Online Deployment Examples

Multi-Image MySQL

DevNote: Describe this configuration; how many/what services it runs and things like that.

docker-compose.yaml
version: '3.5'

services:
  server:
    image: cortezaproject/corteza:${VERSION}
    restart: always
    env_file: [ .env ]
    depends_on: [ db ]
    networks: [ proxy, internal ]
    # Uncomment to use local fs for data persistence
    volumes: [ "./data/server:/data" ]
    environment:
      # This two are needed only if you are using NginX Lets-Encrypt companion
      # (see docs.cortezaproject.org for details)
      # VIRTUAL_HOST helps NginX proxy route traffic for specific virtual host to this container
      VIRTUAL_HOST:     ${DOMAIN}
      # LETSENCRYPT_HOST helps NginX LE companion pull and configure SSL certificates for your domain
      LETSENCRYPT_HOST: ${DOMAIN}

  db:
    # MySQL Database
    # See https://hub.docker.com/r/percona/percona-server for details
    image: percona:8.0
    restart: always
    volumes: [ "./data/db:/var/lib/mysql" ]
    environment:
      MYSQL_DATABASE: dbname
      MYSQL_USER:     dbuser
      MYSQL_PASSWORD: dbpass
      # get the random generated password by running: docker-compose logs db | grep "GENERATED ROOT PASSWORD"
      MYSQL_RANDOM_ROOT_PASSWORD: random
    healthcheck: { test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"], timeout: 20s, retries: 10 }
    networks: [ internal ]

networks:
  internal: {}
  proxy: { external: true }
.env
########################################################################################################################
# docker-compose supports environment variable interpolation/substitution in compose configuration file
# (more info: https://docs.docker.com/compose/environment-variables)

########################################################################################################################
# General settings
DOMAIN=your-demo.example.tld
VERSION=2022.3.0

########################################################################################################################
# Database connection

DB_DSN=dbuser:dbpass@tcp(db:3306)/dbname?collation=utf8mb4_general_ci

########################################################################################################################
# Server settings

# Serve Corteza webapps alongside API
HTTP_WEBAPP_ENABLED=true

# Send action log to container logs as well
# ACTIONLOG_DEBUG=true

# Uncomment for extra debug info if something goes wrong
# LOG_LEVEL=debug

# Use nicer and colorful log instead of JSON
# LOG_DEBUG=true

########################################################################################################################
# Authentication

# Secret to use for JWT token
# Make sure you change it (>30 random characters) if
# you expose your deployment to outside traffic
# AUTH_JWT_SECRET=this-is-only-for-demo-purpose--make-sure-you-change-it-for-production

########################################################################################################################
# SMTP (mail sending) settings

# Point this to your local or external SMTP server if you want to send emails.
# In most cases, Corteza can detect that SMTP is disabled and skips over sending emails without an error
#SMTP_HOST=smtp-server.example.tld:587
#SMTP_USER=postmaster@smtp-server.example.tld
#SMTP_PASS=this-is-your-smtp-password
#SMTP_FROM='"Demo" <info@your-demo.example.tld>'

Multi-Image PostgreSQL

DevNote: Describe this configuration; how many/what services it runs and things like that.

docker-compose.yaml
version: '3.5'

services:
  server:
    image: cortezaproject/corteza:${VERSION}
    networks: [ proxy, internal ]
    restart: always
    env_file: [ .env ]
    depends_on: [ db ]
    volumes: [ "./data/server:/data" ]
    environment:
      # VIRTUAL_HOST helps NginX proxy route traffic for specific virtual host to
      # this container
      # This value is also picked up by initial boot auto-configuration procedure
      # If this is changed, make sure you change settings accordingly
      VIRTUAL_HOST: ${DOMAIN}
      # This is needed only if you are using NginX Lets-Encrypt companion
      # (see docs.cortezaproject.org for details)
      LETSENCRYPT_HOST: ${DOMAIN}

  db:
    # PostgreSQL Database
    # See https://hub.docker.com/_/postgres for details
    image: postgres:13
    networks: [ internal ]
    restart: always
    healthcheck: { test: ["CMD-SHELL", "pg_isready -U corteza"], interval: 10s, timeout: 5s, retries: 5 }
    environment:
      # Warning: these are values that are only used on 1st start
      #          if you want to change it later, you need to do that
      #          manually inside db container
      POSTGRES_USER:     corteza
      POSTGRES_PASSWORD: corteza

networks:
  internal: {}
  proxy: { external: true }
.env
########################################################################################################################
# docker-compose supports environment variable interpolation/substitution in compose configuration file
# (more info: https://docs.docker.com/compose/environment-variables)

########################################################################################################################
# General settings
DOMAIN=your-demo.example.tld
VERSION=2022.3.0

########################################################################################################################
# Database connection

DB_DSN=postgres://corteza:corteza@db:5432/corteza?sslmode=disable

########################################################################################################################
# Server settings

# Serve Corteza webapps alongside API
HTTP_WEBAPP_ENABLED=true

# Send action log to container logs as well
# ACTIONLOG_DEBUG=true

# Uncomment for extra debug info if something goes wrong
# LOG_LEVEL=debug

# Use nicer and colorful log instead of JSON
# LOG_DEBUG=true

########################################################################################################################
# Authentication

# Secret to use for JWT token
# Make sure you change it (>30 random characters) if
# you expose your deployment to outside traffic
# AUTH_JWT_SECRET=this-is-only-for-demo-purpose--make-sure-you-change-it-for-production

########################################################################################################################
# SMTP (mail sending) settings

# Point this to your local or external SMTP server if you want to send emails.
# In most cases, Corteza can detect that SMTP is disabled and skips over sending emails without an error
#SMTP_HOST=smtp-server.example.tld:587
#SMTP_USER=postmaster@smtp-server.example.tld
#SMTP_PASS=this-is-your-smtp-password
#SMTP_FROM='"Demo" <info@your-demo.example.tld>'

Multi-image Discovery with PostgreSQL

Currently Corteza Discovery is tested on a running production servers in combination with PostgreSQL database, but should work with the latest MySQL versions. Beside the server and db containers, there should be also the indexer (es) and the searcher (discovery) running.

docker-compose.yaml
version: '3.5'

services:
  server:
    image: cortezaproject/corteza:${VERSION}
    env_file: [ .env ]
    depends_on: [ db ]
    networks: [ proxy, internal ]
    environment:
      VIRTUAL_HOST:     ${DOMAIN}
      LETSENCRYPT_HOST: ${DOMAIN}
    volumes: [ "./data/server:/data" ]
    restart: on-failure

  db:
    image: postgres:13
    networks: [ internal ]
    restart: on-failure
    healthcheck: { test: ["CMD-SHELL", "pg_isready -U corteza"], interval: 10s, timeout: 5s, retries: 5 }
    environment:
      POSTGRES_USER:     corteza
      POSTGRES_PASSWORD: corteza

  es:
    image: opensearchproject/opensearch:1.3.0
    restart: on-failure
    networks: [ internal ]
    environment:
      - cluster.name=es-docker-cluster
      - node.name=es
      - cluster.initial_master_nodes=es
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - OPENSEARCH_JAVA_OPTS=-Xms8000m -Xmx8000m # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
      - DISABLE_INSTALL_DEMO_CONFIG=true
      - DISABLE_SECURITY_PLUGIN=true
      - VIRTUAL_HOST=es.${DOMAIN}
      - LETSENCRYPT_HOST=es.${DOMAIN}
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - ./data/es:/usr/share/elasticsearch/data

  discovery:
    image: cortezaproject/corteza-server-discovery:${VERSION}
    restart: on-failure
    env_file: [ .env ]
    depends_on: [ es, server ]
    networks: [ proxy, internal ]
    environment:
      VIRTUAL_HOST: discovery.${DOMAIN}
      VIRTUAL_PORT: 80
      LETSENCRYPT_HOST: discovery.${DOMAIN}

networks: { internal: {}, proxy: { name: proxy } }
.env
########################################################################################################################
# General settings
DOMAIN=your-demo.example.tld
VERSION=2022.3.0

########################################################################################################################
# Database connection

DB_DSN=postgres://corteza:corteza@db:5432/corteza?sslmode=disable

########################################################################################################################
# Server settings

# Serve Corteza webapps alongside API
HTTP_WEBAPP_ENABLED=true

########################################################################################################################
# Server Discovery configs

DISCOVERY_ENABLED=true
DISCOVERY_DEBUG=true
DISCOVERY_CORTEZA_DOMAIN=https://your-demo.example.tld
DISCOVERY_BASE_URL=//discovery.your-demo.example.tld
CORTEZA_SERVER_BASE_URL=http://server:80

ES_ADDRESS=http://es:9200
ES_INDEX_INTERVAL=300
HTTP_ADDR=0.0.0.0:80

# Corteza Discovery indexer configuration
DISCOVERY_INDEXER_ENABLED=true
DISCOVERY_INDEXER_PRIVATE_INDEX_CLIENT_KEY=${PRIVATE_KEY_EXAMPLE}
DISCOVERY_INDEXER_PRIVATE_INDEX_CLIENT_SECRET=${SECRET_EXAMPLE}

# Corteza Discovery searcher configuration
DISCOVERY_SEARCHER_ENABLED=true
DISCOVERY_SEARCHER_CLIENT_KEY=${CLIENT_KEY_EXAMPLE}
DISCOVERY_SEARCHER_CLIENT_SECRET=${CLIENT_SECRET_EXAMPLE}
DISCOVERY_SEARCHER_JWT_SECRET=${JWT_SECRET_EXAMPLE}
DISCOVERY_SEARCHER_ALLOWED_ROLE=${ROLE_ALLOWED_EXAMPLE}