98 lines
2.7 KiB
YAML
98 lines
2.7 KiB
YAML
---
|
|
|
|
# Name of this instance
|
|
instance: bookstack
|
|
|
|
bookstack:
|
|
|
|
# BookStack version
|
|
version: 24.02.3
|
|
|
|
# Docker image to use
|
|
image: '[[ .docker.repo ]]bookstack:[[ .bookstack.version ]]-1'
|
|
|
|
# Number of instances to run
|
|
count: 1
|
|
|
|
# Custom env vars to set in the container
|
|
env:
|
|
WAIT_FOR_TARGETS: 127.0.0.1:3306
|
|
|
|
# Resource allocation
|
|
resources:
|
|
cpu: 100
|
|
memory: 256
|
|
memory_max: 512
|
|
|
|
vault:
|
|
# List of vault policies to attach in to the task
|
|
policies:
|
|
- '[[ .instance ]][[ .consul.suffix ]]'
|
|
|
|
# Random secrets to generate
|
|
rand_secrets:
|
|
cmd: echo base64:$(openssl rand -base64 32)
|
|
fields:
|
|
- app_key
|
|
|
|
# Wait for MariaDB to be ready before starting
|
|
wait_for:
|
|
service: mariadb[[ .consul.suffix ]]
|
|
|
|
consul:
|
|
connect:
|
|
# Connect a few services from the mesh
|
|
upstreams:
|
|
- destination_name: mariadb[[ .consul.suffix ]]
|
|
local_bind_port: 3306
|
|
- destination_name: '[[ .mail.smtp_service_name ]]'
|
|
local_bind_port: 25
|
|
|
|
# Bookstack settings (which will populate .env)
|
|
settings:
|
|
APP_KEY: '{{ with secret "[[ .vault.root ]]kv/service/[[ .instance ]]" }}{{ .Data.data.app_key }}{{ end }}'
|
|
APP_URL: '[[ .bookstack.public_url ]]'
|
|
APP_LANG: fr
|
|
APP_PROXIES: 127.0.0.1
|
|
DB_HOST: '[[ .bookstack.mysql.host ]]'
|
|
DB_PORT: '[[ .bookstack.mysql.port ]]'
|
|
DB_DATABASE: '[[ .bookstack.mysql.database ]]'
|
|
DB_USERNAME: '[[ .bookstack.mysql.user ]]'
|
|
DB_PASSWORD: '[[ .bookstack.mysql.password ]]'
|
|
MAIL_DRIVER: smtp
|
|
MAIL_FROM_NAME: '[[ .instance ]]'
|
|
MAIL_FROM: no-reply@[[ (urlParse .bookstack.public_url).Hostname ]]
|
|
MAIL_HOST: 127.0.0.1
|
|
MAIL_PORT: 25
|
|
CACHE_PREFIX: '[[ .instance ]]'
|
|
CACHE_DRIVER: database
|
|
SESSION_DRIVER: database
|
|
SESSION_LIFETIME: 240
|
|
SESSION_COOKIE_NAME: '[[ .instance ]]_session'
|
|
QUEUE_CONNECTION: database
|
|
STORAGE_TYPE: local_secure_restricted
|
|
DISABLE_EXTERNAL_SERVICES: true
|
|
WKHTMLTOPDF: /usr/local/bin/wkhtmltopdf
|
|
|
|
# Database settings
|
|
mysql:
|
|
host: 127.0.0.1
|
|
port: 3306
|
|
database: '[[ .instance ]]'
|
|
user: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.username }}{{ end }}'
|
|
password: '{{ with secret "[[ .vault.root ]]database/creds/[[ .instance ]]" }}{{ .Data.password }}{{ end }}'
|
|
|
|
# Public URL on which bookstack will be available
|
|
public_url: https://bookstack.example.org
|
|
|
|
# Traefik settings
|
|
traefik: {}
|
|
|
|
# Volume for data persistence
|
|
volumes:
|
|
data:
|
|
type: csi
|
|
source: '[[ .instance ]]-data[[ .consul.suffix ]]'
|
|
# Note: use multi-node-multi-writer so we can run several instances
|
|
access_mode: multi-node-multi-writer
|