Skip to content

Instantly share code, notes, and snippets.

@denikus

denikus/.env

Last active September 20, 2022 17:09
Show Gist options
  • Save denikus/ae883530c46a732a69597b6bcbf8980e to your computer and use it in GitHub Desktop.
Save denikus/ae883530c46a732a69597b6bcbf8980e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
.env
# Default values are optimized for production to avoid having to configure
# much in production.
#
# However it should be easy to get going in development too. If you see an
# uncommented option that means it's either mandatory to set or it's being
# overwritten in development to make your life easier.
# Rather than use the directory name, let's control the name of the project
COMPOSE_PROJECT_NAME=navegante
# You can generate a more secure secret by running: ./run rails secret
SECRET_KEY_BASE=reals_secret_base
RAILS_MASTER_KEY=real_secret_key
# By setting RAILS_LOG_TO_STDOUT to any value we should have the production logs directed to STDOUT.
# see application.rb
#RAILS_LOG_TO_STDOUT=
# Which environment is running? These should be "development" or "production".
#export RAILS_ENV=production
#export NODE_ENV=production
#export RAILS_ENV=development
#export NODE_ENV=development
RUBY_VER=3.1.2
PG_VER=14.2
BUNDLER_VER=2.3.13
REDIS_VER=6.2.7
DISTRO_NAME=bullseye
# The bind port for puma.
#
# Be warned that if you change this value you'll need to change 8000 in both
# your Dockerfile and in a few spots in docker-compose.yml due to the nature of
# how this value can be set (Docker Compose doesn't support nested ENV vars).
#export PORT=8000
# How many workers and threads should your app use? WEB_CONCURRENCY defaults
# to the server's CPU count * 2. That is a good starting point. In development
# it's a good idea to use 1 to avoid race conditions when debugging.
#export WEB_CONCURRENCY=
#export RAILS_MAX_THREADS=5
WEB_CONCURRENCY=4
RAILS_MAX_THREADS=5
# You'll always want to set POSTGRES_USER and POSTGRES_PASSWORD since the
# postgres Docker image uses them for its default database user and password.
POSTGRES_USER=navegante_user
POSTGRES_PASSWORD=Bf.eLcQvFzsAgMP64h
POSTGRES_HOST=postgres
POSTGRES_PORT=5432
POSTGRES_DB=navegante
# What's your full Redis connection URL? This will be used for caching, Sidekiq,
# and Action Cable. You can always split them up later.
#export REDIS_URL=redis://redis:6379/1
# The bind port for puma but for Action Cable.
#
# Be warned that if you change this value you'll need to change 28080 in a few
# spots in docker-compose.yml due to the nature of how this value can be set
# (Docker Compose doesn't support nested ENV vars).
#export CABLE_PORT=28080
# The Action Cable address that will be accessible over HTTP. In production
# you would typically have this reverse proxied to a sub-domain with nginx, in
# which case you would set something like: ws://cable.example.com
#
# This is one case where it defaults to a development value because it's not
# possible for me to know what domain name you'll be using.
#export ACTION_CABLE_FRONTEND_URL=ws://localhost:28080
# Comma separated list of RegExp origins to allow connections from for Action
# Cable. The values will be converted into a proper RegExp, so omit the / /.
#
# Examples:
# http:\/\/localhost*
# http:\/\/example.*,https:\/\/example.*
#export ACTION_CABLE_ALLOWED_REQUEST_ORIGINS=http:\/\/localhost*
# If this is set then Rails will serve files from public/ in production. You
# probably don't want this behavior unless you're testing prod mode locally,
# because nginx would typically serve static files.
export RAILS_SERVE_STATIC_FILES=true
# Should Docker restart your containers if they go down in unexpected ways?
#export DOCKER_RESTART_POLICY=unless-stopped
#export DOCKER_RESTART_POLICY=no
DOCKER_RESTART_POLICY=always
# What health check test command do you want to run? In development, having it
# curl your web server will result in a lot of log spam, so setting it to
# /bin/true is an easy way to make the health check do basically nothing.
DOCKER_WEB_HEALTHCHECK_TEST=curl localhost:8000/up
#export DOCKER_WEB_HEALTHCHECK_TEST=/bin/true
# What ip:port should be published back to the Docker host for the app server?
# If you're using Docker Toolbox or a custom VM you can't use 127.0.0.1. This
# is being overwritten in dev to be compatible with more dev environments.
#
# If you have a port conflict because something else is using 8000 then you
# can either stop that process or change 8000 to be something else.
#
# Use the default in production to avoid having gunicorn directly accessible to
# the internet since it'll very likely be behind nginx or a load balancer.
#export DOCKER_WEB_PORT_FORWARD=127.0.0.1:8000
#export DOCKER_WEB_PORT_FORWARD=8000
# This is the same as above except for Action Cable.
#export DOCKER_CABLE_PORT_FORWARD=127.0.0.1:28080
#export DOCKER_CABLE_PORT_FORWARD=28080
# What volume path should be used? In dev we want to volume mount everything
# so that we can develop our code without rebuilding our Docker images.
DOCKER_WEB_VOLUME=./public:/app/public
#export DOCKER_WEB_VOLUME=.:/app
# What CPU and memory constraints will be added to your services? When left at
# 0 they will happily use as much as needed.
DOCKER_POSTGRES_CPUS=1
DOCKER_POSTGRES_MEMORY=300m
DOCKER_REDIS_CPUS=1
DOCKER_REDIS_MEMORY=300m
DOCKER_WEB_CPUS=1
DOCKER_WEB_MEMORY=500m
DOCKER_WORKER_CPUS=1
DOCKER_WORKER_MEMORY=200m
DOCKER_CABLE_CPUS=1
DOCKER_CABLE_MEMORY=100m
export ELASTIC_HOST=elastic
export ELASTICSEARCH_URL=http://elasticsearch:9200
Raw
docker-compose.override.yml
# docker-compose.override.yml for user rails_app home dir
services:
web:
image: ghcr.io/wearepush/navegante:latest
command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 8000 -b '0.0.0.0'"
environment:
- VIRTUAL_HOST=nvgt.wearepush.co # it will allow nginx-proxy to redirect HTTP request to your Rails app
# LETSENCRYPT variables are used by acme-companion and it will create SSL certificate for those params
- LETSENCRYPT_HOST=nvgt.wearepush.co
- [email protected]
volumes:
- ./storage:/app/storage
- ./log:/app/log
- ./tmp:/app/tmp
worker:
image: ghcr.io/wearepush/navegante:latest
networks:
default:
name: nginx-proxy-network
Raw
nginx user docker-compose.yaml
# docker-compose.yaml for nginx_proxy user (separate user in system)
version: '2'services:
nginx-proxy:
restart: always
image: nginxproxy/nginx-proxy
container_name: nginx-proxy
ports:
- 80:80
- 443:443
volumes:
- conf:/etc/nginx/conf.d
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- dhparam:/etc/nginx/dhparam
- certs:/etc/nginx/certs:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx_custom.conf:/etc/nginx/conf.d/nginx_custom.conf
networks:
nginx-proxy-network:
letsencrypt:
restart: always
image: nginxproxy/acme-companion
container_name: nginx-proxy-acme
volumes_from:
- nginx-proxy
volumes:
- certs:/etc/nginx/certs:rw
- acme:/etc/acme.sh
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
nginx-proxy-network:
volumes:
conf:
vhost:
html:
dhparam:
certs:
acme:
networks:
nginx-proxy-network:
name: "nginx-proxy-network"
Raw
nginx user nginx_custom.conf
# nginx_custom.conf for nginx_proxy user (separate user in system)
# here you can customize NGINX
server_tokens off;
client_max_body_size 100m;
Raw
rails_app docker-compose.yaml
# docker-compose.yaml for user rails_app home dir
x-app: &default-app
build:
context: "."
target: "app"
args:
- "RAILS_ENV=${RAILS_ENV:-production}"
- "NODE_ENV=${NODE_ENV:-production}"
- "RUBY_VER=${RUBY_VER}"
- "PG_VER=${PG_VER}"
- "BUNDLER_VER=${BUNDLER_VER}"
- "REDIS_VER=${REDIS_VER}"
- "DISTRO_NAME=${DISTRO_NAME}"
depends_on:
- "postgres"
- "redis"
env_file:
- ".env"
restart: "${DOCKER_RESTART_POLICY:-unless-stopped}"
stop_grace_period: "3s"
tty: true
volumes:
- "${DOCKER_WEB_VOLUME:-./public:/app/public}"
services:
postgres:
deploy:
resources:
limits:
cpus: "${DOCKER_POSTGRES_CPUS:-0}"
memory: "${DOCKER_POSTGRES_MEMORY:-0}"
env_file:
- ".env"
image: "postgres:${PG_VER}-${DISTRO_NAME}"
restart: "${DOCKER_RESTART_POLICY:-unless-stopped}"
stop_grace_period: "3s"
volumes:
- "postgres:/var/lib/postgresql/data"
redis:
deploy:
resources:
limits:
cpus: "${DOCKER_REDIS_CPUS:-0}"
memory: "${DOCKER_REDIS_MEMORY:-0}"
env_file:
- ".env"
image: "redis:${REDIS_VER}-${DISTRO_NAME}"
restart: "${DOCKER_RESTART_POLICY:-unless-stopped}"
stop_grace_period: "3s"
volumes:
- "redis:/data"
web:
<<: *default-app
stdin_open: true
deploy:
resources:
limits:
cpus: "${DOCKER_WEB_CPUS:-0}"
memory: "${DOCKER_WEB_MEMORY:-0}"
healthcheck:
test: "${DOCKER_WEB_HEALTHCHECK_TEST:-curl localhost:8000/up}"
interval: "60s"
timeout: "3s"
start_period: "5s"
retries: 3
ports:
- "${DOCKER_WEB_PORT_FORWARD:-127.0.0.1:8000}:8000"
#- "${DOCKER_WEB_PORT_FORWARD:-127.0.0.1:465}:465"
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.2.2
restart: "${DOCKER_RESTART_POLICY:-unless-stopped}"
hostname: elasticsearch
container_name: elasticsearch
environment:
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=false
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- "elasticsearch:/usr/share/elasticsearch/data"
ports:
- 9200:9200
worker:
<<: *default-app
command: "bundle exec sidekiq -C config/sidekiq.yml"
entrypoint: []
deploy:
resources:
limits:
cpus: "${DOCKER_WORKER_CPUS:-0}"
memory: "${DOCKER_WORKER_MEMORY:-0}"
# cable:
# <<: *default-app
# command: "puma -p 28080 cable/config.ru"
# entrypoint: []
# deploy:
# resources:
# limits:
# cpus: "${DOCKER_CABLE_CPUS:-0}"
# memory: "${DOCKER_CABLE_MEMORY:-0}"
# ports:
# - "${DOCKER_CABLE_PORT_FORWARD:-127.0.0.1:28080}:28080"
volumes:
postgres: {}
redis: {}
elasticsearch: {}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment