-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcompose.dev.yml
More file actions
156 lines (151 loc) · 6.26 KB
/
compose.dev.yml
File metadata and controls
156 lines (151 loc) · 6.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
---
name: saas-${USER}
services:
# PostgreSQL Database
postgres:
image: postgres:16-alpine
container_name: dev-saas-postgres-${USER}
restart: unless-stopped
environment:
POSTGRES_USER: a8n
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-devpassword}
POSTGRES_DB: a8n_platform
expose:
- "5432:5432"
volumes:
# - postgres_data:/var/lib/postgresql/data
- data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U a8n -d a8n_platform"]
interval: 5s
timeout: 5s
retries: 5
# Rust API Backend
api:
build:
context: ./api
dockerfile: Dockerfile
container_name: dev-saas-api-${USER}
command: ["/app/target/debug/a8n-api"]
restart: unless-stopped
environment:
# scheme://username:password@host:port/path/file.ext
DATABASE_URL: postgres://a8n:${POSTGRES_PASSWORD:-devpassword}@postgres:5432/a8n_platform
HOST_IP: 0.0.0.0
APP_PORT: 4000
RUST_LOG: ${RUST_LOG:-debug}
# CORS_ORIGIN: http://localhost:5173
CORS_ORIGIN: https://${USER}-app.a8n.run
ENVIRONMENT: development
JWT_SECRET: ${JWT_SECRET:-s3cr3tK3yAtL34st32Ch4r4ct3rsL0ng!}
COOKIE_DOMAIN: .a8n.run
# Email configuration
SMTP_HOST: ${SMTP_HOST:-}
SMTP_PORT: ${SMTP_PORT:-587}
SMTP_FROM: ${SMTP_FROM:-noreply@a8n.tools}
SMTP_USERNAME: ${SMTP_USERNAME:-}
SMTP_PASSWORD: ${SMTP_PASSWORD:-}
EMAIL_ENABLED: ${EMAIL_ENABLED:-false}
# BASE_URL: ${BASE_URL:-http://localhost:5173}
BASE_URL: ${BASE_URL:-https://${USER}-app.a8n.run}
STRIPE_SECRET_KEY: ${STRIPE_SECRET_KEY:-}
STRIPE_WEBHOOK_SECRET: ${STRIPE_WEBHOOK_SECRET:-}
STRIPE_PRICE_ID: ${STRIPE_PRICE_ID:-}
STRIPE_BUSINESS_PRICE_ID: ${STRIPE_BUSINESS_PRICE_ID:-}
FORGEJO_BASE_URL: ${FORGEJO_BASE_URL:-}
FORGEJO_API_TOKEN: ${FORGEJO_API_TOKEN:-}
DOWNLOAD_CACHE_DIR: /var/cache/a8n-downloads
DOWNLOAD_CACHE_MAX_BYTES: ${DOWNLOAD_CACHE_MAX_BYTES:-10737418240}
DOWNLOAD_CONCURRENCY_PER_USER: ${DOWNLOAD_CONCURRENCY_PER_USER:-2}
DOWNLOAD_DAILY_LIMIT_PER_USER: ${DOWNLOAD_DAILY_LIMIT_PER_USER:-50}
FORGEJO_RELEASE_CACHE_TTL_SECS: ${FORGEJO_RELEASE_CACHE_TTL_SECS:-300}
OCI_REGISTRY_ENABLED: ${OCI_REGISTRY_ENABLED:-false}
OCI_REGISTRY_PORT: ${OCI_REGISTRY_PORT:-18081}
OCI_REGISTRY_SERVICE: ${OCI_REGISTRY_SERVICE:-${USER}-oci.a8n.run}
OCI_BLOB_CACHE_DIR: /var/cache/a8n-oci
OCI_BLOB_CACHE_MAX_BYTES: ${OCI_BLOB_CACHE_MAX_BYTES:-53687091200}
OCI_MANIFEST_CACHE_TTL_SECS: ${OCI_MANIFEST_CACHE_TTL_SECS:-300}
OCI_CONCURRENT_MANIFESTS_PER_USER: ${OCI_CONCURRENT_MANIFESTS_PER_USER:-2}
OCI_PULLS_PER_USER_PER_DAY: ${OCI_PULLS_PER_USER_PER_DAY:-50}
OCI_TOKEN_TTL_SECS: ${OCI_TOKEN_TTL_SECS:-900}
# OIDC Provider
OIDC_ISSUER: https://${USER}-api.a8n.run
OIDC_JWT_PRIVATE_KEY_PATH: /run/secrets/oidc/dev-2026.pem
OIDC_JWT_ACTIVE_KID: dev-2026
OIDC_JWT_PUBLIC_KEYS_DIR: /run/secrets/oidc
ports:
- "18081:18081"
volumes:
- ./api/src:/app/src:ro
- ./api/migrations:/app/migrations:ro
- ./api/templates:/app/templates:ro
- ./api/Cargo.toml:/app/Cargo.toml:ro
- ./api/Cargo.lock:/app/Cargo.lock:ro
- api_target:/app/target
- downloads_cache:/var/cache/a8n-downloads
- oci_cache:/var/cache/a8n-oci
- ./secrets:/run/secrets/oidc:ro
networks:
- default # Use default network for internal communication with Postgres
- network-traefik-public
depends_on:
postgres:
condition: service_healthy
labels:
- "traefik.enable=true"
- "traefik.docker.network=network-traefik-public"
- "traefik.http.routers.api-saas-${USER}.rule=Host(`api.a8n.run`) || Host(`${USER}-api.a8n.run`)"
- "traefik.http.routers.api-saas-${USER}.service=api-saas-${USER}@docker"
- "traefik.http.routers.api-saas-${USER}.entrypoints=web-secure"
- "traefik.http.routers.api-saas-${USER}.tls.certresolver=cert-cloudflare"
- "traefik.http.services.api-saas-${USER}.loadbalancer.server.port=4000"
- "traefik.http.routers.oci-saas-${USER}.rule=Host(`${USER}-oci.a8n.run`)"
- "traefik.http.routers.oci-saas-${USER}.service=oci-saas-${USER}@docker"
- "traefik.http.routers.oci-saas-${USER}.entrypoints=web-secure"
- "traefik.http.routers.oci-saas-${USER}.tls.certresolver=cert-cloudflare"
- "traefik.http.services.oci-saas-${USER}.loadbalancer.server.port=18081"
# React Frontend
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
container_name: dev-saas-frontend-${USER}
restart: unless-stopped
environment:
# Use Docker service name for internal proxy requests
# TODO: Once port 443 is working through Traefik, this is not needed.
# VITE_API_URL: http://api.a8n.run:4000
VITE_API_URL: https://${USER}-api.a8n.run
VITE_STRIPE_PUBLISHABLE_KEY: ${VITE_STRIPE_PUBLISHABLE_KEY:-}
networks:
- network-traefik-public
volumes:
- ./frontend/src:/app/src:ro
- ./frontend/public:/app/public:ro
- ./frontend/index.html:/app/index.html:ro
- ./frontend/vite.config.ts:/app/vite.config.ts:ro
- ./frontend/tsconfig.json:/app/tsconfig.json:ro
- ./frontend/tsconfig.node.json:/app/tsconfig.node.json:ro
- ./frontend/tailwind.config.js:/app/tailwind.config.js:ro
- ./frontend/postcss.config.js:/app/postcss.config.js:ro
- ./frontend/vitest.config.ts:/app/vitest.config.ts:ro
labels:
- "traefik.enable=true"
- "traefik.docker.network=network-traefik-public"
- "traefik.http.routers.frontend-saas-${USER}.rule=Host(`app.a8n.run`) || Host(`${USER}-app.a8n.run`)"
- "traefik.http.routers.frontend-saas-${USER}.service=frontend-saas-${USER}@docker"
- "traefik.http.routers.frontend-saas-${USER}.entrypoints=web-secure"
- "traefik.http.routers.frontend-saas-${USER}.tls.certresolver=cert-cloudflare"
- "traefik.http.services.frontend-saas-${USER}.loadbalancer.server.port=5173"
volumes:
data:
name: saas-data-${USER}
api_target:
name: saas-api-target-${USER}
downloads_cache:
name: saas-downloads-cache-${USER}
oci_cache:
name: saas-oci-cache-${USER}
networks:
network-traefik-public:
external: true