diff --git a/apps/appsmith/.env b/apps/appsmith/.env index 0929e420f..e8b647a45 100644 --- a/apps/appsmith/.env +++ b/apps/appsmith/.env @@ -1,5 +1,5 @@ W9_VERSION=latest -W9_REPO=index.docker.io/appsmith/appsmith-ce +W9_REPO=appsmith/appsmith-ce W9_DIST=community #### -- Not allowed to edit below environments when recreate app based on existing data -- #### diff --git a/apps/appsmith/variables.json b/apps/appsmith/variables.json index 2b95be03b..27451bc58 100644 --- a/apps/appsmith/variables.json +++ b/apps/appsmith/variables.json @@ -7,7 +7,7 @@ { "dist": "community", "version": [ - "v1.9.29", + "v1.9.53", "latest" ] } diff --git a/apps/arangodb/.env b/apps/arangodb/.env index ce686b9ff..0316de4fd 100644 --- a/apps/arangodb/.env +++ b/apps/arangodb/.env @@ -1,7 +1,7 @@ -W9_POWER_PASSWORD=1PrMxExC45LsCT W9_REPO=arangodb W9_VERSION=latest W9_DIST=community +W9_POWER_PASSWORD=1PrMxExC45LsCT #### -- Not allowed to edit below environments when recreate app based on existing data -- #### W9_ID=arangodb diff --git a/apps/budibase/.env b/apps/budibase/.env index fa17810ee..bcfc5b90c 100644 --- a/apps/budibase/.env +++ b/apps/budibase/.env @@ -1,32 +1,44 @@ -W9_POWER_PASSWORD=spJNF09yzwWJaG! -W9_ID=budibase -W9_REPO=budibase.docker.scarf.sh/budibase/apps W9_DIST=community +W9_REPO=budibase.docker.scarf.sh/budibase/apps +W9_VERSION=latest +W9_POWER_PASSWORD=spJNF09yzwWJaG! #### -- Not allowed to edit below environments when recreate app based on existing data -- #### +W9_ID=budibase W9_HTTP_PORT=10000 -W9_HTTP_PORT_SET=9001 +W9_HTTP_PORT_SET=9009 W9_URL=appname.example.com W9_NETWORK=websoft9 #### --------------------------------------------------------------------------------------- #### +# Use the main port in the builder for your self hosting URL, e.g. localhost:10000 +MAIN_PORT=$W9_HTTP_PORT_SET + # This section contains all secrets pertaining to the system # These should be updated -JWT_SECRET=$W9_POWER_PASSWORD +API_ENCRYPTION_KEY=${W9_POWER_PASSWORD}6UF6GPsa3iu2tbP +JWT_SECRET=${W9_POWER_PASSWORD}6UF6GPsa3iu2tbP MINIO_ACCESS_KEY=$W9_POWER_PASSWORD MINIO_SECRET_KEY=$W9_POWER_PASSWORD COUCH_DB_PASSWORD=$W9_POWER_PASSWORD -COUCH_DB_USER=$W9_ID +COUCH_DB_USER=$W9_POWER_PASSWORD REDIS_PASSWORD=$W9_POWER_PASSWORD INTERNAL_API_KEY=$W9_POWER_PASSWORD # This section contains variables that do not need to be altered under normal circumstances -# These only container port, not need to replace -#W9_PORT=4002 -#WORKER_PORT=4003 -#MINIO_PORT=4004 -#COUCH_DB_PORT=4005 -#REDIS_PORT=6379 -#WATCHTOWER_PORT=6161 - +APP_PORT=4002 +WORKER_PORT=4003 +MINIO_PORT=4004 +COUCH_DB_PORT=4005 +REDIS_PORT=6379 +WATCHTOWER_PORT=6161 BUDIBASE_ENVIRONMENT=PRODUCTION +SQL_MAX_ROWS= + +# An admin user can be automatically created initially if these are set +BB_ADMIN_USER_EMAIL= +BB_ADMIN_USER_PASSWORD= + +# A path that is watched for plugin bundles. Any bundles found are imported automatically/ +PLUGINS_DIR= +ROLLING_LOG_MAX_SIZE= \ No newline at end of file diff --git a/apps/budibase/Notes.md b/apps/budibase/Notes.md index 13b541021..c197d006d 100644 --- a/apps/budibase/Notes.md +++ b/apps/budibase/Notes.md @@ -3,6 +3,8 @@ * docs: https://docs.budibase.com/docs/docker-compose * repo: https://github.com/Budibase/budibase/tree/develop/hosting -## Install +## FAQ -Note: All the *_PORT except MAIN_PORT at .env file is no useful and we have # it +#### watchtower-service 的作用? + +它是一个更新代理,通过 API 以驱动更新。当前的设置下,它不会主动更新其他容器 diff --git a/apps/budibase/docker-compose.yml b/apps/budibase/docker-compose.yml index 6b0921fec..8d5c3dcb4 100644 --- a/apps/budibase/docker-compose.yml +++ b/apps/budibase/docker-compose.yml @@ -1,13 +1,15 @@ -version: "3.8" -# optional ports are specified throughout for more advanced use cases. -# Websoft9 only add container_name +# docs: https://docs.budibase.com/docs/docker-compose +# compose: https://github.com/Budibase/budibase/blob/master/hosting/docker-compose.yaml + +# Websoft9 only add container_name, and add plugins volume and network +version: "3.8" services: app-service: restart: unless-stopped - image: $W9_REPO - container_name: $W9_ID + image: budibase.docker.scarf.sh/budibase/apps + container_name: $W9_ID-bbapps environment: SELF_HOSTED: 1 COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984 @@ -18,16 +20,21 @@ services: INTERNAL_API_KEY: ${INTERNAL_API_KEY} BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT} PORT: 4002 + API_ENCRYPTION_KEY: ${API_ENCRYPTION_KEY} JWT_SECRET: ${JWT_SECRET} LOG_LEVEL: info - SENTRY_DSN: https://a34ae347621946bf8acded18e5b7d4b8@o420233.ingest.sentry.io/5338131 ENABLE_ANALYTICS: "true" REDIS_URL: redis-service:6379 REDIS_PASSWORD: ${REDIS_PASSWORD} + BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL} + BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD} + PLUGINS_DIR: ${PLUGINS_DIR} + OFFLINE_MODE: ${OFFLINE_MODE} depends_on: - worker-service - redis-service - env_file: .env + volumes: + - plugins:/plugins worker-service: restart: unless-stopped @@ -36,7 +43,8 @@ services: environment: SELF_HOSTED: 1 PORT: 4003 - CLUSTER_PORT: ${W9_HTTP_PORT_SET} + CLUSTER_PORT: ${MAIN_PORT} + API_ENCRYPTION_KEY: ${API_ENCRYPTION_KEY} JWT_SECRET: ${JWT_SECRET} MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY} MINIO_SECRET_KEY: ${MINIO_SECRET_KEY} @@ -45,78 +53,75 @@ services: COUCH_DB_USERNAME: ${COUCH_DB_USER} COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD} COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984 - SENTRY_DSN: https://a34ae347621946bf8acded18e5b7d4b8@o420233.ingest.sentry.io/5338131 INTERNAL_API_KEY: ${INTERNAL_API_KEY} REDIS_URL: redis-service:6379 REDIS_PASSWORD: ${REDIS_PASSWORD} + OFFLINE_MODE: ${OFFLINE_MODE} depends_on: - redis-service - minio-service - - couch-init - env_file: .env minio-service: restart: unless-stopped - image: minio/minio container_name: $W9_ID-minio + image: minio/minio volumes: - minio_data:/data environment: MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY} MINIO_SECRET_KEY: ${MINIO_SECRET_KEY} MINIO_BROWSER: "off" - command: server /data + command: server /data --console-address ":9001" healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"] + test: "timeout 5s bash -c ':> /dev/tcp/127.0.0.1/9000' || exit 1" interval: 30s timeout: 20s retries: 3 - env_file: .env proxy-service: - container_name: $W9_ID-proxy restart: unless-stopped ports: - - "${W9_HTTP_PORT_SET}:${W9_HTTP_PORT}" + - "${MAIN_PORT}:10000" + container_name: $W9_ID image: budibase/proxy + environment: + - PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10 + - PROXY_RATE_LIMIT_API_PER_SECOND=20 + - APPS_UPSTREAM_URL=http://app-service:4002 + - WORKER_UPSTREAM_URL=http://worker-service:4003 + - MINIO_UPSTREAM_URL=http://minio-service:9000 + - COUCHDB_UPSTREAM_URL=http://couchdb-service:5984 + - WATCHTOWER_UPSTREAM_URL=http://watchtower-service:8080 + - RESOLVER=127.0.0.11 depends_on: - minio-service - worker-service - app-service - couchdb-service - env_file: .env couchdb-service: restart: unless-stopped - image: ibmcom/couchdb3 container_name: $W9_ID-couchdb + image: budibase/couchdb + pull_policy: always environment: - COUCHDB_PASSWORD=${COUCH_DB_PASSWORD} - COUCHDB_USER=${COUCH_DB_USER} + - TARGETBUILD=docker-compose volumes: - couchdb3_data:/opt/couchdb/data - env_file: .env - - couch-init: - image: curlimages/curl - environment: - PUT_CALL: "curl -u ${COUCH_DB_USER}:${COUCH_DB_PASSWORD} -X PUT couchdb-service:5984" - depends_on: - - couchdb-service - command: ["sh","-c","sleep 10 && $${PUT_CALL}/_users && $${PUT_CALL}/_replicator; fg;"] - env_file: .env redis-service: restart: unless-stopped - container_name: $W9_ID-redis image: redis + container_name: $W9_ID-redis command: redis-server --requirepass ${REDIS_PASSWORD} volumes: - redis_data:/data - env_file: .env watchtower-service: - restart: unless-stopped + restart: always + container_name: $W9_ID-watchtower image: containrrr/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock @@ -127,12 +132,6 @@ services: - WATCHTOWER_CLEANUP=true labels: - "com.centurylinklabs.watchtower.enable=false" - env_file: .env - -networks: - default: - name: ${W9_NETWORK} - external: true volumes: couchdb3_data: @@ -141,3 +140,10 @@ volumes: driver: local redis_data: driver: local + plugins: + driver: local + +networks: + default: + name: ${W9_NETWORK} + external: true \ No newline at end of file diff --git a/apps/budibase/src/nginx_proxy.conf b/apps/budibase/src/nginx_proxy.conf new file mode 100644 index 000000000..aaf519c7e --- /dev/null +++ b/apps/budibase/src/nginx_proxy.conf @@ -0,0 +1,4 @@ +proxy_busy_buffers_size 512k; +proxy_buffers 4 512k; +proxy_buffer_size 256k; +client_max_body_size 50m; \ No newline at end of file diff --git a/docs/code_owner.md b/docs/code_owner.md index 3972a32d6..5ec899b0c 100644 --- a/docs/code_owner.md +++ b/docs/code_owner.md @@ -98,6 +98,9 @@ src is the directory which include config or script files for creating/modify ap | nginx_proxy.conf | nginx config code section which will insert to server{} by websoft9 api, and it can override the exist location | no | | php_exra.ini | extra php.ini for PHP application, you can add it to docker-compose.yml if you want to use it | no | + +> you should add **proxy_pass $forward_scheme://$server:$port$request_uri;** to your nginx_proxy.conf if you override default location /{} + ## Build docker image of websoft9 When we cannot find a suitable image, we have to compile the image by Dockerfile,We make a requirement in the following aspects. diff --git a/template/src/nginx_proxy.conf b/template/src/nginx_proxy.conf index ba2cc5622..a9947d92b 100644 --- a/template/src/nginx_proxy.conf +++ b/template/src/nginx_proxy.conf @@ -1,3 +1,17 @@ +proxy_busy_buffers_size 512k; +proxy_buffers 4 512k; +proxy_buffer_size 256k; +client_max_body_size 50m; +# override default location / +location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_http_version 1.1; + proxy_pass $forward_scheme://$server:$port$request_uri; + } + location /oida/ { # this is the address and port of the ORDS installation proxy_pass http://127.0.0.1:8080/ords/;