From 5a70cc4616fdd2c754492ec0163b71645232aa28 Mon Sep 17 00:00:00 2001 From: huzaifaedhi2 Date: Thu, 22 May 2025 20:05:50 +0200 Subject: [PATCH 1/4] feat(zammad): add config to stack.yml --- src/development/certificates/mkcert.sh | 22 ++-- src/development/stack.yml | 144 +++++++++++++++++++++++++ 2 files changed, 156 insertions(+), 10 deletions(-) diff --git a/src/development/certificates/mkcert.sh b/src/development/certificates/mkcert.sh index 2b514453..3e661cc3 100755 --- a/src/development/certificates/mkcert.sh +++ b/src/development/certificates/mkcert.sh @@ -29,13 +29,15 @@ done create "root" create "traefik" \ - `# adminer` "adminer.localhost" \ - `# grafana` "grafana.localhost" \ - `# minio` "minio.localhost" \ - `# portainer` "portainer.localhost" \ - `# postgraphile` "postgraphile.localhost" \ - `# prometheus` "prometheus.localhost" \ - `# redpanda` "redpanda.localhost" \ - `# traefik` "traefik.localhost" \ - `# tusd` "tusd.localhost" \ - `# vibetype` "localhost" "www.localhost" "127.0.0.1" "0.0.0.0" \ No newline at end of file + "adminer.localhost" \ + "grafana.localhost" \ + "minio.localhost" \ + "portainer.localhost" \ + "postgraphile.localhost" \ + "prometheus.localhost" \ + "redpanda.localhost" \ + "traefik.localhost" \ + "tusd.localhost" \ + "zammad.localhost" \ + "localhost" "www.localhost" "127.0.0.1" "0.0.0.0" + diff --git a/src/development/stack.yml b/src/development/stack.yml index 88842d2d..73bc70ea 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -344,6 +344,149 @@ services: - postgres_user volumes: - ../../../reccoom/:/srv/app/ + + zammad-elasticsearch: + image: zammad/zammad-docker-compose:latest + restart: always + volumes: + - zammad_elasticsearch_data:/usr/share/elasticsearch/data + environment: + - discovery.type=single-node + + zammad-init: + image: zammad/zammad-docker-compose:latest + restart: on-failure + depends_on: + - postgres + - zammad-elasticsearch + environment: + - POSTGRESQL_HOST=postgres + - POSTGRESQL_USER=${POSTGRES_USER} + - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_DB=zammad + - ELASTICSEARCH_HOST=zammad-elasticsearch + - ELASTICSEARCH_PORT=9200 + - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver + - ZAMMAD_WEBSOCKET_HOST=zammad-websocket + - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} + - REDIS_URL=redis://zammad-redis:6379 + secrets: + - source: postgres_user + target: POSTGRESQL_USER + - source: postgres_password + target: POSTGRESQL_PASS + command: ["zammad-init"] + + zammad-railsserver: + image: zammad/zammad-docker-compose:latest + restart: always + depends_on: + - zammad-init + environment: + - POSTGRESQL_HOST=postgres + - POSTGRESQL_USER=${POSTGRES_USER} + - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_DB=zammad + - ELASTICSEARCH_HOST=zammad-elasticsearch + - ELASTICSEARCH_PORT=9200 + - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver + - ZAMMAD_WEBSOCKET_HOST=zammad-websocket + - REDIS_URL=redis://zammad-redis:6379 + secrets: + - source: postgres_user + target: POSTGRESQL_USER + - source: postgres_password + target: POSTGRESQL_PASS + deploy: + labels: + - traefik.enable=true + - traefik.http.routers.zammad-railsserver.entryPoints=web + - traefik.http.routers.zammad-railsserver.middlewares=redirectscheme + - traefik.http.routers.zammad-railsserver.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`) + - traefik.http.routers.zammad-railsserver_secure.entryPoints=web-secure + - traefik.http.routers.zammad-railsserver_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`) + - traefik.http.routers.zammad-railsserver_secure.tls.options=mintls13@file + - traefik.http.services.zammad-railsserver.loadbalancer.server.port=3000 + + zammad-scheduler: + image: zammad/zammad-docker-compose:latest + restart: always + depends_on: + - zammad-init + environment: + - POSTGRESQL_HOST=postgres + - POSTGRESQL_USER=${POSTGRES_USER} + - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_DB=zammad + - ELASTICSEARCH_HOST=zammad-elasticsearch + - ELASTICSEARCH_PORT=9200 + - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver + - ZAMMAD_WEBSOCKET_HOST=zammad-websocket + - REDIS_URL=redis://zammad-redis:6379 + + secrets: + - source: postgres_user + target: POSTGRESQL_USER + - source: postgres_password + target: POSTGRESQL_PASS + command: ["zammad-scheduler"] + + zammad-redis: + image: redis:7-alpine + restart: always + + zammad-websocket: + image: zammad/zammad-docker-compose:latest + restart: always + depends_on: + - zammad-init + environment: + - POSTGRESQL_HOST=postgres + - POSTGRESQL_USER=${POSTGRES_USER} + - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_DB=zammad + - ELASTICSEARCH_HOST=zammad-elasticsearch + - ELASTICSEARCH_PORT=9200 + - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver + - ZAMMAD_WEBSOCKET_HOST=zammad-websocket + - REDIS_URL=redis://zammad-redis:6379 + secrets: + - source: postgres_user + target: POSTGRESQL_USER + - source: postgres_password + target: POSTGRESQL_PASS + command: ["zammad-websocket"] + deploy: + labels: + - traefik.enable=true + - traefik.http.routers.zammad-websocket.entryPoints=web + - traefik.http.routers.zammad-websocket.middlewares=redirectscheme + - traefik.http.routers.zammad-websocket.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`) + - traefik.http.routers.zammad-websocket_secure.entryPoints=web-secure + - traefik.http.routers.zammad-websocket_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`) + - traefik.http.routers.zammad-websocket_secure.tls.options=mintls13@file + - traefik.http.services.zammad-websocket.loadbalancer.server.port=6042 + + zammad-nginx: + image: zammad/zammad-docker-compose:latest + restart: always + depends_on: + - zammad-railsserver + - zammad-websocket + environment: + - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} + - REDIS_URL=redis://zammad-redis:6379 + deploy: + labels: + - traefik.enable=true + - traefik.http.routers.zammad.entryPoints=web + - traefik.http.routers.zammad.middlewares=redirectscheme + - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`) + - traefik.http.routers.zammad_secure.entryPoints=web-secure + - traefik.http.routers.zammad_secure.rule=Host(`zammad.${STACK_DOMAIN}`) + - traefik.http.routers.zammad_secure.tls.options=mintls13@file + - traefik.http.services.zammad.loadbalancer.server.port=80 + redpanda: # You can access the event streaming platform's ui as described under `redpanda-console`. command: @@ -551,3 +694,4 @@ volumes: redpanda_data: # The message queue's data. {} + zammad_elasticsearch_data: {} From b1d4bd4d97ca040cd8b41409b41fc2b0d424a4a5 Mon Sep 17 00:00:00 2001 From: Sven Thelemann Date: Sun, 25 May 2025 22:10:40 +0200 Subject: [PATCH 2/4] feat(sqitch): add zammad secrets --- .../secrets/postgres/role_service_zammad_password.secret | 1 + .../postgres/role_service_zammad_password.secret.template | 1 + .../secrets/postgres/role_service_zammad_username.secret | 1 + .../postgres/role_service_zammad_username.secret.template | 1 + src/development/stack.yml | 8 ++++++++ 5 files changed, 12 insertions(+) create mode 100644 src/development/secrets/postgres/role_service_zammad_password.secret create mode 100644 src/development/secrets/postgres/role_service_zammad_password.secret.template create mode 100644 src/development/secrets/postgres/role_service_zammad_username.secret create mode 100644 src/development/secrets/postgres/role_service_zammad_username.secret.template diff --git a/src/development/secrets/postgres/role_service_zammad_password.secret b/src/development/secrets/postgres/role_service_zammad_password.secret new file mode 100644 index 00000000..70699eae --- /dev/null +++ b/src/development/secrets/postgres/role_service_zammad_password.secret @@ -0,0 +1 @@ +zammad \ No newline at end of file diff --git a/src/development/secrets/postgres/role_service_zammad_password.secret.template b/src/development/secrets/postgres/role_service_zammad_password.secret.template new file mode 100644 index 00000000..a6bb01c1 --- /dev/null +++ b/src/development/secrets/postgres/role_service_zammad_password.secret.template @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/src/development/secrets/postgres/role_service_zammad_username.secret b/src/development/secrets/postgres/role_service_zammad_username.secret new file mode 100644 index 00000000..70699eae --- /dev/null +++ b/src/development/secrets/postgres/role_service_zammad_username.secret @@ -0,0 +1 @@ +zammad \ No newline at end of file diff --git a/src/development/secrets/postgres/role_service_zammad_username.secret.template b/src/development/secrets/postgres/role_service_zammad_username.secret.template new file mode 100644 index 00000000..a6bb01c1 --- /dev/null +++ b/src/development/secrets/postgres/role_service_zammad_username.secret.template @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/src/development/stack.yml b/src/development/stack.yml index 73bc70ea..3b14fe19 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -55,6 +55,12 @@ secrets: postgres_role_service_vibetype_username: # The `tusd` database role's password. file: ./secrets/postgres/role_service_vibetype_username.secret + postgres_role_service_zammad_password: + # The password of the customer service database role. + file: ./secrets/postgres/role_service_zammad_password.secret + postgres_role_service_zammad_username: + # The username of the customer service database role. + file: ./secrets/postgres/role_service_zammad_username.secret postgres_user: # The database's default user. file: ./secrets/postgres/user.secret @@ -533,6 +539,8 @@ services: - postgres_role_service_postgraphile_username - postgres_role_service_vibetype_password - postgres_role_service_vibetype_username + - postgres_role_service_zammad_username + - postgres_role_service_zammad_password - sqitch_target volumes: - ../../../sqitch/:/srv/app/ From 2db82da533d85fc6c0bc356bf4a6031f4959e3a1 Mon Sep 17 00:00:00 2001 From: huzaifaedhi2 Date: Mon, 26 May 2025 22:24:18 +0200 Subject: [PATCH 3/4] fix: use postgres role --- src/development/stack.yml | 54 ++++++++++++++++++++++++--------------- 1 file changed, 34 insertions(+), 20 deletions(-) diff --git a/src/development/stack.yml b/src/development/stack.yml index 3b14fe19..7d889c7b 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -301,7 +301,7 @@ services: POSTGRES_DB_FILE: /run/secrets/postgres_db POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password POSTGRES_USER_FILE: /run/secrets/postgres_user - image: postgis/postgis:17-3.5-alpine + image: imresamu/postgis:17-3.5.2-alpine3.21 ports: #DARGSTACK-REMOVE - 5432:5432 #DARGSTACK-REMOVE secrets: @@ -352,7 +352,7 @@ services: - ../../../reccoom/:/srv/app/ zammad-elasticsearch: - image: zammad/zammad-docker-compose:latest + image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0} restart: always volumes: - zammad_elasticsearch_data:/usr/share/elasticsearch/data @@ -365,10 +365,13 @@ services: depends_on: - postgres - zammad-elasticsearch + volumes: + - zammad_storage:/opt/zammad/storage environment: + - POSTGRESQL_DB_CREATE=false - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER=${POSTGRES_USER} - - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER + - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - POSTGRESQL_DB=zammad - ELASTICSEARCH_HOST=zammad-elasticsearch - ELASTICSEARCH_PORT=9200 @@ -377,9 +380,9 @@ services: - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} - REDIS_URL=redis://zammad-redis:6379 secrets: - - source: postgres_user + - source: postgres_role_service_zammad_username target: POSTGRESQL_USER - - source: postgres_password + - source: postgres_role_service_zammad_password target: POSTGRESQL_PASS command: ["zammad-init"] @@ -390,8 +393,8 @@ services: - zammad-init environment: - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER=${POSTGRES_USER} - - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER + - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - POSTGRESQL_DB=zammad - ELASTICSEARCH_HOST=zammad-elasticsearch - ELASTICSEARCH_PORT=9200 @@ -399,10 +402,12 @@ services: - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - REDIS_URL=redis://zammad-redis:6379 secrets: - - source: postgres_user + - source: postgres_role_service_zammad_username target: POSTGRESQL_USER - - source: postgres_password + - source: postgres_role_service_zammad_password target: POSTGRESQL_PASS + volumes: + - zammad_storage:/opt/zammad/storage deploy: labels: - traefik.enable=true @@ -413,6 +418,7 @@ services: - traefik.http.routers.zammad-railsserver_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`) - traefik.http.routers.zammad-railsserver_secure.tls.options=mintls13@file - traefik.http.services.zammad-railsserver.loadbalancer.server.port=3000 + command: ["zammad-railsserver"] zammad-scheduler: image: zammad/zammad-docker-compose:latest @@ -421,8 +427,8 @@ services: - zammad-init environment: - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER=${POSTGRES_USER} - - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER + - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - POSTGRESQL_DB=zammad - ELASTICSEARCH_HOST=zammad-elasticsearch - ELASTICSEARCH_PORT=9200 @@ -431,9 +437,9 @@ services: - REDIS_URL=redis://zammad-redis:6379 secrets: - - source: postgres_user + - source: postgres_role_service_zammad_username target: POSTGRESQL_USER - - source: postgres_password + - source: postgres_role_service_zammad_password target: POSTGRESQL_PASS command: ["zammad-scheduler"] @@ -448,8 +454,8 @@ services: - zammad-init environment: - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER=${POSTGRES_USER} - - POSTGRESQL_PASS=${POSTGRES_PASSWORD} + - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER + - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - POSTGRESQL_DB=zammad - ELASTICSEARCH_HOST=zammad-elasticsearch - ELASTICSEARCH_PORT=9200 @@ -457,9 +463,9 @@ services: - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - REDIS_URL=redis://zammad-redis:6379 secrets: - - source: postgres_user + - source: postgres_role_service_zammad_username target: POSTGRESQL_USER - - source: postgres_password + - source: postgres_role_service_zammad_password target: POSTGRESQL_PASS command: ["zammad-websocket"] deploy: @@ -477,21 +483,28 @@ services: image: zammad/zammad-docker-compose:latest restart: always depends_on: + - zammad-init - zammad-railsserver - zammad-websocket environment: - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} - REDIS_URL=redis://zammad-redis:6379 + volumes: + - zammad_storage:/opt/zammad/storage + deploy: labels: - traefik.enable=true + - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`) - traefik.http.routers.zammad.entryPoints=web - traefik.http.routers.zammad.middlewares=redirectscheme - - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`) - - traefik.http.routers.zammad_secure.entryPoints=web-secure - traefik.http.routers.zammad_secure.rule=Host(`zammad.${STACK_DOMAIN}`) + - traefik.http.routers.zammad_secure.entryPoints=web-secure + - traefik.http.routers.zammad_secure.tls=true - traefik.http.routers.zammad_secure.tls.options=mintls13@file - traefik.http.services.zammad.loadbalancer.server.port=80 + command: ["zammad-nginx"] + command: ["sh", "-c", "sleep 60 && zammad-nginx"] redpanda: # You can access the event streaming platform's ui as described under `redpanda-console`. @@ -703,3 +716,4 @@ volumes: # The message queue's data. {} zammad_elasticsearch_data: {} + zammad_storage: {} From 80389859eb76ef01acdf9f9490c02f0779f73f8c Mon Sep 17 00:00:00 2001 From: Sven Thelemann Date: Tue, 10 Jun 2025 23:27:36 +0200 Subject: [PATCH 4/4] feat(zammad): use x-shared section An x-shared section was added to the stack.yml file, similar as in the original docker-compose yaml file to reuse environment settings etc. in several Zammad services. --- README.md | 66 +++++++- src/development/stack.yml | 311 +++++++++++++++++++------------------- 2 files changed, 216 insertions(+), 161 deletions(-) diff --git a/README.md b/README.md index c24120e7..4f9d881f 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,11 @@ This project is deployed in accordance to the [DargStack template](https://githu 1. [secrets](#secrets) - 2. [services](#services) + 2. [x-shared](#x-shared) - 3. [volumes](#volumes) + 3. [services](#services) + + 4. [volumes](#volumes) ## secrets @@ -159,6 +161,14 @@ This project is deployed in accordance to the [DargStack template](https://githu The captcha provider's application key. +## x-shared + + + - ### `zammad-service` + + shared environment, image, volumes + + ## services @@ -262,6 +272,42 @@ This project is deployed in accordance to the [DargStack template](https://githu You can access the main project's frontend at [localhost](https://localhost/). + - ### `zammad-backup` + + Zammad backup. + + - ### `zammad-elasticsearch` + + Zammad Elastisearch. + + - ### `zammad-init` + + Zammad initialization. + + - ### `zammad-memcached` + + Zammad memcached. + + - ### `zammad-nginx` + + You can access the Zammad frontend at [zammad.localhost](https://zammad.localhost/). + + - ### `zammad-railsserver` + + Zammad railsserver. + + - ### `zammad-redis` + + Zammad redis. + + - ### `zammad-scheduler` + + Zammad scheduler. + + - ### `zammad-websocket` + + Zammad websocket. + ## volumes @@ -306,4 +352,20 @@ This project is deployed in accordance to the [DargStack template](https://githu The message queue's data. + - ### `zammad-backup` + + Zammad's backup data + + - ### `zammad-elasticsearch-data` + + Zammad's elastisearch data + + - ### `zammad-redis-data` + + Zammad's redis data + + - ### `zammad-storage` + + Zammad's storage data + diff --git a/src/development/stack.yml b/src/development/stack.yml index 674af0eb..1397b5fe 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -3,6 +3,9 @@ # Vibetype # https://github.com/maevsi/vibetype/ --- + +#version: "3.7" + secrets: grafana_admin_email: # The observation dashboard's admin email. @@ -100,6 +103,69 @@ secrets: vibetype_turnstile-key: # The captcha provider's application key. file: ./secrets/vibetype/turnstile-key.secret + +x-shared: + zammad-service: &zammad-service + # shared environment, image, volumes + environment: &zammad-environment + MEMCACHE_SERVERS: ${MEMCACHE_SERVERS:-zammad-memcached:11211} + POSTGRESQL_DB: zammad + POSTGRESQL_HOST: postgres + POSTGRESQL_USER: zammad + POSTGRESQL_PASS: zammad + POSTGRESQL_PORT: 5432 + POSTGRESQL_OPTIONS: ${POSTGRESQL_OPTIONS:-?pool=50} + POSTGRESQL_DB_CREATE: "false" + REDIS_URL: ${REDIS_URL:-redis://zammad-redis:6379} + S3_URL: + # Backup settings + BACKUP_DIR: "${BACKUP_DIR:-/var/tmp/zammad}" + BACKUP_TIME: "${BACKUP_TIME:-03:00}" + HOLD_DAYS: "${HOLD_DAYS:-10}" + TZ: "${TZ:-Europe/Berlin}" + # Allow passing in these variables via .env: + AUTOWIZARD_JSON: + AUTOWIZARD_RELATIVE_PATH: + ELASTICSEARCH_ENABLED: + ELASTICSEARCH_SCHEMA: + ELASTICSEARCH_HOST: + ELASTICSEARCH_PORT: + ELASTICSEARCH_USER: ${ELASTICSEARCH_USER:-elastic} + ELASTICSEARCH_PASS: ${ELASTICSEARCH_PASS:-zammad} + ELASTICSEARCH_NAMESPACE: + ELASTICSEARCH_REINDEX: + NGINX_PORT: 8080 + NGINX_CLIENT_MAX_BODY_SIZE: + NGINX_SERVER_NAME: zammad.${STACK_DOMAIN} + NGINX_SERVER_SCHEME: https + RAILS_TRUSTED_PROXIES: + ZAMMAD_HTTP_TYPE: + ZAMMAD_FQDN: + ZAMMAD_WEB_CONCURRENCY: + ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS: + ZAMMAD_PROCESS_SCHEDULED_JOBS_WORKERS: + ZAMMAD_PROCESS_DELAYED_JOBS_WORKERS: + ZAMMAD_RAILSSERVER_HOST: zammad-railsserver + ZAMMAD_WEBSOCKET_HOST: zammad-websocket + # ZAMMAD_SESSION_JOBS_CONCURRENT is deprecated, please use ZAMMAD_PROCESS_SESSIONS_JOBS_WORKERS instead. + ZAMMAD_SESSION_JOBS_CONCURRENT: + # Variables used by ngingx-proxy container for reverse proxy creations + # for docs refer to https://github.com/nginx-proxy/nginx-proxy + VIRTUAL_HOST: + VIRTUAL_PORT: + # Variables used by acme-companion for retrieval of LetsEncrypt certificate + # for docs refer to https://github.com/nginx-proxy/acme-companion + LETSENCRYPT_HOST: + LETSENCRYPT_EMAIL: + + image: ${IMAGE_REPO:-ghcr.io/zammad/zammad}:${VERSION:-6.5.0-89} + volumes: + - zammad-storage:/opt/zammad/storage + depends_on: + - zammad-memcached + - postgresql + - zammad-redis + services: adminer: # You can access the database's frontend at [adminer.localhost](https://adminer.localhost/). @@ -375,161 +441,6 @@ services: volumes: - ../../../reccoom/:/srv/app/ - zammad-elasticsearch: - image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0} - restart: always - volumes: - - zammad_elasticsearch_data:/usr/share/elasticsearch/data - environment: - - discovery.type=single-node - - zammad-init: - image: zammad/zammad-docker-compose:latest - restart: on-failure - depends_on: - - postgres - - zammad-elasticsearch - volumes: - - zammad_storage:/opt/zammad/storage - environment: - - POSTGRESQL_DB_CREATE=false - - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER - - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - - POSTGRESQL_DB=zammad - - ELASTICSEARCH_HOST=zammad-elasticsearch - - ELASTICSEARCH_PORT=9200 - - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver - - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} - - REDIS_URL=redis://zammad-redis:6379 - secrets: - - source: postgres_role_service_zammad_username - target: POSTGRESQL_USER - - source: postgres_role_service_zammad_password - target: POSTGRESQL_PASS - command: ["zammad-init"] - - zammad-railsserver: - image: zammad/zammad-docker-compose:latest - restart: always - depends_on: - - zammad-init - environment: - - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER - - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - - POSTGRESQL_DB=zammad - - ELASTICSEARCH_HOST=zammad-elasticsearch - - ELASTICSEARCH_PORT=9200 - - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver - - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - - REDIS_URL=redis://zammad-redis:6379 - secrets: - - source: postgres_role_service_zammad_username - target: POSTGRESQL_USER - - source: postgres_role_service_zammad_password - target: POSTGRESQL_PASS - volumes: - - zammad_storage:/opt/zammad/storage - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.zammad-railsserver.entryPoints=web - - traefik.http.routers.zammad-railsserver.middlewares=redirectscheme - - traefik.http.routers.zammad-railsserver.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`) - - traefik.http.routers.zammad-railsserver_secure.entryPoints=web-secure - - traefik.http.routers.zammad-railsserver_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`) - - traefik.http.routers.zammad-railsserver_secure.tls.options=mintls13@file - - traefik.http.services.zammad-railsserver.loadbalancer.server.port=3000 - command: ["zammad-railsserver"] - - zammad-scheduler: - image: zammad/zammad-docker-compose:latest - restart: always - depends_on: - - zammad-init - environment: - - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER - - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - - POSTGRESQL_DB=zammad - - ELASTICSEARCH_HOST=zammad-elasticsearch - - ELASTICSEARCH_PORT=9200 - - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver - - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - - REDIS_URL=redis://zammad-redis:6379 - - secrets: - - source: postgres_role_service_zammad_username - target: POSTGRESQL_USER - - source: postgres_role_service_zammad_password - target: POSTGRESQL_PASS - command: ["zammad-scheduler"] - - zammad-redis: - image: redis:7-alpine - restart: always - - zammad-websocket: - image: zammad/zammad-docker-compose:latest - restart: always - depends_on: - - zammad-init - environment: - - POSTGRESQL_HOST=postgres - - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER - - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS - - POSTGRESQL_DB=zammad - - ELASTICSEARCH_HOST=zammad-elasticsearch - - ELASTICSEARCH_PORT=9200 - - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver - - ZAMMAD_WEBSOCKET_HOST=zammad-websocket - - REDIS_URL=redis://zammad-redis:6379 - secrets: - - source: postgres_role_service_zammad_username - target: POSTGRESQL_USER - - source: postgres_role_service_zammad_password - target: POSTGRESQL_PASS - command: ["zammad-websocket"] - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.zammad-websocket.entryPoints=web - - traefik.http.routers.zammad-websocket.middlewares=redirectscheme - - traefik.http.routers.zammad-websocket.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`) - - traefik.http.routers.zammad-websocket_secure.entryPoints=web-secure - - traefik.http.routers.zammad-websocket_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`) - - traefik.http.routers.zammad-websocket_secure.tls.options=mintls13@file - - traefik.http.services.zammad-websocket.loadbalancer.server.port=6042 - - zammad-nginx: - image: zammad/zammad-docker-compose:latest - restart: always - depends_on: - - zammad-init - - zammad-railsserver - - zammad-websocket - environment: - - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN} - - REDIS_URL=redis://zammad-redis:6379 - volumes: - - zammad_storage:/opt/zammad/storage - - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`) - - traefik.http.routers.zammad.entryPoints=web - - traefik.http.routers.zammad.middlewares=redirectscheme - - traefik.http.routers.zammad_secure.rule=Host(`zammad.${STACK_DOMAIN}`) - - traefik.http.routers.zammad_secure.entryPoints=web-secure - - traefik.http.routers.zammad_secure.tls=true - - traefik.http.routers.zammad_secure.tls.options=mintls13@file - - traefik.http.services.zammad.loadbalancer.server.port=80 - command: ["zammad-nginx"] - command: ["sh", "-c", "sleep 60 && zammad-nginx"] - redpanda: # You can access the event streaming platform's ui as described under `redpanda-console`. command: @@ -709,8 +620,80 @@ services: - ${PNPM_STORE_DIR}:/srv/.pnpm-store/ #DARGSTACK-REMOVE - ./certificates/:/srv/certificates/ #DARGSTACK-REMOVE - ../../../vibetype/:/srv/app/ #DARGSTACK-REMOVE - - ./configurations/postgraphile/jwtRS256.key.pub:/run/environment-variables/NUXT_PUBLIC_VIO_AUTH_JWT_PUBLIC_KEY:ro -version: "3.7" + - ./configurations/postgraphile/jwtRS256.key.pub:/run/environment-variables/NUXT_PUB1LIC_VIO_AUTH_JWT_PUBLIC_KEY:ro + + zammad-backup: + # Zammad backup. + <<: *zammad-service + command: ["zammad-backup"] + volumes: + - zammad-backup:/var/tmp/zammad + - zammad-storage:/opt/zammad/storage:ro + user: 0:0 + + zammad-elasticsearch: + # Zammad Elastisearch. + image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0} + volumes: + - zammad-elasticsearch-data:/bitnami/elasticsearch/data + environment: + # Enable authorization without HTTPS. For external access with + # SSL termination, use solutions like nginx-proxy-manager. + ELASTICSEARCH_ENABLE_SECURITY: 'true' + ELASTICSEARCH_SKIP_TRANSPORT_TLS: 'true' + ELASTICSEARCH_ENABLE_REST_TLS: 'false' + # ELASTICSEARCH_USER is hardcoded to 'elastic' in the container. + ELASTICSEARCH_PASSWORD: ${ELASTICSEARCH_PASS:-zammad} + + zammad-init: + # Zammad initialization. + <<: *zammad-service + command: ["zammad-init"] + depends_on: + - postgresql + user: 0:0 + + zammad-memcached: + # Zammad memcached. + command: memcached -m 256M + image: memcached:${MEMCACHE_VERSION:-1.6.38-alpine} + + zammad-nginx: + # You can access the Zammad frontend at [zammad.localhost](https://zammad.localhost/). + <<: *zammad-service + deploy: + labels: + - traefik.enable=true + - traefik.http.routers.zammad.entryPoints=web + - traefik.http.routers.zammad.middlewares=redirectscheme #DARGSTACK-REMOVE + - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`) + - traefik.http.routers.zammad_secure.entryPoints=web-secure + - traefik.http.routers.zammad_secure.rule=Host(`zammad.${STACK_DOMAIN}`) + - traefik.http.routers.zammad_secure.tls.options=mintls13@file #DARGSTACK-REMOVE + - traefik.http.services.zammad.loadbalancer.server.port=8080 + command: ["zammad-nginx"] + + zammad-railsserver: + # Zammad railsserver. + <<: *zammad-service + command: ["zammad-railsserver"] + + zammad-redis: + # Zammad redis. + image: redis:${REDIS_VERSION:-7.4.3-alpine} + volumes: + - zammad-redis-data:/data + + zammad-scheduler: + # Zammad scheduler. + <<: *zammad-service + command: ["zammad-scheduler"] + + zammad-websocket: + # Zammad websocket. + <<: *zammad-service + command: ["zammad-websocket"] + volumes: debezium_kafka_configuration: # The change data capture's configuration. @@ -739,5 +722,15 @@ volumes: redpanda_data: # The message queue's data. {} - zammad_elasticsearch_data: {} - zammad_storage: {} + zammad-elasticsearch-data: + # Zammad's elastisearch data + {} + zammad-redis-data: + # Zammad's redis data + {} + zammad-backup: + # Zammad's backup data + {} + zammad-storage: + # Zammad's storage data + {}