MngomaLab/automation
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
main
automation/docker-stacks/app-server/penpot.yml
T

135 lines
4.0 KiB
YAML
Raw Permalink Blame History

x-flags: &penpot-flags
# Merged disable-sandbox into the flags array to protect the headless engine
# PENPOT_FLAGS: disable-email-verification enable-smtp enable-prepl-server disable-secure-session-cookies enable-mcp disable-sandbox enable-login-with-password
PENPOT_FLAGS: disable-email-verification enable-smtp enable-prepl-server disable-secure-session-cookies disable-sandbox enable-login-with-password
x-uri: &penpot-public-uri
PENPOT_PUBLIC_URI: ${PENPOT_PUBLIC_URI}
x-body-size: &penpot-http-body-size
PENPOT_HTTP_SERVER_MAX_BODY_SIZE: 367001600
PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE: 367001600
x-secret-key: &penpot-secret-key
PENPOT_SECRET_KEY: ${PENPOT_SECRET_KEY}
networks:
penpot-net:
driver: bridge
volumes:
penpot_assets:
penpot_postgres_v15:
services:
penpot-frontend:
image: "penpotapp/frontend:${PENPOT_VERSION:-latest}"
restart: always
ports:
- "8084:8080"
volumes:
- penpot_assets:/opt/data/assets
depends_on:
- penpot-backend
- penpot-exporter
- penpot-mcp
networks:
- penpot-net
environment:
<<: [*penpot-flags, *penpot-http-body-size, *penpot-public-uri]
penpot-backend:
image: "penpotapp/backend:${PENPOT_VERSION:-latest}"
restart: always
volumes:
- penpot_assets:/opt/data/assets
networks:
- penpot-net
ports:
- "6060:6060"
depends_on:
penpot-postgres:
condition: service_healthy # Wait for database stability
penpot-valkey:
condition: service_healthy # Wait for internal caching layer stability
environment:
<< : [*penpot-flags, *penpot-public-uri, *penpot-http-body-size, *penpot-secret-key]
# Security Handshake Key for internal Exporter validation routines
PENPOT_EXPORTER_SECRET_KEY: ${PENPOT_EXPORTER_SECRET_KEY}
## Local Internal Database connection parameters
PENPOT_DATABASE_URI: postgresql://penpot-postgres/penpot
PENPOT_DATABASE_USERNAME: penpot
PENPOT_DATABASE_PASSWORD: penpot
## Local Caching Layer connection parameter
PENPOT_REDIS_URI: redis://penpot-valkey/0
## Storage Settings
PENPOT_OBJECTS_STORAGE_BACKEND: fs
PENPOT_OBJECTS_STORAGE_FS_DIRECTORY: /opt/data/assets
## Telemetry & Optional settings
PENPOT_TELEMETRY_ENABLED: "false"
penpot-mcp:
image: "penpotapp/mcp:${PENPOT_VERSION:-latest}"
restart: always
networks:
- penpot-net
penpot-exporter:
image: "penpotapp/exporter:${PENPOT_VERSION:-latest}"
restart: always
shm_size: '2gb' # Protects Puppeteer rendering processes from memory crashes
depends_on:
penpot-valkey:
condition: service_healthy
networks:
- penpot-net
environment:
<< : [*penpot-secret-key]
PENPOT_EXPORTER_SECRET_KEY: ${PENPOT_EXPORTER_SECRET_KEY}
PENPOT_PUBLIC_URI: http://penpot-frontend:8080
## Local Caching Layer connections for the exporter sub-engine
PENPOT_REDIS_URI: redis://penpot-valkey/0
PENPOT_REDIS_URL: redis://penpot-valkey/0
PENPOT_FLAGS: disable-sandbox
# Integrated isolated Database Service
penpot-postgres:
image: "postgres:15"
restart: always
stop_signal: SIGINT
networks:
- penpot-net
volumes:
- penpot_postgres_v15:/var/lib/postgresql/data
environment:
- POSTGRES_INITDB_ARGS=--data-checksums
- POSTGRES_DB=penpot
- POSTGRES_USER=penpot
- POSTGRES_PASSWORD=penpot
healthcheck:
test: ["CMD-SHELL", "pg_isready -U penpot"]
interval: 2s
timeout: 10s
retries: 5
start_period: 2s
# Integrated isolated Caching Engine (Valkey drop-in for Redis)
penpot-valkey:
image: valkey/valkey:8.1
restart: always
networks:
- penpot-net
environment:
- VALKEY_EXTRA_FLAGS=--maxmemory 128mb --maxmemory-policy volatile-lfu
healthcheck:
test: ["CMD-SHELL", "valkey-cli ping | grep PONG"]
interval: 1s
timeout: 3s
retries: 5
start_period: 3s
Reference in New Issue View Git Blame Copy Permalink