Created
October 17, 2025 09:44
-
-
Save flyingwebie/1dddf2768c51b61522d587d684fc45d7 to your computer and use it in GitHub Desktop.
Host Twenty CRM in your Coolify system
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: twenty | |
| services: | |
| change-vol-ownership: | |
| image: ubuntu | |
| user: root | |
| restart: "no" | |
| exclude_from_hc: true | |
| volumes: | |
| - server-local-data:/tmp/server-local-data | |
| - docker-data:/tmp/docker-data | |
| command: > | |
| bash -c " | |
| chown -R 1000:1000 /tmp/server-local-data && | |
| chown -R 1000:1000 /tmp/docker-data && | |
| echo 'Volume ownership changed successfully'" | |
| networks: | |
| - twenty-network | |
| server: | |
| image: twentycrm/twenty:${TWENTY_VERSION:-latest} | |
| volumes: | |
| - server-local-data:/app/packages/twenty-server/.local-storage | |
| - docker-data:/app/docker-data | |
| environment: | |
| # Coolify magic variables for domain configuration | |
| - SERVICE_FQDN_SERVER_3000 | |
| # Application Configuration | |
| - NODE_PORT=3000 | |
| - FRONTEND_URL=$SERVICE_FQDN_SERVER | |
| - SERVER_URL=$SERVICE_FQDN_SERVER | |
| # Database Configuration - Auto-generated password by Coolify | |
| - PG_DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@db:5432/default | |
| # Redis Configuration | |
| - REDIS_URL=redis://redis:6379 | |
| # Required setting for successful startup | |
| - SIGN_IN_PREFILLED=true | |
| # Storage Configuration | |
| - STORAGE_TYPE=${STORAGE_TYPE:-local} | |
| - STORAGE_S3_REGION=${STORAGE_S3_REGION:-} | |
| - STORAGE_S3_NAME=${STORAGE_S3_NAME:-} | |
| - STORAGE_S3_ENDPOINT=${STORAGE_S3_ENDPOINT:-} | |
| # Security - Auto-generated by Coolify (32-char base64 secret) | |
| - APP_SECRET=$SERVICE_BASE64_32_SECRET | |
| # Google OAuth Configuration (Optional) | |
| - MESSAGING_PROVIDER_GMAIL_ENABLED=${MESSAGING_PROVIDER_GMAIL_ENABLED:-false} | |
| - CALENDAR_PROVIDER_GOOGLE_ENABLED=${CALENDAR_PROVIDER_GOOGLE_ENABLED:-false} | |
| - AUTH_GOOGLE_CLIENT_ID=${AUTH_GOOGLE_CLIENT_ID:-} | |
| - AUTH_GOOGLE_CLIENT_SECRET=${AUTH_GOOGLE_CLIENT_SECRET:-} | |
| - AUTH_GOOGLE_CALLBACK_URL=${AUTH_GOOGLE_CALLBACK_URL:-} | |
| - AUTH_GOOGLE_APIS_CALLBACK_URL=${AUTH_GOOGLE_APIS_CALLBACK_URL:-} | |
| # Microsoft OAuth Configuration (Optional) | |
| - CALENDAR_PROVIDER_MICROSOFT_ENABLED=${CALENDAR_PROVIDER_MICROSOFT_ENABLED:-false} | |
| - MESSAGING_PROVIDER_MICROSOFT_ENABLED=${MESSAGING_PROVIDER_MICROSOFT_ENABLED:-false} | |
| - AUTH_MICROSOFT_ENABLED=${AUTH_MICROSOFT_ENABLED:-false} | |
| - AUTH_MICROSOFT_CLIENT_ID=${AUTH_MICROSOFT_CLIENT_ID:-} | |
| - AUTH_MICROSOFT_CLIENT_SECRET=${AUTH_MICROSOFT_CLIENT_SECRET:-} | |
| - AUTH_MICROSOFT_CALLBACK_URL=${AUTH_MICROSOFT_CALLBACK_URL:-} | |
| - AUTH_MICROSOFT_APIS_CALLBACK_URL=${AUTH_MICROSOFT_APIS_CALLBACK_URL:-} | |
| # Email Configuration (Optional) | |
| - EMAIL_FROM_ADDRESS=${EMAIL_FROM_ADDRESS:-} | |
| - EMAIL_FROM_NAME=${EMAIL_FROM_NAME:-} | |
| - EMAIL_SYSTEM_ADDRESS=${EMAIL_SYSTEM_ADDRESS:-} | |
| - EMAIL_DRIVER=${EMAIL_DRIVER:-smtp} | |
| - EMAIL_SMTP_HOST=${EMAIL_SMTP_HOST:-} | |
| - EMAIL_SMTP_PORT=${EMAIL_SMTP_PORT:-465} | |
| - EMAIL_SMTP_USER=${EMAIL_SMTP_USER:-} | |
| - EMAIL_SMTP_PASSWORD=${EMAIL_SMTP_PASSWORD:-} | |
| labels: | |
| - "traefik.enable=true" | |
| - "traefik.http.routers.twenty-server.rule=Host(`${DOMAIN}`)" | |
| - "traefik.http.routers.twenty-server.entrypoints=websecure" | |
| - "traefik.http.routers.twenty-server.tls=true" | |
| - "traefik.http.routers.twenty-server.tls.certresolver=letsencrypt" | |
| - "traefik.http.services.twenty-server.loadbalancer.server.port=3000" | |
| depends_on: | |
| change-vol-ownership: | |
| condition: service_completed_successfully | |
| db: | |
| condition: service_healthy | |
| healthcheck: | |
| test: curl --fail http://localhost:3000/healthz || exit 1 | |
| interval: 10s | |
| timeout: 5s | |
| retries: 30 | |
| start_period: 40s | |
| restart: always | |
| networks: | |
| - twenty-network | |
| worker: | |
| image: twentycrm/twenty:${TWENTY_VERSION:-latest} | |
| command: ["yarn", "worker:prod"] | |
| volumes: | |
| - server-local-data:/app/packages/twenty-server/.local-storage | |
| - docker-data:/app/docker-data | |
| environment: | |
| # Database Configuration - Reuses same password as server | |
| - PG_DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@db:5432/default | |
| # Server URL | |
| - SERVER_URL=$SERVICE_FQDN_SERVER | |
| # Redis Configuration | |
| - REDIS_URL=redis://redis:6379 | |
| # Worker runs migrations on server only | |
| - DISABLE_DB_MIGRATIONS=true | |
| # Storage Configuration | |
| - STORAGE_TYPE=${STORAGE_TYPE:-local} | |
| - STORAGE_S3_REGION=${STORAGE_S3_REGION:-} | |
| - STORAGE_S3_NAME=${STORAGE_S3_NAME:-} | |
| - STORAGE_S3_ENDPOINT=${STORAGE_S3_ENDPOINT:-} | |
| # Security - Reuses same secret as server | |
| - APP_SECRET=$SERVICE_BASE64_32_SECRET | |
| # Google OAuth Configuration (Optional) | |
| - MESSAGING_PROVIDER_GMAIL_ENABLED=${MESSAGING_PROVIDER_GMAIL_ENABLED:-false} | |
| - CALENDAR_PROVIDER_GOOGLE_ENABLED=${CALENDAR_PROVIDER_GOOGLE_ENABLED:-false} | |
| - AUTH_GOOGLE_CLIENT_ID=${AUTH_GOOGLE_CLIENT_ID:-} | |
| - AUTH_GOOGLE_CLIENT_SECRET=${AUTH_GOOGLE_CLIENT_SECRET:-} | |
| - AUTH_GOOGLE_CALLBACK_URL=${AUTH_GOOGLE_CALLBACK_URL:-} | |
| - AUTH_GOOGLE_APIS_CALLBACK_URL=${AUTH_GOOGLE_APIS_CALLBACK_URL:-} | |
| # Microsoft OAuth Configuration (Optional) | |
| - CALENDAR_PROVIDER_MICROSOFT_ENABLED=${CALENDAR_PROVIDER_MICROSOFT_ENABLED:-false} | |
| - MESSAGING_PROVIDER_MICROSOFT_ENABLED=${MESSAGING_PROVIDER_MICROSOFT_ENABLED:-false} | |
| - AUTH_MICROSOFT_ENABLED=${AUTH_MICROSOFT_ENABLED:-false} | |
| - AUTH_MICROSOFT_CLIENT_ID=${AUTH_MICROSOFT_CLIENT_ID:-} | |
| - AUTH_MICROSOFT_CLIENT_SECRET=${AUTH_MICROSOFT_CLIENT_SECRET:-} | |
| - AUTH_MICROSOFT_CALLBACK_URL=${AUTH_MICROSOFT_CALLBACK_URL:-} | |
| - AUTH_MICROSOFT_APIS_CALLBACK_URL=${AUTH_MICROSOFT_APIS_CALLBACK_URL:-} | |
| # Email Configuration (Optional) | |
| - EMAIL_FROM_ADDRESS=${EMAIL_FROM_ADDRESS:-} | |
| - EMAIL_FROM_NAME=${EMAIL_FROM_NAME:-} | |
| - EMAIL_SYSTEM_ADDRESS=${EMAIL_SYSTEM_ADDRESS:-} | |
| - EMAIL_DRIVER=${EMAIL_DRIVER:-smtp} | |
| - EMAIL_SMTP_HOST=${EMAIL_SMTP_HOST:-} | |
| - EMAIL_SMTP_PORT=${EMAIL_SMTP_PORT:-465} | |
| - EMAIL_SMTP_USER=${EMAIL_SMTP_USER:-} | |
| - EMAIL_SMTP_PASSWORD=${EMAIL_SMTP_PASSWORD:-} | |
| depends_on: | |
| db: | |
| condition: service_healthy | |
| server: | |
| condition: service_healthy | |
| restart: always | |
| networks: | |
| - twenty-network | |
| db: | |
| image: postgres:16-alpine | |
| volumes: | |
| - db-data:/var/lib/postgresql/data | |
| environment: | |
| # PostgreSQL Configuration | |
| # Password auto-generated by Coolify | |
| - POSTGRES_USER=postgres | |
| - POSTGRES_PASSWORD=$SERVICE_PASSWORD_POSTGRES | |
| - POSTGRES_DB=default | |
| healthcheck: | |
| test: pg_isready -U postgres -h localhost -d default | |
| interval: 5s | |
| timeout: 5s | |
| retries: 10 | |
| restart: always | |
| networks: | |
| - twenty-network | |
| redis: | |
| image: redis:7-alpine | |
| volumes: | |
| - redis-data:/data | |
| restart: always | |
| command: ["redis-server", "--maxmemory-policy", "noeviction"] | |
| healthcheck: | |
| test: ["CMD", "redis-cli", "ping"] | |
| interval: 5s | |
| timeout: 5s | |
| retries: 10 | |
| networks: | |
| - twenty-network | |
| volumes: | |
| db-data: | |
| redis-data: | |
| server-local-data: | |
| docker-data: | |
| networks: | |
| twenty-network: | |
| driver: bridge |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Only suggestion to use
Configurefor the containerserverand set the URL manuallyhttps://app.yourdomain.com/