Merge pull request #918 from ThanatosDi/feat/simplify-env-settings
feat: simplify env settings
This commit is contained in:
commit
aea83801f7
47
deploy.env
47
deploy.env
|
|
@ -1,21 +1,35 @@
|
||||||
# This file is a template for docker compose deployment
|
# This file is a template for docker compose deployment
|
||||||
# Copy this file to .env and change the values as needed
|
# Copy this file to .env and change the values as needed
|
||||||
|
|
||||||
# PostgreSQL default user password
|
# PostgreSQL Settings
|
||||||
POSTGRES_PASSWORD="changepassword"
|
POSTGRES_HOST=postgres
|
||||||
|
POSTGRES_USER=postgres
|
||||||
|
POSTGRES_PASSWORD=changepassword
|
||||||
|
POSTGRES_PORT=5432
|
||||||
|
POSTGRES_DB=postgres
|
||||||
|
|
||||||
|
# Supabase user settings
|
||||||
|
SUPABASE_USER=supabase_auth_admin
|
||||||
|
SUPABASE_PASSWORD=root
|
||||||
|
|
||||||
|
# Redis Settings
|
||||||
|
REDIS_HOST=redis
|
||||||
|
REDIS_PORT=6379
|
||||||
|
|
||||||
# AppFlowy Cloud
|
# AppFlowy Cloud
|
||||||
## URL that connects to the gotrue docker container
|
## URL that connects to the gotrue docker container
|
||||||
APPFLOWY_GOTRUE_BASE_URL=http://gotrue:9999
|
APPFLOWY_GOTRUE_BASE_URL=http://gotrue:9999
|
||||||
## URL that connects to the postgres docker container
|
## URL that connects to the postgres docker container
|
||||||
APPFLOWY_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
APPFLOWY_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
APPFLOWY_ACCESS_CONTROL=true
|
APPFLOWY_ACCESS_CONTROL=true
|
||||||
APPFLOWY_WEBSOCKET_MAILBOX_SIZE=6000
|
APPFLOWY_WEBSOCKET_MAILBOX_SIZE=6000
|
||||||
APPFLOWY_DATABASE_MAX_CONNECTIONS=40
|
APPFLOWY_DATABASE_MAX_CONNECTIONS=40
|
||||||
|
## URL that connects to the redis docker container
|
||||||
|
APPFLOWY_REDIS_URI=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||||
|
|
||||||
# admin frontend
|
# admin frontend
|
||||||
## URL that connects to redis docker container
|
## URL that connects to redis docker container
|
||||||
ADMIN_FRONTEND_REDIS_URL=redis://redis:6379
|
ADMIN_FRONTEND_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||||
## URL that connects to gotrue docker container
|
## URL that connects to gotrue docker container
|
||||||
ADMIN_FRONTEND_GOTRUE_URL=http://gotrue:9999
|
ADMIN_FRONTEND_GOTRUE_URL=http://gotrue:9999
|
||||||
|
|
||||||
|
|
@ -52,33 +66,34 @@ GOTRUE_ADMIN_PASSWORD=password
|
||||||
# Change this to your own domain where you host the docker-compose or gotrue
|
# Change this to your own domain where you host the docker-compose or gotrue
|
||||||
# If you are using a different domain, you need to change the redirect_uri in the OAuth2 configuration
|
# If you are using a different domain, you need to change the redirect_uri in the OAuth2 configuration
|
||||||
# Make sure that this domain is accessible to the user
|
# Make sure that this domain is accessible to the user
|
||||||
|
# Make sure no endswith /
|
||||||
API_EXTERNAL_URL=http://your-host
|
API_EXTERNAL_URL=http://your-host
|
||||||
|
|
||||||
# In docker environment, `postgres` is the hostname of the postgres service
|
# In docker environment, `postgres` is the hostname of the postgres service
|
||||||
# GoTrue connect to postgres using this url
|
# GoTrue connect to postgres using this url
|
||||||
GOTRUE_DATABASE_URL=postgres://supabase_auth_admin:root@postgres:5432/postgres
|
GOTRUE_DATABASE_URL=postgres://${SUPABASE_USER}:${SUPABASE_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
|
|
||||||
# Refer to this for details: https://github.com/AppFlowy-IO/AppFlowy-Cloud/blob/main/doc/AUTHENTICATION.md
|
# Refer to this for details: https://github.com/AppFlowy-IO/AppFlowy-Cloud/blob/main/doc/AUTHENTICATION.md
|
||||||
# Google OAuth2
|
# Google OAuth2
|
||||||
GOTRUE_EXTERNAL_GOOGLE_ENABLED=false
|
GOTRUE_EXTERNAL_GOOGLE_ENABLED=false
|
||||||
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=
|
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=
|
||||||
GOTRUE_EXTERNAL_GOOGLE_SECRET=
|
GOTRUE_EXTERNAL_GOOGLE_SECRET=
|
||||||
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://your-host/gotrue/callback
|
GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||||
# GitHub OAuth2
|
# GitHub OAuth2
|
||||||
GOTRUE_EXTERNAL_GITHUB_ENABLED=false
|
GOTRUE_EXTERNAL_GITHUB_ENABLED=false
|
||||||
GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=
|
GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=
|
||||||
GOTRUE_EXTERNAL_GITHUB_SECRET=
|
GOTRUE_EXTERNAL_GITHUB_SECRET=
|
||||||
GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://your-host/gotrue/callback
|
GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||||
# Discord OAuth2
|
# Discord OAuth2
|
||||||
GOTRUE_EXTERNAL_DISCORD_ENABLED=false
|
GOTRUE_EXTERNAL_DISCORD_ENABLED=false
|
||||||
GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=
|
GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=
|
||||||
GOTRUE_EXTERNAL_DISCORD_SECRET=
|
GOTRUE_EXTERNAL_DISCORD_SECRET=
|
||||||
GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://your-host/gotrue/callback
|
GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||||
# Apple OAuth2
|
# Apple OAuth2
|
||||||
GOTRUE_EXTERNAL_APPLE_ENABLED=false
|
GOTRUE_EXTERNAL_APPLE_ENABLED=false
|
||||||
GOTRUE_EXTERNAL_APPLE_CLIENT_ID=
|
GOTRUE_EXTERNAL_APPLE_CLIENT_ID=
|
||||||
GOTRUE_EXTERNAL_APPLE_SECRET=
|
GOTRUE_EXTERNAL_APPLE_SECRET=
|
||||||
GOTRUE_EXTERNAL_APPLE_REDIRECT_URI=http://your-host/gotrue/callback
|
GOTRUE_EXTERNAL_APPLE_REDIRECT_URI=${API_EXTERNAL_URL}/gotrue/callback
|
||||||
|
|
||||||
# File Storage
|
# File Storage
|
||||||
# Create the bucket if not exists on AppFlowy Cloud start up.
|
# Create the bucket if not exists on AppFlowy Cloud start up.
|
||||||
|
|
@ -130,26 +145,26 @@ NGINX_TLS_PORT=443
|
||||||
APPFLOWY_AI_OPENAI_API_KEY=
|
APPFLOWY_AI_OPENAI_API_KEY=
|
||||||
APPFLOWY_AI_SERVER_PORT=5001
|
APPFLOWY_AI_SERVER_PORT=5001
|
||||||
APPFLOWY_AI_SERVER_HOST=ai
|
APPFLOWY_AI_SERVER_HOST=ai
|
||||||
APPFLOWY_AI_DATABASE_URL=postgresql+psycopg://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
APPFLOWY_AI_DATABASE_URL=postgresql+psycopg://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
APPFLOWY_LOCAL_AI_TEST_ENABLED=false
|
APPFLOWY_LOCAL_AI_TEST_ENABLED=false
|
||||||
|
|
||||||
# AppFlowy History
|
# AppFlowy History
|
||||||
APPFLOWY_GRPC_HISTORY_ADDRS=http://localhost:50051
|
APPFLOWY_GRPC_HISTORY_ADDRS=http://localhost:50051
|
||||||
APPFLOWY_HISTORY_REDIS_URL=redis://redis:6379
|
APPFLOWY_HISTORY_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||||
APPFLOWY_HISTORY_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
APPFLOWY_HISTORY_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
|
|
||||||
# AppFlowy Indexer
|
# AppFlowy Indexer
|
||||||
APPFLOWY_INDEXER_ENABLED=true
|
APPFLOWY_INDEXER_ENABLED=true
|
||||||
APPFLOWY_INDEXER_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
APPFLOWY_INDEXER_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
APPFLOWY_INDEXER_REDIS_URL=redis://redis:6379
|
APPFLOWY_INDEXER_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||||
|
|
||||||
# AppFlowy Collaborate
|
# AppFlowy Collaborate
|
||||||
APPFLOWY_COLLABORATE_MULTI_THREAD=false
|
APPFLOWY_COLLABORATE_MULTI_THREAD=false
|
||||||
APPFLOWY_COLLABORATE_REMOVE_BATCH_SIZE=100
|
APPFLOWY_COLLABORATE_REMOVE_BATCH_SIZE=100
|
||||||
|
|
||||||
# AppFlowy Worker
|
# AppFlowy Worker
|
||||||
APPFLOWY_WORKER_REDIS_URL=redis://redis:6379
|
APPFLOWY_WORKER_REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
|
||||||
APPFLOWY_WORKER_DATABASE_URL=postgres://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
|
APPFLOWY_WORKER_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
|
||||||
|
|
||||||
# AppFlowy Web
|
# AppFlowy Web
|
||||||
APPFLOWY_WEB_URL=http://localhost:3000
|
APPFLOWY_WEB_URL=http://localhost:3000
|
||||||
|
|
|
||||||
|
|
@ -32,6 +32,8 @@ services:
|
||||||
- POSTGRES_DB=${POSTGRES_DB:-postgres}
|
- POSTGRES_DB=${POSTGRES_DB:-postgres}
|
||||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
|
||||||
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
|
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
|
||||||
|
- SUPABASE_USER=${SUPABASE_USER:-supabase_auth_admin}
|
||||||
|
- SUPABASE_PASSWORD=${SUPABASE_PASSWORD:-root}
|
||||||
volumes:
|
volumes:
|
||||||
- ./migrations/before:/docker-entrypoint-initdb.d
|
- ./migrations/before:/docker-entrypoint-initdb.d
|
||||||
- postgres_data:/var/lib/postgresql/data
|
- postgres_data:/var/lib/postgresql/data
|
||||||
|
|
@ -91,7 +93,7 @@ services:
|
||||||
- RUST_LOG=${RUST_LOG:-info}
|
- RUST_LOG=${RUST_LOG:-info}
|
||||||
- APPFLOWY_ENVIRONMENT=production
|
- APPFLOWY_ENVIRONMENT=production
|
||||||
- APPFLOWY_DATABASE_URL=${APPFLOWY_DATABASE_URL}
|
- APPFLOWY_DATABASE_URL=${APPFLOWY_DATABASE_URL}
|
||||||
- APPFLOWY_REDIS_URI=redis://redis:6379
|
- APPFLOWY_REDIS_URI=${APPFLOWY_REDIS_URI}
|
||||||
- APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
|
- APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
|
||||||
- APPFLOWY_GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
|
- APPFLOWY_GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
|
||||||
- APPFLOWY_GOTRUE_BASE_URL=${APPFLOWY_GOTRUE_BASE_URL}
|
- APPFLOWY_GOTRUE_BASE_URL=${APPFLOWY_GOTRUE_BASE_URL}
|
||||||
|
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
||||||
-- Add migration script here
|
|
||||||
-- Create the anon and authenticated roles if they don't exist
|
|
||||||
CREATE OR REPLACE FUNCTION create_roles(roles text []) RETURNS void LANGUAGE plpgsql AS $$
|
|
||||||
DECLARE role_name text;
|
|
||||||
BEGIN FOREACH role_name IN ARRAY roles LOOP IF NOT EXISTS (
|
|
||||||
SELECT 1
|
|
||||||
FROM pg_roles
|
|
||||||
WHERE rolname = role_name
|
|
||||||
) THEN EXECUTE 'CREATE ROLE ' || role_name;
|
|
||||||
END IF;
|
|
||||||
END LOOP;
|
|
||||||
END;
|
|
||||||
$$;
|
|
||||||
SELECT create_roles(ARRAY ['anon', 'authenticated']);
|
|
||||||
|
|
||||||
-- Create supabase_admin user if it does not exist
|
|
||||||
DO $$ BEGIN IF NOT EXISTS (
|
|
||||||
SELECT
|
|
||||||
FROM pg_catalog.pg_roles
|
|
||||||
WHERE rolname = 'supabase_admin'
|
|
||||||
) THEN CREATE USER supabase_admin LOGIN CREATEROLE CREATEDB REPLICATION BYPASSRLS;
|
|
||||||
END IF;
|
|
||||||
END $$;
|
|
||||||
-- Create supabase_auth_admin user if it does not exist
|
|
||||||
DO $$ BEGIN IF NOT EXISTS (
|
|
||||||
SELECT
|
|
||||||
FROM pg_catalog.pg_roles
|
|
||||||
WHERE rolname = 'supabase_auth_admin'
|
|
||||||
) THEN CREATE USER supabase_auth_admin BYPASSRLS NOINHERIT CREATEROLE LOGIN NOREPLICATION PASSWORD 'root';
|
|
||||||
END IF;
|
|
||||||
END $$;
|
|
||||||
-- Create auth schema if it does not exist
|
|
||||||
CREATE SCHEMA IF NOT EXISTS auth AUTHORIZATION supabase_auth_admin;
|
|
||||||
-- Grant permissions
|
|
||||||
GRANT CREATE ON DATABASE postgres TO supabase_auth_admin;
|
|
||||||
-- Set search_path for supabase_auth_admin
|
|
||||||
ALTER USER supabase_auth_admin SET search_path = 'auth';
|
|
||||||
|
|
@ -0,0 +1,45 @@
|
||||||
|
#!/usr/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||||
|
-- Create the anon and authenticated roles if they don't exist
|
||||||
|
CREATE OR REPLACE FUNCTION create_roles(roles text []) RETURNS void LANGUAGE plpgsql AS \$\$
|
||||||
|
DECLARE role_name text;
|
||||||
|
BEGIN FOREACH role_name IN ARRAY roles LOOP IF NOT EXISTS (
|
||||||
|
SELECT 1
|
||||||
|
FROM pg_roles
|
||||||
|
WHERE rolname = role_name
|
||||||
|
) THEN EXECUTE 'CREATE ROLE ' || role_name;
|
||||||
|
END IF;
|
||||||
|
END LOOP;
|
||||||
|
END;
|
||||||
|
\$\$;
|
||||||
|
SELECT create_roles(ARRAY ['anon', 'authenticated']);
|
||||||
|
|
||||||
|
-- Create supabase_admin user if it does not exist
|
||||||
|
DO \$\$ BEGIN IF NOT EXISTS (
|
||||||
|
SELECT
|
||||||
|
FROM pg_catalog.pg_roles
|
||||||
|
WHERE rolname = 'supabase_admin'
|
||||||
|
) THEN CREATE USER supabase_admin LOGIN CREATEROLE CREATEDB REPLICATION BYPASSRLS;
|
||||||
|
END IF;
|
||||||
|
END \$\$;
|
||||||
|
|
||||||
|
-- Create supabase_auth_admin user if it does not exist
|
||||||
|
DO \$\$ BEGIN IF NOT EXISTS (
|
||||||
|
SELECT
|
||||||
|
FROM pg_catalog.pg_roles
|
||||||
|
WHERE rolname = '$SUPABASE_USER'
|
||||||
|
) THEN CREATE USER "$SUPABASE_USER" BYPASSRLS NOINHERIT CREATEROLE LOGIN NOREPLICATION PASSWORD '$SUPABASE_PASSWORD';
|
||||||
|
END IF;
|
||||||
|
END \$\$;
|
||||||
|
|
||||||
|
-- Create auth schema if it does not exist
|
||||||
|
CREATE SCHEMA IF NOT EXISTS auth AUTHORIZATION $SUPABASE_USER;
|
||||||
|
|
||||||
|
-- Grant permissions
|
||||||
|
GRANT CREATE ON DATABASE postgres TO $SUPABASE_USER;
|
||||||
|
|
||||||
|
-- Set search_path for supabase_auth_admin
|
||||||
|
ALTER USER $SUPABASE_USER SET search_path = 'auth';
|
||||||
|
EOSQL
|
||||||
Loading…
Reference in New Issue