryption-primary-key} + - LAGO_ENCRYPTION_DETERMINISTIC_KEY=${LAGO_ENCRYPTION_DETERMINISTIC_KEY:-your-encryption-deterministic-key} + - LAGO_ENCRYPTION_KEY_DERIVATION_SALT=${LAGO_ENCRYPTION_KEY_DERIVATION_SALT:-your-encryption-derivation-salt} + - LAGO_USE_AWS_S3=${LAGO_USE_AWS_S3:-false} + - LAGO_AWS_S3_ACCESS_KEY_ID=${LAGO_AWS_S3_ACCESS_KEY_ID:-azerty123456} + - LAGO_AWS_S3_SECRET_ACCESS_KEY=${LAGO_AWS_S3_SECRET_ACCESS_KEY:-azerty123456} + - LAGO_AWS_S3_REGION=${LAGO_AWS_S3_REGION:-us-east-1} + - LAGO_AWS_S3_BUCKET=${LAGO_AWS_S3_BUCKET:-bucket} + - LAGO_AWS_S3_ENDPOINT=${LAGO_AWS_S3_ENDPOINT} + - LAGO_USE_GCS=${LAGO_USE_GCS:-false} + - LAGO_GCS_PROJECT=${LAGO_GCS_PROJECT:-} + - LAGO_GCS_BUCKET=${LAGO_GCS_BUCKET:-} + - LAGO_PDF_URL=${LAGO_PDF_URL:-http://pdf:3000} + - LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST:-redis}:${LAGO_REDIS_CACHE_PORT:-6379} + - LAGO_REDIS_CACHE_PASSWORD=${LAGO_REDIS_CACHE_PASSWORD} + - LAGO_DISABLE_SEGMENT=${LAGO_DISABLE_SEGMENT} + - LAGO_DISABLE_WALLET_REFRESH=${LAGO_DISABLE_WALLET_REFRESH} + - LAGO_OAUTH_PROXY_URL=https://proxy.getlago.com + - LAGO_LICENSE=${LAGO_LICENSE:-} + - GOOGLE_AUTH_CLIENT_ID=${GOOGLE_AUTH_CLIENT_ID:-} + - GOOGLE_AUTH_CLIENT_SECRET=${GOOGLE_AUTH_CLIENT_SECRET:-} + - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + # - SIDEKIQ_EVENTS=true + # - SIDEKIQ_PDFS=true + volumes: + - lago_storage_data:/app/storage + # If using GCS, you need to put the credentials keyfile here + #- gcs_keyfile.json:/app/gcs_keyfile.json + ports: + - ${API_PORT:-3000}:3000 + + front: + container_name: lago-front + image: getlago/front:v1.12.2 + restart: unless-stopped + # Use this command if you want to use SSL with Let's Encrypt + # command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" + depends_on: + api: + condition: service_healthy + environment: + - API_URL=${LAGO_API_URL:-http://localhost:3000} + - APP_ENV=${APP_ENV:-production} + - LAGO_DISABLE_SIGNUP=${LAGO_DISABLE_SIGNUP:-false} + - LAGO_OAUTH_PROXY_URL=https://proxy.getlago.com + - SENTRY_DSN=${SENTRY_DSN_FRONT} + - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + ports: + - ${FRONT_PORT:-80}:80 + # - 443:443 + # Using SSL with Let's Encrypt + # volumes: + # - ./extra/nginx-letsencrypt.conf:/etc/nginx/conf.d/default.conf + # - ./extra/certbot/conf:/etc/letsencrypt + # - ./extra/certbot/www:/var/www/certbot + # Using SSL with self signed certificates + # volumes: + # - ./extra/nginx-selfsigned.conf:/etc/nginx/conf.d/default.conf + # - ./extra/ssl/nginx-selfsigned.crt:/etc/ssl/certs/nginx-selfsigned.crt + # - ./extra/ssl/nginx-selfsigned.key:/etc/ssl/private/nginx-selfsigned.key + # - ./extra/ssl/dhparam.pem:/etc/ssl/certs/dhparam.pem + + # Only used for SSL support with Let's Encrypt + # certbot: + # image: certbot/certbot + # entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" + # volumes: + # - ./extra/certbot/conf:/etc/letsencrypt + # - ./extra/certbot/www:/var/www/certbot + + api-worker: + container_name: lago-worker + image: getlago/api:v1.12.2 + restart: unless-stopped + depends_on: + api: + condition: service_healthy + command: ['./scripts/start.worker.sh'] + healthcheck: + test: ['CMD-SHELL', 'bundle exec sidekiqmon | grep $(hostname) || exit 1'] + environment: + - LAGO_API_URL=${LAGO_API_URL:-http://localhost:3000} + - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + - REDIS_PASSWORD=${REDIS_PASSWORD} + - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + - RAILS_ENV=production + - RAILS_LOG_TO_STDOUT=${LAGO_RAILS_STDOUT:-true} + - SENTRY_DSN=${SENTRY_DSN} + - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - LAGO_ENCRYPTION_PRIMARY_KEY=${LAGO_ENCRYPTION_PRIMARY_KEY:-your-encryption-primary-key} + - LAGO_ENCRYPTION_DETERMINISTIC_KEY=${LAGO_ENCRYPTION_DETERMINISTIC_KEY:-your-encryption-deterministic-key} + - LAGO_ENCRYPTION_KEY_DERIVATION_SALT=${LAGO_ENCRYPTION_KEY_DERIVATION_SALT:-your-encryption-derivation-salt} + - LAGO_FRONT_URL=${LAGO_FRONT_URL:-http://localhost} + - LAGO_USE_AWS_S3=${LAGO_USE_AWS_S3:-false} + - LAGO_AWS_S3_ACCESS_KEY_ID=${LAGO_AWS_S3_ACCESS_KEY_ID:-azerty123456} + - LAGO_AWS_S3_SECRET_ACCESS_KEY=${LAGO_AWS_S3_SECRET_ACCESS_KEY:-azerty123456} + - LAGO_AWS_S3_REGION=${LAGO_AWS_S3_REGION:-us-east-1} + - LAGO_AWS_S3_BUCKET=${LAGO_AWS_S3_BUCKET:-bucket} + - LAGO_AWS_S3_ENDPOINT=${LAGO_AWS_S3_ENDPOINT} + - LAGO_USE_GCS=${LAGO_USE_GCS:-false} + - LAGO_GCS_PROJECT=${LAGO_GCS_PROJECT:-} + - LAGO_GCS_BUCKET=${LAGO_GCS_BUCKET:-} + - LAGO_PDF_URL=${LAGO_PDF_URL:-http://pdf:3000} + - LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST:-redis}:${LAGO_REDIS_CACHE_PORT:-6379} + - LAGO_REDIS_CACHE_PASSWORD=${LAGO_REDIS_CACHE_PASSWORD} + - LAGO_DISABLE_SEGMENT=${LAGO_DISABLE_SEGMENT} + - LAGO_DISABLE_WALLET_REFRESH=${LAGO_DISABLE_WALLET_REFRESH} + - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + - LAGO_LICENSE=${LAGO_LICENSE:-} + # - SIDEKIQ_EVENTS=true + # - SIDEKIQ_PDFS=true + volumes: + - lago_storage_data:/app/storage + + # You can uncomment this if you want to use a dedicated Sidekiq worker for the event ingestion. + # It is recommendend if you have a high usage of events to not impact the other Sidekiq Jobs. + #api-events-worker: + # container_name: lago-events-worker + # image: getlago/api:v1.12.2 + # restart: unless-stopped + # depends_on: + # api: + # condition: service_healthy + # command: ["./scripts/start.events.worker.sh"] + # environment: + # - LAGO_API_URL=${LAGO_API_URL:-http://localhost:3000} + # - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + # - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + # - REDIS_PASSWORD=${REDIS_PASSWORD} + # - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + # - RAILS_ENV=production + # - RAILS_LOG_TO_STDOUT=${LAGO_RAILS_STDOUT:-true} + # - SENTRY_DSN=${SENTRY_DSN} + # - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + # - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + # - LAGO_ENCRYPTION_PRIMARY_KEY=${LAGO_ENCRYPTION_PRIMARY_KEY:-your-encryption-primary-key} + # - LAGO_ENCRYPTION_DETERMINISTIC_KEY=${LAGO_ENCRYPTION_DETERMINISTIC_KEY:-your-encryption-deterministic-key} + # - LAGO_ENCRYPTION_KEY_DERIVATION_SALT=${LAGO_ENCRYPTION_KEY_DERIVATION_SALT:-your-encryption-derivation-salt} + # - LAGO_FRONT_URL=${LAGO_FRONT_URL:-http://localhost} + # - LAGO_USE_AWS_S3=${LAGO_USE_AWS_S3:-false} + # - LAGO_AWS_S3_ACCESS_KEY_ID=${LAGO_AWS_S3_ACCESS_KEY_ID:-azerty123456} + # - LAGO_AWS_S3_SECRET_ACCESS_KEY=${LAGO_AWS_S3_SECRET_ACCESS_KEY:-azerty123456} + # - LAGO_AWS_S3_REGION=${LAGO_AWS_S3_REGION:-us-east-1} + # - LAGO_AWS_S3_BUCKET=${LAGO_AWS_S3_BUCKET:-bucket} + # - LAGO_AWS_S3_ENDPOINT=${LAGO_AWS_S3_ENDPOINT} + # - LAGO_USE_GCS=${LAGO_USE_GCS:-false} + # - LAGO_GCS_PROJECT=${LAGO_GCS_PROJECT:-} + # - LAGO_GCS_BUCKET=${LAGO_GCS_BUCKET:-} + # - LAGO_PDF_URL=${LAGO_PDF_URL:-http://pdf:3000} + # - LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST:-redis}:${LAGO_REDIS_CACHE_PORT:-6379} + # - LAGO_REDIS_CACHE_PASSWORD=${LAGO_REDIS_CACHE_PASSWORD} + # - LAGO_DISABLE_SEGMENT=${LAGO_DISABLE_SEGMENT} + # - LAGO_DISABLE_WALLET_REFRESH=${LAGO_DISABLE_WALLET_REFRESH} + # - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + # - SIDEKIQ_EVENTS=true + # - LAGO_LICENSE=${LAGO_LICENSE:-} + + # You can uncomment this if you want to use a dedicated Sidekiq worker for the invoices pdf creation. + # It is recommended if you have a high usage of invoices being created to not impact the other Sidekiq Jobs. + #api-pdfs-worker: + # container_name: lago-pdfs-worker + # image: getlago/api:v1.12.2 + # restart: unless-stopped + # depends_on: + # api: + # condition: service_healthy + # command: ["./scripts/start.pdfs.worker.sh"] + # environment: + # - LAGO_API_URL=${LAGO_API_URL:-http://localhost:3000} + # - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + # - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + # - REDIS_PASSWORD=${REDIS_PASSWORD} + # - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + # - RAILS_ENV=production + # - RAILS_LOG_TO_STDOUT=${LAGO_RAILS_STDOUT:-true} + # - SENTRY_DSN=${SENTRY_DSN} + # - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + # - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + # - LAGO_ENCRYPTION_PRIMARY_KEY=${LAGO_ENCRYPTION_PRIMARY_KEY:-your-encryption-primary-key} + # - LAGO_ENCRYPTION_DETERMINISTIC_KEY=${LAGO_ENCRYPTION_DETERMINISTIC_KEY:-your-encryption-deterministic-key} + # - LAGO_ENCRYPTION_KEY_DERIVATION_SALT=${LAGO_ENCRYPTION_KEY_DERIVATION_SALT:-your-encryption-derivation-salt} + # - LAGO_FRONT_URL=${LAGO_FRONT_URL:-http://localhost} + # - LAGO_USE_AWS_S3=${LAGO_USE_AWS_S3:-false} + # - LAGO_AWS_S3_ACCESS_KEY_ID=${LAGO_AWS_S3_ACCESS_KEY_ID:-azerty123456} + # - LAGO_AWS_S3_SECRET_ACCESS_KEY=${LAGO_AWS_S3_SECRET_ACCESS_KEY:-azerty123456} + # - LAGO_AWS_S3_REGION=${LAGO_AWS_S3_REGION:-us-east-1} + # - LAGO_AWS_S3_BUCKET=${LAGO_AWS_S3_BUCKET:-bucket} + # - LAGO_AWS_S3_ENDPOINT=${LAGO_AWS_S3_ENDPOINT} + # - LAGO_USE_GCS=${LAGO_USE_GCS:-false} + # - LAGO_GCS_PROJECT=${LAGO_GCS_PROJECT:-} + # - LAGO_GCS_BUCKET=${LAGO_GCS_BUCKET:-} + # - LAGO_PDF_URL=${LAGO_PDF_URL:-http://pdf:3000} + # - LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST:-redis}:${LAGO_REDIS_CACHE_PORT:-6379} + # - LAGO_REDIS_CACHE_PASSWORD=${LAGO_REDIS_CACHE_PASSWORD} + # - LAGO_DISABLE_SEGMENT=${LAGO_DISABLE_SEGMENT} + # - LAGO_DISABLE_WALLET_REFRESH=${LAGO_DISABLE_WALLET_REFRESH} + # - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + # - SIDEKIQ_PDFS=true + # - LAGO_LICENSE=${LAGO_LICENSE:-} + + api-clock: + container_name: lago-clock + image: getlago/api:v1.12.2 + restart: unless-stopped + depends_on: + api: + condition: service_healthy + command: ['./scripts/start.clock.sh'] + environment: + - LAGO_API_URL=${LAGO_API_URL:-http://localhost:3000} + - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + - REDIS_PASSWORD=${REDIS_PASSWORD} + - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + - RAILS_ENV=production + - RAILS_LOG_TO_STDOUT=${LAGO_RAILS_STDOUT:-true} + - SENTRY_DSN=${SENTRY_DSN} + - LAGO_DISABLE_WALLET_REFRESH=${LAGO_DISABLE_WALLET_REFRESH} + - LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST:-redis}:${LAGO_REDIS_CACHE_PORT:-6379} + - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - LAGO_ENCRYPTION_PRIMARY_KEY=${LAGO_ENCRYPTION_PRIMARY_KEY:-your-encryption-primary-key} + - LAGO_ENCRYPTION_DETERMINISTIC_KEY=${LAGO_ENCRYPTION_DETERMINISTIC_KEY:-your-encryption-deterministic-key} + - LAGO_ENCRYPTION_KEY_DERIVATION_SALT=${LAGO_ENCRYPTION_KEY_DERIVATION_SALT:-your-encryption-derivation-salt} + - NANGO_SECRET_KEY=${NANGO_SECRET_KEY:-} + - LAGO_LICENSE=${LAGO_LICENSE:-} + + pdf: + image: getlago/lago-gotenberg:7.8.2 + + migrate: + container_name: lago-migrate + image: getlago/api:v1.12.2 + depends_on: + - db + - redis + command: ['./scripts/start.migrate.sh'] + volumes: + - lago_storage_data:/app/storage + environment: + - RAILS_ENV=production + - SECRET_KEY_BASE=${SECRET_KEY_BASE:-your-secret-key-base-hex-64} + - RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + - DATABASE_URL=postgresql://${POSTGRES_USER:-lago}:${POSTGRES_PASSWORD:-changeme}@${POSTGRES_HOST:-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-lago}?search_path=${POSTGRES_SCHEMA:-public} + - REDIS_URL=redis://${REDIS_HOST:-redis}:${REDIS_PORT:-6379} + - REDIS_PASSWORD=${REDIS_PASSWORD} diff --git a/docker-compose.yml b/docker-compose.yml index 4f2b496..65987b6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -61,7 +61,7 @@ services: - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - "--certificatesresolvers.myresolver.acme.tlschallenge=true" - - "--certificatesresolvers.myresolver.acme.email=your_email@domain.tld" + - "--certificatesresolvers.myresolver.acme.email=youremail@domain.tld" - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" ports: - "80:80" @@ -96,11 +96,14 @@ services: timeout: 60s retries: 5 labels: - - "traefik.enable=true" - - "traefik.http.routers.api.entrypoints=websecure" - - "traefik.http.routers.api.rule=Host(`api.${DOMAIN}`)" - - "traefik.http.routers.api.tls.certresolver=myresolver" - - "traefik.http.services.api.loadbalancer.server.port=3000" + - "traefik.enable=true" + - "traefik.http.routers.api.entrypoints=websecure" + - "traefik.http.routers.api.rule=Host(`${DOMAIN}`) && PathPrefix(`/api`)" + - "traefik.http.routers.api.tls.certresolver=myresolver" + - "traefik.http.routers.api.priority=100" + - "traefik.http.services.api.loadbalancer.server.port=3000" + - "traefik.http.middlewares.api-strip-prefix.stripprefix.prefixes=/api" + - "traefik.http.routers.api.middlewares=api-strip-prefix" volumes: - lago_storage_data:/app/storage @@ -119,9 +122,10 @@ services: timeout: 10s retries: 3 labels: + - "traefik.http.routers.front.priority=50" - "traefik.enable=true" - "traefik.http.routers.front.entrypoints=websecure" - - "traefik.http.routers.front.rule=Host(`app.${DOMAIN}`)" + - "traefik.http.routers.front.rule=Host(`${DOMAIN}`) && PathPrefix(`/`)" - "traefik.http.routers.front.tls.certresolver=myresolver" - "traefik.http.services.front.loadbalancer.server.port=80" volumes: