mirror of
https://github.com/odoocker/odoocker
synced 2025-11-04 23:29:19 +01:00
Compare commits
16 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
bf0448db33 | ||
|
|
d0bfa83653 | ||
|
|
5eff644269 | ||
|
|
e499f951d2 | ||
|
|
e05f5333bd | ||
|
|
0ab69e43a5 | ||
|
|
9d13ed0db1 | ||
|
|
d8f96573e3 | ||
|
|
cf6d846723 | ||
|
|
21e5c4ecde | ||
|
|
ecc5481be4 | ||
|
|
10d0388a1b | ||
|
|
2f1f6fc63b | ||
|
|
5620db94a1 | ||
|
|
08b506972a | ||
|
|
32f16fee74 |
51
.env.example
51
.env.example
@@ -22,6 +22,7 @@ USE_REDIS=false
|
||||
USE_S3=false
|
||||
USE_SENTRY=false
|
||||
USE_PGADMIN=false
|
||||
USE_PGBOUNCER=false
|
||||
|
||||
# GitHub user and access token to clone private repositories
|
||||
GITHUB_USER=
|
||||
@@ -46,6 +47,11 @@ UNACCENT=False
|
||||
LIST_DB=True
|
||||
DBFILTER=.*
|
||||
|
||||
# PgBouncer
|
||||
POOL_MODE=transaction
|
||||
MAX_CLIENT_CONN=500
|
||||
ADMIN_USERS=postgres,odoo
|
||||
|
||||
# Logging
|
||||
LOG_LEVEL=info
|
||||
# Additional logs
|
||||
@@ -103,7 +109,7 @@ S3_VIRTUAL_HOST=s3.odoocker.test
|
||||
S3_API_PORT=9000
|
||||
S3_CONSOLE_PORT=9001
|
||||
|
||||
AWS_HOST=http://s3:${S3_API_PORT}
|
||||
AWS_HOST=http://minio:${S3_API_PORT}
|
||||
AWS_REGION=
|
||||
AWS_ACCESS_KEY_ID=myaccesskey
|
||||
AWS_SECRET_ACCESS_KEY=mysecretkey
|
||||
@@ -135,6 +141,7 @@ USE_REDIS=${USE_REDIS}
|
||||
USE_S3=${USE_S3}
|
||||
USE_SENTRY=${USE_SENTRY}
|
||||
USE_PGADMIN=${USE_PGADMIN}
|
||||
USE_PGBOUNCER=${USE_PGBOUNCER}
|
||||
|
||||
# Which services are going to be brought up
|
||||
COMPOSE_PROFILES=${SERVICES}
|
||||
@@ -144,20 +151,24 @@ ODOO_PROFILES="odoo"
|
||||
POSTGRES_PROFILES="postgres"
|
||||
NGINX_PROFILES="nginx"
|
||||
NGINX_PROXY_PROFILES="proxy"
|
||||
TRAEFIK_PROFILES="traefik"
|
||||
ACME_COMPANION_PROFILES="acme"
|
||||
KEYDB_PROFILES="keydb"
|
||||
MINIO_PROFILES="minio"
|
||||
PGADMIN_PROFILES="pgadmin"
|
||||
PGBOUNCER_PROFILES="pgbouncer"
|
||||
|
||||
# Containers' Tags
|
||||
ODOO_TAG=17.0
|
||||
POSTGRES_TAG=16.1
|
||||
PGBOUNCER_TAG=latest
|
||||
KEYDB_TAG=latest
|
||||
MINIO_TAG=latest
|
||||
NGINX_TAG=1.25.3
|
||||
NGINX_PROXY_TAG=1.4.0
|
||||
ACME_COMPANION_TAG=2.2.9
|
||||
PGADMIN_TAG=8.1
|
||||
TRAEFIK_TAG=2.11
|
||||
ACME_COMPANION_TAG=2.2.10
|
||||
PGADMIN_TAG=8.2
|
||||
|
||||
# Odoocker paths
|
||||
COMMUNITY_ADDONS=${ROOT_PATH}/addons
|
||||
@@ -313,6 +324,40 @@ POSTGRES_USER=${POSTGRES_MAIN_USER}
|
||||
POSTGRES_PASSWORD=${POSTGRES_MAIN_PASSWORD}
|
||||
PGDATA=/var/lib/postgresql/data/${PROJECT_NAME}
|
||||
|
||||
#---------------#
|
||||
# Traefik #
|
||||
#---------------#
|
||||
# Volumes
|
||||
ACME_JSON=/acme.json
|
||||
TRAEFIK_LOGS=/var/log/traefik
|
||||
|
||||
# Command
|
||||
API_DASHBOARD=true
|
||||
API_INSECURE=true
|
||||
API_DEBUG=false
|
||||
ENTRYPOINTS_WEB_ADDRESS=:80
|
||||
ENTRYPOINTS_WEBSECURE_ADDRESS=:443
|
||||
TRAEFIK_LOG_LEVEL=INFO
|
||||
ACCESSLOG_FILEPATH=${TRAEFIK_LOGS}/access.log
|
||||
ACME_HTTPCHALLENGE=true
|
||||
ACME_HTTPCHALLENGE_ENTRYPOINT=web
|
||||
ACME_EMAIL=mail@example.com
|
||||
ACME_STORAGE=${ACME_JSON}
|
||||
# For prod use: https://acme-v02.api.letsencrypt.org/directory
|
||||
ACME_CASERVER=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
INSERCURE_SKIP_VERIFY=true
|
||||
|
||||
# Labels
|
||||
TRAEFIK_ENABLE=true
|
||||
HTTP_CATCHALL_ENTRYPOINTS=web
|
||||
HTTP_CATCHALL_MIDDLEWARES=redirect-to-https
|
||||
MIDDLEWARES_REDIRECT_SCHEME=https
|
||||
|
||||
TRAEFIK_DASHBOARD_DOMAIN=traefik.odoocker.test
|
||||
TRAEFIK_DASHBOARD_ENTRYPOINTS=websecure
|
||||
TRAEFIK_DASHBOARD_TLS_CERTRESOLVER=leresolver
|
||||
TRAEFIK_DASHBOARD_SERVICE=api@internal
|
||||
|
||||
#-------------#
|
||||
# Nginx #
|
||||
#-------------#
|
||||
|
||||
2
.gitignore
vendored
2
.gitignore
vendored
@@ -9,3 +9,5 @@ docker-compose.override.yml
|
||||
|
||||
# Ignores any __pycache__ folder.
|
||||
__pycache__
|
||||
|
||||
upgrade/
|
||||
|
||||
@@ -12,6 +12,11 @@ services:
|
||||
ports:
|
||||
- 5432:5432
|
||||
|
||||
pgbouncer:
|
||||
restart: 'no'
|
||||
expose:
|
||||
- 5432/tcp
|
||||
|
||||
nginx:
|
||||
restart: 'no'
|
||||
|
||||
@@ -21,13 +26,19 @@ services:
|
||||
- 80:80
|
||||
- 443:443
|
||||
|
||||
letsencrypt:
|
||||
traefik:
|
||||
restart: 'no'
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
|
||||
acme-companion:
|
||||
restart: 'no'
|
||||
|
||||
redis:
|
||||
keydb:
|
||||
restart: 'no'
|
||||
|
||||
s3:
|
||||
minio:
|
||||
restart: 'no'
|
||||
|
||||
pgadmin:
|
||||
|
||||
@@ -12,6 +12,11 @@ services:
|
||||
ports:
|
||||
- 127.0.0.1:5432:5432
|
||||
|
||||
pgbouncer:
|
||||
restart: unless-stopped
|
||||
expose:
|
||||
- 5432/tcp
|
||||
|
||||
nginx:
|
||||
restart: unless-stopped
|
||||
|
||||
@@ -21,13 +26,31 @@ services:
|
||||
- 80:80
|
||||
- 443:443
|
||||
|
||||
letsencrypt:
|
||||
traefik:
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
command:
|
||||
- --entrypoints.websecure.address=${ENTRYPOINTS_WEBSECURE_ADDRESS}
|
||||
- --certificatesresolvers.leresolver.acme.httpchallenge=${ACME_HTTPCHALLENGE}
|
||||
- --certificatesresolvers.leresolver.acme.httpchallenge.entrypoint=${ACME_HTTPCHALLENGE_ENTRYPOINT}
|
||||
- --certificatesresolvers.leresolver.acme.email=${ACME_EMAIL}
|
||||
- --certificatesresolvers.leresolver.acme.storage=${ACME_STORAGE}
|
||||
- --certificatesresolvers.leresolver.acme.caserver=${ACME_CASERVER}
|
||||
labels:
|
||||
- traefik.http.routers.http-catchall.middlewares=${HTTP_CATCHALL_MIDDLEWARES}
|
||||
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=${MIDDLEWARES_REDIRECT_SCHEME}
|
||||
- traefik.http.routers.traefik-dashboard.entrypoints=${TRAEFIK_DASHBOARD_ENTRYPOINTS}
|
||||
- traefik.http.routers.traefik-dashboard.tls.certresolver=${TRAEFIK_DASHBOARD_TLS_CERTRESOLVER}
|
||||
|
||||
acme-companion:
|
||||
restart: unless-stopped
|
||||
|
||||
redis:
|
||||
keydb:
|
||||
restart: unless-stopped
|
||||
|
||||
s3:
|
||||
minio:
|
||||
restart: unless-stopped
|
||||
|
||||
pgadmin:
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
services:
|
||||
odoo:
|
||||
container_name: odoo
|
||||
build:
|
||||
context: ./
|
||||
dockerfile: ./odoo/Dockerfile
|
||||
@@ -18,6 +19,7 @@ services:
|
||||
- USE_S3
|
||||
- USE_SENTRY
|
||||
tty: true
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- odoo-data:${DATA_DIR}
|
||||
- ./odoo/extra-addons:${EXTRA_ADDONS}
|
||||
@@ -55,12 +57,14 @@ services:
|
||||
profiles: [$ODOO_PROFILES]
|
||||
|
||||
postgres:
|
||||
container_name: postgres
|
||||
build:
|
||||
context: ./
|
||||
dockerfile: ./postgres/Dockerfile
|
||||
args:
|
||||
- POSTGRES_TAG
|
||||
tty: true
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- pg-data:${PGDATA}
|
||||
- ./postgres/entrypoint.sh:/docker-entrypoint-initdb.d/entrypoint.sh
|
||||
@@ -79,13 +83,30 @@ services:
|
||||
- internal
|
||||
profiles: [$POSTGRES_PROFILES]
|
||||
|
||||
pgbouncer:
|
||||
image: edoburu/pgbouncer:latest
|
||||
container_name: pgbouncer
|
||||
restart: always
|
||||
depends_on:
|
||||
- postgres
|
||||
environment:
|
||||
- DB_HOST=${DB_HOST}
|
||||
- DB_USER=${DB_USER}
|
||||
- DB_PASSWORD=${DB_PASSWORD}
|
||||
- MAX_CLIENT_CONN=${MAX_CLIENT_CONN}
|
||||
- POOL_MODE=${POOL_MODE}
|
||||
- ADMIN_USERS=${ADMIN_USERS}
|
||||
profiles: [$PGBOUNCER_PROFILES]
|
||||
|
||||
nginx:
|
||||
container_name: nginx
|
||||
image: nginx:${NGINX_TAG}
|
||||
depends_on:
|
||||
- odoo
|
||||
tty: true
|
||||
expose:
|
||||
- 80/tcp
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- ./nginx/nginx.conf:${NGINX_CONF}
|
||||
- ./nginx/default.conf:${NGINX_DEFAULT_CONF}
|
||||
@@ -99,10 +120,12 @@ services:
|
||||
profiles: [$NGINX_PROFILES]
|
||||
|
||||
nginx-proxy:
|
||||
container_name: nginx-proxy
|
||||
image: nginxproxy/nginx-proxy:${NGINX_PROXY_TAG}
|
||||
depends_on:
|
||||
- nginx
|
||||
tty: true
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- ./nginx-proxy/nginx.conf:${NGINX_CONF}
|
||||
- ./nginx-proxy/cors.conf:${NGINX_PROXY_CORS_CONF}
|
||||
@@ -117,7 +140,38 @@ services:
|
||||
- internal
|
||||
profiles: [$NGINX_PROXY_PROFILES]
|
||||
|
||||
letsencrypt:
|
||||
traefik:
|
||||
container_name: traefik
|
||||
image: "traefik:${TRAEFIK_TAG}"
|
||||
networks:
|
||||
- internal
|
||||
command:
|
||||
- --api.dashboard=${API_DASHBOARD}
|
||||
- --api.insecure=${API_INSECURE}
|
||||
- --api.debug=${API_DEBUG}
|
||||
- --entrypoints.web.address=${ENTRYPOINTS_WEB_ADDRESS}
|
||||
- --providers.docker
|
||||
- --log.level=${TRAEFIK_LOG_LEVEL}
|
||||
- --accesslog.filepath=${ACCESSLOG_FILEPATH}
|
||||
- --serversTransport.insecureSkipVerify=${INSERCURE_SKIP_VERIFY}
|
||||
tty: true
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- ${DOCKER_SOCK}:${DOCKER_SOCK}:ro
|
||||
- ./acme.json:${ACME_JSON}
|
||||
- traefik_logs:${TRAEFIK_LOGS}
|
||||
labels:
|
||||
- traefik.enable=${TRAEFIK_ENABLE}
|
||||
# Catch all HTTP trafic and redirect it to HTTPS
|
||||
- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
|
||||
- traefik.http.routers.http-catchall.entrypoints=${HTTP_CATCHALL_ENTRYPOINTS}
|
||||
# Traefik Dashboard route
|
||||
- traefik.http.routers.traefik-dashboard.rule=Host(`${TRAEFIK_DASHBOARD_DOMAIN}`)
|
||||
- traefik.http.routers.traefik-dashboard.service=${TRAEFIK_DASHBOARD_SERVICE}
|
||||
profiles: [$TRAEFIK_PROFILES]
|
||||
|
||||
acme-companion:
|
||||
container_name: acme-companion
|
||||
image: nginxproxy/acme-companion:${ACME_COMPANION_TAG}
|
||||
depends_on:
|
||||
- nginx-proxy
|
||||
@@ -135,7 +189,8 @@ services:
|
||||
- internal
|
||||
profiles: [$ACME_COMPANION_PROFILES]
|
||||
|
||||
redis:
|
||||
keydb:
|
||||
container_name: keydb
|
||||
image: eqalpha/keydb:${KEYDB_TAG}
|
||||
platform: linux/amd64
|
||||
ports:
|
||||
@@ -146,7 +201,8 @@ services:
|
||||
- internal
|
||||
profiles: [$KEYDB_PROFILES]
|
||||
|
||||
s3:
|
||||
minio:
|
||||
container_name: minio
|
||||
image: minio/minio:${MINIO_TAG}
|
||||
environment:
|
||||
- MINIO_ROOT_USER
|
||||
@@ -155,6 +211,7 @@ services:
|
||||
- VIRTUAL_HOST=${MINIO_VIRTUAL_HOST}
|
||||
- VIRTUAL_PORT=${MINIO_CONSOLE_PORT}
|
||||
command: server ${MINIO_DATA} --console-address ":${MINIO_CONSOLE_PORT}"
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- s3-data:${MINIO_DATA}
|
||||
ports:
|
||||
@@ -165,6 +222,7 @@ services:
|
||||
profiles: [$MINIO_PROFILES]
|
||||
|
||||
pgadmin:
|
||||
container_name: pgadmin
|
||||
build:
|
||||
context: ./
|
||||
dockerfile: ./pgadmin/Dockerfile
|
||||
@@ -174,6 +232,7 @@ services:
|
||||
- nginx-proxy
|
||||
expose:
|
||||
- 80
|
||||
shm_size: 1gb
|
||||
volumes:
|
||||
- pgadmin-data:${PGADMIN_DATA}
|
||||
environment:
|
||||
@@ -216,6 +275,7 @@ volumes:
|
||||
vhost:
|
||||
certs:
|
||||
acme:
|
||||
traefik_logs:
|
||||
|
||||
networks:
|
||||
internal:
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
debugpy
|
||||
websocket-client
|
||||
redis
|
||||
boto3
|
||||
debugpy==1.8.0
|
||||
websocket-client==1.7.0
|
||||
redis==5.0.1
|
||||
boto3==1.34.23
|
||||
sentry-sdk==1.9.0 # Fixed because Odoo depends on urllib3==1.26.5
|
||||
|
||||
20
pgbouncer/docker-entrypoint-initdb.d/init.sh
Normal file
20
pgbouncer/docker-entrypoint-initdb.d/init.sh
Normal file
@@ -0,0 +1,20 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||
CREATE USER dbuser WITH ENCRYPTED PASSWORD 'dbuser';
|
||||
CREATE DATABASE dbuser OWNER dbuser;
|
||||
|
||||
CREATE USER user1 WITH ENCRYPTED PASSWORD 'user1';
|
||||
CREATE DATABASE user1 OWNER user1;
|
||||
|
||||
CREATE USER user2 WITH ENCRYPTED PASSWORD 'user2';
|
||||
CREATE DATABASE user2 OWNER user2;
|
||||
|
||||
CREATE USER user3 WITH ENCRYPTED PASSWORD 'user3';
|
||||
CREATE DATABASE user3 OWNER user3;
|
||||
|
||||
CREATE USER odoo WITH ENCRYPTED PASSWORD 'odoo';
|
||||
CREATE DATABASE odoo OWNER odoo;
|
||||
|
||||
EOSQL
|
||||
0
traefik/acme.json
Normal file
0
traefik/acme.json
Normal file
Reference in New Issue
Block a user