homeserver/docker-compose/gramps/docker-compose.yml.j2
Michael Grote b0214bdb9a
All checks were successful
ansible-lint / gitleaks (push) Successful in 2s
ansible-lint / Ansible Lint (push) Successful in 22s
container security (#274)
https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html
Reviewed-on: #274
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
2025-01-03 14:57:43 +01:00

83 lines
2.4 KiB
Django/Jinja

---
services:
grampsweb: &grampsweb
container_name: grampsweb
image: ghcr.io/gramps-project/grampsweb:v24.12.2 # version
restart: unless-stopped
pull_policy: missing
deploy:
resources:
limits:
cpus: "2"
memory: "2048M"
security_opt:
- no-new-privileges=true
ports:
- "6483:5000" # host:docker
environment:
GRAMPSWEB_TREE: "Gramps Web" # will create a new tree if not exists
GRAMPSWEB_CELERY_CONFIG__broker_url: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_CELERY_CONFIG__result_backend: "redis://grampsweb_redis:6379/0"
GRAMPSWEB_RATELIMIT_STORAGE_URI: redis://grampsweb_redis:6379/1
GRAMPSWEB_EMAIL_HOST: "docker10.mgrote.net"
GRAMPSWEB_EMAIL_PORT: "1025"
GRAMPSWEB_EMAIL_USE_TLS: "false"
GRAMPSWEB_DEFAULT_FROM_EMAIL: "gramps@mgrote.net"
depends_on:
- grampsweb_redis
volumes:
- gramps_users:/app/users # persist user database
- gramps_index:/app/indexdir # persist search index
- gramps_thumb_cache:/app/thumbnail_cache # persist thumbnails
- gramps_cache:/app/cache # persist export and report caches
- gramps_secret:/app/secret # persist flask secret
- gramps_db:/root/.gramps/grampsdb # persist Gramps database
- gramps_media:/app/media # persist media files
- gramps_tmp:/tmp
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:5000/"]
interval: 30s
timeout: 10s
retries: 3
grampsweb_celery:
<<: *grampsweb # YAML merge key copying the entire grampsweb service config
ports: []
deploy:
resources:
limits:
cpus: "2"
memory: "2048M"
container_name: grampsweb-celery
depends_on:
- grampsweb_redis
command: celery -A gramps_webapi.celery worker --loglevel=INFO
healthcheck: {}
grampsweb_redis:
image: redis:7.4.1-alpine
container_name: grampsweb-redis
restart: unless-stopped
pull_policy: missing
deploy:
resources:
limits:
cpus: "2"
memory: "512M"
security_opt:
- no-new-privileges=true
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 30s
timeout: 10s
retries: 3
volumes:
gramps_users:
gramps_index:
gramps_thumb_cache:
gramps_cache:
gramps_secret:
gramps_db:
gramps_media:
gramps_tmp: