Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Public Gateway Docker Compose ? #2555

Open
wedowhateverwewant opened this issue Sep 24, 2024 · 4 comments
Open

Public Gateway Docker Compose ? #2555

wedowhateverwewant opened this issue Sep 24, 2024 · 4 comments
Labels
feature request

Comments

@wedowhateverwewant
Copy link

Checklist

  • [x ] I've searched the project's issues.
  • [x ] I've searched the project's discussions.

❓ Question

I would like to deploy the pwpush public gateway but in the docs pages I dont see a docker compose, are you able to provide a docker compose for for the public gateway ?
@pglombardo
Copy link
Owner

Hi @wedowhateverwewant - You're right - one needs to be added.

Until I get out an official file, here is the one I've used locally for development if it helps.

For anyone else reading - two items of note:

  1. Check the public gateway docs
  2. Except for PWP__OVERRIDE_BASE_URL, the pwpush-public-gateway container should generally have the same settings and environment variables as the pwpush container. This ensures that both containers connect to the same database and have the same application configuration.

dc-gateway-complete.yml

services:
  postgres:
    image: docker.io/postgres:15
    volumes:
      - /var/lib/postgresql/data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: passwordpusher_user
      POSTGRES_PASSWORD: passwordpusher_passwd
      POSTGRES_DB: passwordpusher_db

  pwpush:
    image: docker.io/pglombardo/pwpush:latest
    environment:
      DATABASE_URL: 'postgres://passwordpusher_user:passwordpusher_passwd@postgres:5432/passwordpusher_db'
      # Apply the same settings here as in gateway
    ports:
      - "5100:5100"
    depends_on:
      - postgres
    links:
     - postgres:postgres

  gateway:
    image: docker.io/pglombardo/pwpush-public-gateway:latest
    environment:
      DATABASE_URL: 'postgres://passwordpusher_user:passwordpusher_passwd@postgres:5432/passwordpusher_db'
      PWP__OVERRIDE_BASE_URL: 'https://pwp.mycompany.org'
      # Apply the same settings here as in pwpush
    ports:
      - "5101:5100"
    depends_on:
      - postgres
      - pwpush
    links:
     - postgres:postgres
    #
    # You can set environment variables here, or in a .env file.  See:
    # https://docs.docker.com/compose/environment-variables/
    #
    # Password Pusher provides an example Docker environment file:
    # https://github.com/pglombardo/PasswordPusher/tree/master/containers/docker/pwpush-docker-env-file
    #
    # See also the Password Pusher Configuration documentation
    # https://docs.pwpush.com/docs/config-strategies/
    #
    # Uncomment the following lines to set environment variables and add your own.
    # environment:
    #   PWP__PW__EXPIRE_AFTER_DAYS_DEFAULT: "1"
    #   PWP__PW__EXPIRE_AFTER_VIEWS_MIN: "1"
    #   PWP__PW__RETRIEVAL_STEP_DEFAULT: "true"
    #
    # Uncomment the following lines to mount a volume.
    # volumes:
    #   # Example of a persistent volume for the storage directory (file uploads)
    #   - /path/to/directory:/opt/PasswordPusher/storage:rw
    #
    # Or you could override a single file in the container with a bind mount:
    # volumes:
    #   - type: bind
    #     source: /path/to/my/custom/settings.yml
    #     target: /opt/PasswordPusher/config/settings.yml
    #
    # To customise the application via configuration file, see settings.yml:
    # https://github.com/pglombardo/PasswordPusher/blob/master/config/settings.yml
    #
    # Then you can use the above bind mount to overlay the file into the container on boot.

@pglombardo
Copy link
Owner

Note - Caddy should be added to this compose for SSL termination - maybe two instances. 1 for each.

@kelock
Copy link

kelock commented Oct 17, 2024
edited
Loading

Hi,

This is my docker-compose file worked and Caddyfile for me :

volumes:
  caddy_data:
  caddy_config:

services:
  pwpush:
    image: docker.io/pglombardo/pwpush:latest
    restart: unless-stopped
    environment:
      DATABASE_URL: 'mysql2://userdb:passwdb@db:3306/dbname'
      PWP__OVERRIDE_BASE_URL: https://gateway.exemple.com
    volumes:
      - /opt/passwordpusher/storage:/opt/PasswordPusher/storage:rw
      - type: bind
        source: /opt/passwordpusher/settings.yml
        target: /opt/PasswordPusher/config/settings.yml
    ports:
      - "5100:5100"
    depends_on:
      - db
    links:
      - db:db

  pwpush_gateway:
    image: docker.io/pglombardo/pwpush-public-gateway:latest
    restart: unless-stopped
    ports:
      - "5101:5100"
    environment:
      DATABASE_URL: 'mysql2://userdb:passwdb@db:3306/dbname'
    volumes:
      - /opt/passwordpusher/storage:/opt/PasswordPusher/storage:rw
      - type: bind
        source: /opt/passwordpusher/settings.yml
        target: /opt/PasswordPusher/config/settings.yml
    depends_on:
      - db
      - pwpush
    links:
      - db:db
      - 
  worker:
    image: docker.io/pglombardo/pwpush-worker:latest
    restart: unless-stopped
    environment:
      DATABASE_URL: 'mysql2://userdb:passwdb@db:3306/dbname'
    volumes:
      - /opt/passwordpusher/storage:/opt/PasswordPusher/storage:rw
      - type: bind
        source: /opt/passwordpusher/settings.yml
        target: /opt/PasswordPusher/config/settings.yml
    depends_on:
      - db
    links:
      - db:db

  ssl_proxy:
      image: caddy:latest
      restart: unless-stopped
      ports:
        - "80:80"
        - "443:443"
      volumes:
        # Make sure to edit the contents of this Caddyfile
        - ./Caddyfile:/etc/caddy/Caddyfile
        - caddy_data:/data
        - caddy_config:/config
        
  db:
     image: mariadb:10.6.5
     ports:
       - "3306:3306"
     environment:
       MARIADB_USER: userdb
       MARIADB_PASSWORD: passwdb
       MARIADB_DATABASE: dbname
       MARIADB_RANDOM_ROOT_PASSWORD: 'yes'
     volumes:
       - ./db-data:/var/lib/mysql

CaddyFile

{ 

      
        email [email protected]
        acme_ca https://acme-v02.api.letsencrypt.org/directory # Use Let's Encrypt production API
}

exemple.com {
        reverse_proxy pwpush:5100

        header {
                Strict-Transport-Security max-age=31536000
                Set-Cookie (.*) "$1; Secure"
        }

        log {
                output file /var/log/caddy/access.log
        }
}
gateway.exemple.com {
        reverse_proxy pwpush_gateway:5100

        header {
                Strict-Transport-Security max-age=31536000
                Set-Cookie (.*) "$1; Secure"
        }
        log {
                output file /var/log/caddy/access.log
}

@pglombardo
Copy link
Owner

This is very helpful - thanks @kelock! It's a nice addition with the Caddyfile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pglombardo @kelock @wedowhateverwewant