art-dag/mono
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1dc87d0f64600cae035f57943fd27800ee78046e
mono/docker-compose.yml
giles 1dc87d0f64 Add OAuth SSO, device ID, and silent auth to L2 
- Replace L2's username/password auth with OAuth SSO via account.rose-ash.com
- Add device_id middleware (artdag_did cookie)
- Add silent auth check (prompt=none with 5-min cooldown)
- Add OAuth config settings and itsdangerous dependency
- Register artdag_l2 client with account service

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-24 23:50:24 +00:00

178 lines
4.4 KiB
YAML
Raw Blame History

x-app-common: &app-common
networks:
appnet:
externalnet:
deploy:
placement:
constraints:
- node.labels.gpu != true
volumes:
- /root/rose-ash/_config/app-config.yaml:/app/config/app-config.yaml:ro
x-app-env: &app-env
DATABASE_URL: postgresql+asyncpg://postgres:change-me@db:5432/appdb
ALEMBIC_DATABASE_URL: postgresql+psycopg://postgres:change-me@db:5432/appdb
SMTP_HOST: ${SMTP_HOST}
SMTP_PORT: ${SMTP_PORT}
MAIL_FROM: ${MAIL_FROM}
SMTP_USER: ${SMTP_USER}
SMTP_PASS: ${SMTP_PASS}
GHOST_API_URL: ${GHOST_API_URL}
GHOST_ADMIN_API_URL: ${GHOST_ADMIN_API_URL}
GHOST_PUBLIC_URL: ${GHOST_PUBLIC_URL}
GHOST_CONTENT_API_KEY: ${GHOST_CONTENT_API_KEY}
GHOST_WEBHOOK_SECRET: ${GHOST_WEBHOOK_SECRET}
GHOST_ADMIN_API_KEY: ${GHOST_ADMIN_API_KEY}
REDIS_URL: redis://redis:6379
SECRET_KEY: ${SECRET_KEY}
SUMUP_API_KEY: ${SUMUP_API_KEY}
APP_URL_BLOG: https://blog.rose-ash.com
APP_URL_MARKET: https://market.rose-ash.com
APP_URL_CART: https://cart.rose-ash.com
APP_URL_EVENTS: https://events.rose-ash.com
APP_URL_FEDERATION: https://federation.rose-ash.com
APP_URL_ACCOUNT: https://account.rose-ash.com
APP_URL_ARTDAG: https://celery-artdag.rose-ash.com
APP_URL_ARTDAG_L2: https://artdag.rose-ash.com
INTERNAL_URL_BLOG: http://blog:8000
INTERNAL_URL_MARKET: http://market:8000
INTERNAL_URL_CART: http://cart:8000
INTERNAL_URL_EVENTS: http://events:8000
INTERNAL_URL_FEDERATION: http://federation:8000
INTERNAL_URL_ACCOUNT: http://account:8000
INTERNAL_URL_ARTDAG: http://l1-server:8100
AP_DOMAIN: federation.rose-ash.com
AP_DOMAIN_BLOG: blog.rose-ash.com
AP_DOMAIN_MARKET: market.rose-ash.com
AP_DOMAIN_EVENTS: events.rose-ash.com
EXTERNAL_INBOXES: "artdag|https://celery-artdag.rose-ash.com/inbox"
services:
blog:
<<: *app-common
image: registry.rose-ash.com:5000/blog:latest
build:
context: .
dockerfile: blog/Dockerfile
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
RUN_MIGRATIONS: "true"
market:
<<: *app-common
image: registry.rose-ash.com:5000/market:latest
build:
context: .
dockerfile: market/Dockerfile
volumes:
- /root/rose-ash/_config/app-config.yaml:/app/config/app-config.yaml:ro
- /root/rose-ash/_snapshot:/app/_snapshot
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
cart:
<<: *app-common
image: registry.rose-ash.com:5000/cart:latest
build:
context: .
dockerfile: cart/Dockerfile
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
events:
<<: *app-common
image: registry.rose-ash.com:5000/events:latest
build:
context: .
dockerfile: events/Dockerfile
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
federation:
<<: *app-common
image: registry.rose-ash.com:5000/federation:latest
build:
context: .
dockerfile: federation/Dockerfile
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
account:
<<: *app-common
image: registry.rose-ash.com:5000/account:latest
build:
context: .
dockerfile: account/Dockerfile
environment:
<<: *app-env
DATABASE_HOST: db
DATABASE_PORT: "5432"
db:
image: postgres:16
environment:
POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-change-me}
POSTGRES_DB: ${POSTGRES_DB:-appdb}
volumes:
- db_data_1:/var/lib/postgresql/data
networks:
appnet:
configs:
- source: schema_sql
target: /run/configs/schema_sql
mode: 0444
deploy:
placement:
constraints:
- node.labels.gpu != true
adminer:
image: adminer
networks:
appnet:
externalnet:
deploy:
placement:
constraints:
- node.labels.gpu != true
redis:
image: redis:7-alpine
container_name: redis
volumes:
- redis_data:/data
networks:
appnet:
command:
redis-server
--maxmemory 256mb
--maxmemory-policy allkeys-lru
deploy:
placement:
constraints:
- node.labels.gpu != true
volumes:
db_data_1:
redis_data:
networks:
appnet:
driver: overlay
externalnet:
driver: overlay
external: true
configs:
schema_sql:
file: ./schema.sql
Reference in New Issue View Git Blame Copy Permalink