probo/compose.prod.yaml at main · getprobo/probo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
services:
  probo:
    image: "ghcr.io/getprobo/probo:latest"
    environment:
      # Required secrets (use secure values in production)
      PROBOD_ENCRYPTION_KEY: ${PROBOD_ENCRYPTION_KEY}
      AUTH_COOKIE_SECRET: ${AUTH_COOKIE_SECRET}
      AUTH_PASSWORD_PEPPER: ${AUTH_PASSWORD_PEPPER}
      TRUST_AUTH_TOKEN_SECRET: ${TRUST_AUTH_TOKEN_SECRET}

      # Application settings
      PROBOD_BASE_URL: ${PROBOD_BASE_URL}
      API_ADDR: ${API_ADDR}
      API_CORS_ALLOWED_ORIGINS: ${API_CORS_ALLOWED_ORIGINS}

      # PostgreSQL database
      PG_ADDR: "postgres:5432"
      PG_USERNAME: "postgres"
      PG_PASSWORD: "postgres"
      PG_DATABASE: "probod"
      PG_POOL_SIZE: "100"

      # S3-compatible storage (SeaweedFS)
      AWS_REGION: "us-east-1"
      AWS_BUCKET: "probod"
      AWS_ACCESS_KEY_ID: "probod"
      AWS_SECRET_ACCESS_KEY: "thisisnotasecret"
      AWS_ENDPOINT: "http://seaweedfs:8333"
      AWS_USE_PATH_STYLE: "true"

      # Observability - Metrics & Tracing
      METRICS_ADDR: "probo:8081"
      TRACING_ADDR: ""

      # Email notifications
      SMTP_ADDR: "your.smtp.server:587"
      SMTP_TLS_REQUIRED: "false"
      MAILER_SENDER_NAME: "Probo"
      MAILER_SENDER_EMAIL: "no-reply@notification.getprobo.com"

      # Chrome for PDF generation
      CHROME_DP_ADDR: "chrome:9222"
    ports:
      - "8080:8080"
      - "8081:8081"
      - "8443:8443"
    volumes:
      - "probo-data:/data"
    depends_on:
      postgres:
        condition: service_healthy
      seaweedfs:
        condition: service_started
      chrome:
        condition: service_started


  postgres:
    image: "postgres:17.9@sha256:7ad98329d513dd497293b951c195ca354274a77f12ddbbbbf85e68a811823d72"
    shm_size: "1g"
    command: >
      postgres -c "shared_buffers=4GB"
               -c "max_connections=200"
               -c "log_statement=all"
    ports:
      - "5432:5432"
    volumes:
      - "./compose/postgres:/docker-entrypoint-initdb.d:ro"
      - "postgres-data:/var/lib/postgresql/data:rw"
    environment:
      POSTGRES_USER: "postgres"
      POSTGRES_PASSWORD: "postgres"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5

  seaweedfs:
    image: "chrislusf/seaweedfs:4.20@sha256:cea8339d21dad1b200adce581dd7434d254b8f5975f142c3b4c930ba78647eef"
    command: >
      server
      -s3
      -s3.config=/etc/seaweedfs/s3.json
      -s3.port=8333
      -volume.max=100
      -master.volumeSizeLimitMB=1024
      -dir=/data
    ports:
      - "8333:8333"
      - "9333:9333"
      - "8888:8888"
    volumes:
      - "./compose/seaweedfs/s3.json:/etc/seaweedfs/s3.json:ro"
      - "seaweedfs-data:/data:rw"

  chrome:
    image: "chromedp/headless-shell:149.0.7779.3@sha256:b24482ae166e2c67135f5a8ba9575c257efdd8e2fd6b2e931f9d88ede3d72f3b"
    ports:
      - "9222:9222"
    command:
      - "--headless"
      - "--disable-gpu"
      - "--disable-dev-shm-usage"
      - "--hide-scrollbars"
      - "--mute-audio"
      - "--no-default-browser-check"
      - "--no-first-run"
      - "--disable-background-networking"
      - "--disable-background-timer-throttling"
      - "--disable-extensions"


volumes:
  probo-data:
  postgres-data:
  seaweedfs-data: