Created
February 22, 2020 21:51
-
-
Save eXtrem0us/e7b3890d00adceec822bc7d4b7d39893 to your computer and use it in GitHub Desktop.
Zulip Server Configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2' | |
| services: | |
| database: | |
| image: 'zulip/zulip-postgresql:10' | |
| environment: | |
| POSTGRES_DB: 'zulip' | |
| POSTGRES_USER: 'zulip' | |
| # Note that you need to do a manual `ALTER ROLE` query if you | |
| # change this on a system after booting the postgres container | |
| # the first time on a host. Instructions are available in README.md. | |
| POSTGRES_PASSWORD: 'SomePostgressPASSWORD' | |
| volumes: | |
| - '/opt/docker/zulip/postgresql/data:/var/lib/postgresql/data:rw' | |
| memcached: | |
| image: 'memcached:alpine' | |
| command: | |
| - 'sh' | |
| - '-euc' | |
| - | | |
| echo 'mech_list: plain' > "$$SASL_CONF_PATH" | |
| echo "zulip@$$HOSTNAME:$$MEMCACHED_PASSWORD" > "$$MEMCACHED_SASL_PWDB" | |
| exec memcached -S | |
| environment: | |
| SASL_CONF_PATH: '/home/memcache/memcached.conf' | |
| MEMCACHED_SASL_PWDB: '/home/memcache/memcached-sasl-db' | |
| MEMCACHED_PASSWORD: 'SomeMemcachedPASSWORD' | |
| restart: always | |
| rabbitmq: | |
| image: 'rabbitmq:3.7.7' | |
| hostname: zulip-rabbit | |
| restart: always | |
| environment: | |
| RABBITMQ_DEFAULT_USER: 'zulip' | |
| RABBITMQ_DEFAULT_PASS: 'SomeRabbitMQPASSWORD' | |
| volumes: | |
| - '/opt/docker/zulip/rabbitmq:/var/lib/rabbitmq:rw' | |
| redis: | |
| image: 'redis:alpine' | |
| command: | |
| - 'sh' | |
| - '-euc' | |
| - | | |
| echo "requirepass '$$REDIS_PASSWORD'" > /etc/redis.conf | |
| exec redis-server /etc/redis.conf | |
| environment: | |
| REDIS_PASSWORD: 'SomeRedisPASSWORD' | |
| volumes: | |
| - '/opt/docker/zulip/redis:/data:rw' | |
| zulip: | |
| image: 'zulip/docker-zulip:2.1.2-0' | |
| build: | |
| context: . | |
| args: | |
| # Change these if you want to build zulip from a different repo/branch | |
| ZULIP_GIT_URL: https://github.com/zulip/zulip.git | |
| ZULIP_GIT_REF: 2.1.2 | |
| # Set this up if you plan to use your own CA certificate bundle for building | |
| # CUSTOM_CA_CERTIFICATES: | |
| ports: | |
| - '80:80' | |
| - '443:443' | |
| environment: | |
| DB_HOST: 'database' | |
| DB_HOST_PORT: '5432' | |
| DB_USER: 'zulip' | |
| SSL_CERTIFICATE_GENERATION: 'self-signed' | |
| SETTING_MEMCACHED_LOCATION: 'memcached:11211' | |
| SETTING_RABBITMQ_HOST: 'rabbitmq' | |
| SETTING_REDIS_HOST: 'redis' | |
| SECRETS_email_password: 'SomeEMAILPASSWORD' | |
| # These should match RABBITMQ_DEFAULT_PASS, POSTGRES_PASSWORD, | |
| # MEMCACHED_PASSWORD, and REDIS_PASSWORD above. | |
| SECRETS_rabbitmq_password: 'SomeRabbitMQPASSWORD' | |
| SECRETS_postgres_password: 'SomePostgressPASSWORD' | |
| SECRETS_memcached_password: 'SomeMemcachedPASSWORD' | |
| SECRETS_redis_password: 'SomeRedisPASSWORD' | |
| SECRETS_secret_key: 'AVerySecretKEY,WhichCanNotBeGuessed' | |
| SETTING_EXTERNAL_HOST: 'chat.mygrowingstartup.com' | |
| SETTING_ZULIP_ADMINISTRATOR: '[email protected]' | |
| SETTING_EMAIL_HOST: 'mail.mygrowingstartup.com' # e.g. smtp.example.com | |
| SETTING_EMAIL_HOST_USER: '[email protected]' | |
| #SETTING_EMAIL_PORT: '587' | |
| SETTING_EMAIL_PORT: '465' | |
| # It seems that the email server needs to use ssl or tls and can't be used without it | |
| SETTING_EMAIL_USE_SSL: 'True' | |
| SETTING_EMAIL_USE_TLS: 'False' | |
| ZULIP_AUTH_BACKENDS: 'EmailAuthBackend,ZulipLDAPAuthBackend' | |
| # Uncomment this when configuring the mobile push notifications service | |
| SETTING_PUSH_NOTIFICATION_BOUNCER_URL: 'https://push.zulipchat.com' | |
| #### BY MEYTEE (@eXtrem0us) #### | |
| # To use Zulip behind haproxy: | |
| DISABLE_HTTPS: 'True' | |
| # To not using obfuscated no-reply emails and use the exact determined email: | |
| SETTING_NOREPLY_EMAIL_ADDRESS: '[email protected]' | |
| SETTING_ADD_TOKENS_TO_NOREPLY_ADDRESS: 'False' | |
| SETTING_FAKE_EMAIL_DOMAIN: 'mygrowingstartup.com' | |
| # LDAP Configurations: | |
| SETTING_AUTH_LDAP_SERVER_URI: 'ldap://ldap.mygrowingstartup' | |
| SETTING_AUTH_LDAP_BIND_DN: 'cn=admin,dc=mygrowingstartup' | |
| SECRETS_auth_ldap_bind_password: 'my9r0win95+4r+uq.HaHa' | |
| SETTING_AUTH_LDAP_USER_SEARCH: 'LDAPSearch("cn=users,ou=employees,dc=mygrowingstartup", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")' | |
| SETTING_AUTH_LDAP_REVERSE_EMAIL_SEARCH: 'LDAPSearch("cn=users,ou=employees,dc=mygrowingstartup", ldap.SCOPE_SUBTREE, "(mail=%(email)s)")' | |
| SETTING_AUTH_LDAP_USERNAME_ATTR: 'uid' | |
| SETTING_LDAP_APPEND_DOMAIN: 'mygrowingstartup.com' | |
| SETTING_AUTH_LDAP_USER_ATTR_MAP: '{"first_name": "cn","last_name": "sn","full_name": "displayName"}' | |
| volumes: | |
| - '/opt/docker/zulip/zulip:/data:rw' | |
| ulimits: | |
| nofile: | |
| soft: 40000 | |
| hard: 50000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment