prep for capraise

This commit is contained in:
Charles N Wyble 2024-12-08 05:39:00 -06:00
parent 3207bd8a23
commit 570d5faa2d
8 changed files with 300 additions and 177 deletions

View File

@ -1,58 +1,62 @@
# Cosmos port map | App Name | Port number |
| --------------------- | ----------- |
| acme | 1001 |
| App Name | Port number | Notes | | agency | 1002 |
| --------------- | ----------- | ----- | | atak | 1003 |
| acme | 1001 | | | billing | 1004 |
| agency | 1002 | | | boinc | 1005 |
| atak | 1003 | | | certmgr | 1006 |
| billing | 1004 | | | chirpstack | 1007 |
| boinc | 1005 | | | craig | 1008 |
| certmgr | 1006 | | | danswer | 1009 |
| chirpstack | 1007 | | | dashboard | 1010 |
| craig | 1008 | | | elabftw | 1011 |
| danswer | 1009 | | | governance | 1012 |
| dashboard | 1010 | | | graylog | 1013 |
| elabftw | 1011 | | | grist | 1014 |
| governance | 1012 | | | healthcheck | 1015 |
| graylog | 1013 | | | homechart | 1016 |
| grist | 1014 | | | huginn | 1017 |
| healthcheck | 1015 | | | inventree | 1018 |
| homechart | 1016 | | | it-fleet | 1019 |
| huginn | 1017 | | | kicad-ci | 1020 |
| inventree | 1018 | | | langufse | 1021 |
| it-fleet | 1019 | | | lists | 1022 |
| kicad-ci | 1020 | | | mailpile | 1023 |
| langufse | 1021 | | | netbox | 1024 |
| lists | 1022 | | | netdata | 1025 |
| mailpile | 1023 | | | netmon | 1026 |
| netbox | 1024 | | | oncall | 1027 |
| netdata | 1025 | | | openblocks | 1028 |
| netmon | 1026 | | | opensearch | 1029 |
| oncall | 1027 | | | openvas | 1030 |
| openblocks | 1028 | | | payroll-engine | 1032 |
| opensearch | 1029 | | | payroute | 1033 |
| openvas | 1030 | | | perplexica | 1034 |
| openvas | 1031 | | | phistest | 1035 |
| payroll-engine | 1002 | | | platform | 1036 |
| payrote | 1033 | | | postiz | 1037 |
| perplexica | 1034 | | | resgrid | 1039 |
| phistest | 1035 | | | reviewboard | 1040 |
| platform | 1036 | | | rundeck | 1041 |
| postiz | 1037 | | | satnogs | 1042 |
| reactive-resume | 1038 | | | sdrangel | 1043 |
| resgrid | 1039 | | | sentry | 1044 |
| reviewboard | 1040 | | | signoz | 1045 |
| rundeck | 1041 | | | slurm | 1046 |
| satnogs | 1042 | | | talent-test | 1047 |
| sdrangel | 1043 | | | thethingsnet | 1048 |
| sentry | 1044 | | | tunnel | 1049 |
| signos | 1045 | | | voiceapps | 1050 |
| slurm | 1046 | | | warp | 1051 |
| talent-test | 1047 | | | wazuh | 1052 |
| thethingsnet | 1048 | | | apigw | 1053 |
| tunnel | 1049 | | | streaming | 1054 |
| voiceapps | 1050 | | | cde | 1055 |
| warp | 1051 | | | digital-asset-manager | 1056 |
| wazuh | 1052 | | | functions | 1057 |
| apigw | 1053 | | | homebox | 1058 |
| openboxes | 1059 |
| jamovi | 1060 |
| jenkins | 1061 |
| tradingdesk | 1062 |

View File

@ -1,113 +0,0 @@
# In this Docker Compose example, it assumes that you maintain a reverse proxy externally (or chose not to).
# The only two exposed ports here are from minio (:9000) and the app itself (:3000).
# If these ports are changed, ensure that the env vars passed to the app are also changed accordingly.
services:
# Database (Postgres)
reactiveresume-postgres:
image: postgres:16-alpine
restart: unless-stopped
container_name: reactiveresume-postgres
volumes:
- reactiveresume-postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
interval: 10s
timeout: 5s
retries: 5
# Storage (for image uploads)
reactiveresume-minio:
image: minio/minio
restart: unless-stopped
container_name: reactiveresume-minio
command: server /data
ports:
- "1000:9000"
volumes:
- reactiveresume-minio_data:/data
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
# Chrome Browser (for printing and previews)
reactiveresume-chrome:
image: ghcr.io/browserless/chromium:latest
restart: unless-stopped
container_name: reactiveresume-chrome
environment:
TIMEOUT: 10000
CONCURRENT: 10
TOKEN: chrome_token
EXIT_ON_HEALTH_FAILURE: true
PRE_REQUEST_HEALTH_CHECK: true
reactiveresume-app:
image: amruthpillai/reactive-resume:latest
restart: unless-stopped
container_name: reactiveresume-app
ports:
- "1001:3000"
depends_on:
- reactiveresume-postgres
- reactiveresume-minio
- reactiveresume-chrome
environment:
# -- Environment Variables --
PORT: 1001
NODE_ENV: production
# -- URLs --
PUBLIC_URL: http://localhost:1001
STORAGE_URL: http://localhost:1000/default
# -- Printer (Chrome) --
CHROME_TOKEN: chrome_token
CHROME_URL: ws://reactiveresume-chrome:1001
# -- Database (Postgres) --
DATABASE_URL: postgresql://postgres:postgres@reactiveresume-postgres:5432/postgres
# -- Auth --
ACCESS_TOKEN_SECRET: access_token_secret
REFRESH_TOKEN_SECRET: refresh_token_secret
# -- Emails --
MAIL_FROM: noreply@localhost
# SMTP_URL: smtp://user:pass@smtp:587 # Optional
# -- Storage (Minio) --
STORAGE_ENDPOINT: reactiveresume-minio
STORAGE_PORT: 1000
STORAGE_REGION: us-east-1 # Optional
STORAGE_BUCKET: default
STORAGE_ACCESS_KEY: minioadmin
STORAGE_SECRET_KEY: minioadmin
STORAGE_USE_SSL: false
STORAGE_SKIP_BUCKET_CHECK: false
# -- Crowdin (Optional) --
# CROWDIN_PROJECT_ID:
# CROWDIN_PERSONAL_TOKEN:
# -- Email (Optional) --
# DISABLE_SIGNUPS: false
# DISABLE_EMAIL_AUTH: false
# -- GitHub (Optional) --
# GITHUB_CLIENT_ID: github_client_id
# GITHUB_CLIENT_SECRET: github_client_secret
# GITHUB_CALLBACK_URL: http://localhost:3000/api/auth/github/callback
# -- Google (Optional) --
# GOOGLE_CLIENT_ID: google_client_id
# GOOGLE_CLIENT_SECRET: google_client_secret
# GOOGLE_CALLBACK_URL: http://localhost:3000/api/auth/google/callback
volumes:
reactiveresume-minio_data:
reactiveresume-postgres_data:

View File

@ -1 +0,0 @@
This directory contains template files for the application at FQDN indidicated by the parent directory. They will be processed using mo (bash mustache).

View File

@ -1 +0,0 @@
This directory contains final docker compose files for the application at FQDN indidicated by the parent directory.

View File

@ -1 +0,0 @@
This directory contains files from the vendor unmodified. They serve as a base for the input-files sibling directory

View File

@ -0,0 +1,238 @@
#open streaming platform docker compose for tsys
networks:
osp:
external: false
web:
external: true
services:
osp_ejabberd:
build: ./osp-ejabberd
# image: deamos/osp-ejabberd
restart: unless-stopped
mem_limit: 256m
memswap_limit: 256m
mem_reservation: 256m
ports:
- '5280:5280'
- '5222:5222'
environment:
- EJABBERD_XMLRPC_ALLOWIP=0.0.0.0/0
- EJABBERD_PASSWORD=changeme
- EJABBERD_DOMAIN=osp.example.com
- OSP_API_PROTOCOL=http
- OSP_API_DOMAIN=osp.example.com
#labels:
# - "traefik.enable=true"
# - "traefik.http.routers.ejabberd.entrypoints=websecure"
# - "traefik.http.routers.ejabberd.rule=Host(`ejabberd.example.com`) && PathPrefix(`/http-bind`)"
# - "traefik.http.routers.ejabberd.tls.domains[0].main=ejabberd.example.com"
# - "traefik.http.routers.ejabberd.tls.certresolver=le"
# - "traefik.http.services.ejabberd.loadbalancer.server.port=5280"
volumes:
- "/srv/docker/osp-app/data/ejabberd/database:/opt/ejabberd/database"
networks:
- osp
- web
osp_core:
build: ./osp-core
# image: deamos/osp-core
restart: unless-stopped
mem_limit: 2048m
memswap_limit: 2304m
mem_reservation: 2048m
#labels:
# - "traefik.enable=true"
# - "traefik.http.routers.streamingapp.entrypoints=websecure"
# - "traefik.http.routers.streamingapp.rule=Host(`osp.example.com`)"
# - "traefik.http.routers.streamingapp.tls.domains[0].main=osp.example.com"
# - "traefik.http.routers.streamingapp.tls.certresolver=le"
# - "traefik.http.services.streamingapp.loadBalancer.sticky.cookie.name=server_id"
# - "traefik.http.services.streamingapp.loadBalancer.sticky.cookie.httpOnly=true"
ports:
- '80'
environment:
- OSP_SERVER_ADDRESS=osp.example.com
- OSP_REDIS_HOST=osp_redis
- OSP_REDIS_PORT=6379
- OSP_REDIS_PASSWORD=
- OSP_CORE_DB=mysql+pymysql://osp:REPLACEOSPDBPASSWORD@osp_db/osp
- OSP_CORE_SECRETKEY=REPLACEME_osp_flask_secret_REPLACEME
- OSP_CORE_PASSWORD_SALT=REPLACEME_osp_flask_salt_REPLACEME
- OSP_CORE_ALLOWREGISTRATION=True
- OSP_CORE_REQUIREEMAILREGISTRATION=False
- OSP_EJABBERD_PASSWORD=changeme
- OSP_EJABBERD_RPCHOST=osp_ejabberd
- OSP_EJABBERD_BOSHDOMAIN=ejabberd.example.com
- OSP_SMTP_SENDAS=osp@email.com
- OSP_SMTP_SERVERADDRESS=smtp.email.com
- OSP_SMTP_SERVERPORT=25
- OSP_SMTP_ENCRYPTION=none
- OSP_SMTP_USERNAME=
- OSP_SMTP_PASSWORD=
- OSP_RTMP_SERVER=osp_rtmp
# - TZ=ETC/UTC
volumes:
- "/srv/docker/osp-app/data/www:/var/www"
- "/srv/docker/osp-app/data/tmpfs/live:/var/www/live"
- "/srv/docker/osp-app/data/tmpfs/live-adapt:/var/www/live-adapt"
- "/srv/docker/osp-app/data/tmpfs/stream-thumb:/var/www/stream-thumb"
networks:
- osp
- web
depends_on:
- osp_db
- osp_redis
- osp_ejabberd
entrypoint: ["/opt/osp/docker-files.d/wait-for-it.sh", "osp_db:3306", "-t", "60", "--", "/opt/osp/docker-files.d/entrypoint.sh"]
osp_celery:
build: ./osp-core
# image: deamos/osp-core
restart: unless-stopped
mem_limit: 2048m
memswap_limit: 2304m
mem_reservation: 2048m
environment:
- OSP_SERVER_ADDRESS=osp.example.com
- OSP_REDIS_HOST=osp_redis
- OSP_REDIS_PORT=6379
- OSP_REDIS_PASSWORD=
- OSP_CORE_DB=mysql+pymysql://osp:REPLACEOSPDBPASSWORD@osp_db/osp
- OSP_CORE_SECRETKEY=REPLACEME_osp_flask_secret_REPLACEME
- OSP_CORE_PASSWORD_SALT=REPLACEME_osp_flask_salt_REPLACEME
- OSP_CORE_ALLOWREGISTRATION=True
- OSP_CORE_REQUIREEMAILREGISTRATION=False
- OSP_EJABBERD_PASSWORD=changeme
- OSP_EJABBERD_RPCHOST=osp_ejabberd
- OSP_EJABBERD_BOSHDOMAIN=ejabberd.example.com
- OSP_SMTP_SENDAS=osp@email.com
- OSP_SMTP_SERVERADDRESS=smtp.email.com
- OSP_SMTP_SERVERPORT=25
- OSP_SMTP_ENCRYPTION=none
- OSP_SMTP_USERNAME=
- OSP_SMTP_PASSWORD=
- OSP_CORE_TYPE=celery
# - TZ=ETC/UTC
volumes:
- "/srv/docker/osp-app/data/www:/var/www"
- "/srv/docker/osp-app/data/tmpfs/live:/var/www/live"
- "/srv/docker/osp-app/data/tmpfs/live-adapt:/var/www/live-adapt"
- "/srv/docker/osp-app/data/tmpfs/stream-thumb:/var/www/stream-thumb"
networks:
- osp
depends_on:
- osp_db
- osp_redis
- osp_ejabberd
- osp_core
entrypoint: ["/opt/osp/docker-files.d/wait-for-it.sh", "osp_db:3306", "-t", "60", "--", "/opt/osp/docker-files.d/entrypoint.sh"]
osp_celery_beat:
build: ./osp-core
# image: deamos/osp-core
restart: unless-stopped
mem_limit: 2048m
memswap_limit: 2304m
mem_reservation: 2048m
environment:
- OSP_SERVER_ADDRESS=osp.example.com
- OSP_REDIS_HOST=osp_redis
- OSP_REDIS_PORT=6379
- OSP_REDIS_PASSWORD=
- OSP_CORE_DB=mysql+pymysql://osp:REPLACEOSPDBPASSWORD@osp_db/osp
- OSP_CORE_SECRETKEY=REPLACEME_osp_flask_secret_REPLACEME
- OSP_CORE_PASSWORD_SALT=REPLACEME_osp_flask_salt_REPLACEME
- OSP_CORE_ALLOWREGISTRATION=True
- OSP_CORE_REQUIREEMAILREGISTRATION=False
- OSP_EJABBERD_PASSWORD=changeme
- OSP_EJABBERD_RPCHOST=osp_ejabberd
- OSP_EJABBERD_BOSHDOMAIN=ejabberd.example.com
- OSP_SMTP_SENDAS=osp@email.com
- OSP_SMTP_SERVERADDRESS=smtp.email.com
- OSP_SMTP_SERVERPORT=25
- OSP_SMTP_ENCRYPTION=none
- OSP_SMTP_USERNAME=
- OSP_SMTP_PASSWORD=
- OSP_CORE_TYPE=beat
# - TZ=ETC/UTC
volumes:
- "/srv/docker/osp-app/data/www:/var/www"
- "/srv/docker/osp-app/data/tmpfs/live:/var/www/live"
- "/srv/docker/osp-app/data/tmpfs/live-adapt:/var/www/live-adapt"
- "/srv/docker/osp-app/data/tmpfs/stream-thumb:/var/www/stream-thumb"
networks:
- osp
depends_on:
- osp_db
- osp_redis
- osp_ejabberd
- osp_core
entrypoint: [ "/opt/osp/docker-files.d/wait-for-it.sh", "osp_db:3306", "-t", "60", "--", "/opt/osp/docker-files.d/entrypoint.sh" ]
osp_rtmp:
build: ./osp-rtmp
# image: deamos/osp-rtmp
restart: unless-stopped
mem_limit: 2048m
memswap_limit: 2304m
mem_reservation: 2048m
ports:
- '1935:1935'
environment:
- OSP_API_HOST=http://osp_core
- OSP_RTMP_SECRETKEY=changeme
volumes:
- "/srv/docker/osp-app/data/www:/var/www"
- "/srv/docker/osp-app/data/tmpfs/live:/var/www/live"
- "/srv/docker/osp-app/data/tmpfs/live-adapt:/var/www/live-adapt"
- "/srv/docker/osp-app/data/tmpfs/stream-thumb:/var/www/stream-thumb"
networks:
- osp
depends_on:
- osp_core
osp_db:
image: mariadb
restart: unless-stopped
mem_limit: 256m
memswap_limit: 512m
mem_reservation: 256m
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- /srv/docker/osp-mariadb:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=REPLACEOSPROOTDBPASSWORD
- MYSQL_PASSWORD=REPLACEOSPDBPASSWORD
- MYSQL_DATABASE=osp
- MYSQL_USER=osp
networks:
- osp
healthcheck:
test: "/usr/bin/mysql --user=root --password=$$MYSQL_ROOT_PASSWORD --execute \"SHOW DATABASES;\""
interval: 1m
timeout: 1s
retries: 5
start_period: 30s
osp_redis:
image: redis
restart: unless-stopped
mem_limit: 128m
memswap_limit: 256m
mem_reservation: 128m
networks:
- osp

View File

@ -1,3 +0,0 @@
This directory contains files from the vendor unmodified. They serve as a base for the input-files sibling directory
https://github.com/Payroll-Engine/PayrollEngine/wiki