|
version: '2' |
|
|
|
services: |
|
|
|
database: |
|
image: 'zulip/zulip-postgresql:10' |
|
environment: |
|
POSTGRES_DB: 'zulip' |
|
POSTGRES_USER: 'zulip' |
|
# Note that you need to do a manual `ALTER ROLE` query if you |
|
# change this on a system after booting the postgres container |
|
# the first time on a host. Instructions are available in README.md. |
|
POSTGRES_PASSWORD: 'REPLACE_WITH_SECURE_POSTGRES_PASSWORD' |
|
volumes: |
|
- '/srv/docker/zulip/postgresql/data:/var/lib/postgresql/data:rw' |
|
|
|
memcached: |
|
image: 'memcached:alpine' |
|
command: |
|
- 'sh' |
|
- '-euc' |
|
- | |
|
echo 'mech_list: plain' > "$$SASL_CONF_PATH" |
|
echo "zulip@$$HOSTNAME:$$MEMCACHED_PASSWORD" > "$$MEMCACHED_SASL_PWDB" |
|
exec memcached -S |
|
environment: |
|
SASL_CONF_PATH: '/home/memcache/memcached.conf' |
|
MEMCACHED_SASL_PWDB: '/home/memcache/memcached-sasl-db' |
|
MEMCACHED_PASSWORD: 'REPLACE_WITH_SECURE_MEMCACHED_PASSWORD' |
|
restart: always |
|
|
|
rabbitmq: |
|
image: 'rabbitmq:3.7.7' |
|
hostname: zulip-rabbit |
|
restart: always |
|
environment: |
|
RABBITMQ_DEFAULT_USER: 'zulip' |
|
RABBITMQ_DEFAULT_PASS: 'REPLACE_WITH_SECURE_RABBITMQ_PASSWORD' |
|
volumes: |
|
- '/srv/docker/zulip/rabbitmq:/var/lib/rabbitmq:rw' |
|
|
|
redis: |
|
image: 'redis:alpine' |
|
command: |
|
- 'sh' |
|
- '-euc' |
|
- | |
|
echo "requirepass '$$REDIS_PASSWORD'" > /etc/redis.conf |
|
exec redis-server /etc/redis.conf |
|
environment: |
|
REDIS_PASSWORD: 'REPLACE_WITH_SECURE_REDIS_PASSWORD' |
|
volumes: |
|
- '/srv/docker/zulip/redis:/data:rw' |
|
|
|
zulip: |
|
image: 'zulip/docker-zulip:2.1.2-0' |
|
build: |
|
context: . |
|
args: |
|
# Change these if you want to build zulip from a different repo/branch |
|
ZULIP_GIT_URL: https://github.com/zulip/zulip.git |
|
ZULIP_GIT_REF: 2.1.2 |
|
# Set this up if you plan to use your own CA certificate bundle for building |
|
# CUSTOM_CA_CERTIFICATES: |
|
ports: |
|
- '4443:443' |
|
environment: |
|
DB_HOST: 'database' |
|
DB_HOST_PORT: '5432' |
|
DB_USER: 'zulip' |
|
SSL_CERTIFICATE_GENERATION: 'self-signed' |
|
SETTING_MEMCACHED_LOCATION: 'memcached:11211' |
|
SETTING_RABBITMQ_HOST: 'rabbitmq' |
|
SETTING_REDIS_HOST: 'redis' |
|
SECRETS_email_password: '123456789' |
|
# These should match RABBITMQ_DEFAULT_PASS, POSTGRES_PASSWORD, |
|
# MEMCACHED_PASSWORD, and REDIS_PASSWORD above. |
|
SECRETS_rabbitmq_password: 'REPLACE_WITH_SECURE_RABBITMQ_PASSWORD' |
|
SECRETS_postgres_password: 'REPLACE_WITH_SECURE_POSTGRES_PASSWORD' |
|
SECRETS_memcached_password: 'REPLACE_WITH_SECURE_MEMCACHED_PASSWORD' |
|
SECRETS_redis_password: 'REPLACE_WITH_SECURE_REDIS_PASSWORD' |
|
SECRETS_secret_key: 'REPLACE_WITH_SECURE_SECRET_KEY' |
|
SETTING_EXTERNAL_HOST: 'localhost:4443' |
|
SETTING_ZULIP_ADMINISTRATOR: 'admin@example.com' |
|
SETTING_EMAIL_HOST: '' # e.g. smtp.example.com |
|
SETTING_EMAIL_HOST_USER: 'noreply@example.com' |
|
SETTING_EMAIL_PORT: '587' |
|
# It seems that the email server needs to use ssl or tls and can't be used without it |
|
SETTING_EMAIL_USE_SSL: 'False' |
|
SETTING_EMAIL_USE_TLS: 'True' |
|
# Uncomment this when configuring the mobile push notifications service |
|
# SETTING_PUSH_NOTIFICATION_BOUNCER_URL: 'https://push.zulipchat.com' |
|
ZULIP_AUTH_BACKENDS: "EmailAuthBackend,ZulipLDAPAuthBackend" |
|
SETTING_AUTH_LDAP_SERVER_URI: "ldap://172.17.0.1" # Or docker0 interface IP if LDAP is on same host |
|
SETTING_AUTH_LDAP_BIND_DN: "cn=admin,dc=mycompany" |
|
SECRETS_auth_ldap_bind_password: "mypassword" |
|
SETTING_AUTH_LDAP_USER_SEARCH: 'LDAPSearch("cn=mygroup,dc=mycompany", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")' |
|
SETTING_LDAP_APPEND_DOMAIN: "example.com" |
|
SETTING_AUTH_LDAP_USER_ATTR_MAP: '{ "first_name": "givenName", "last_name": "sn" }' |
|
volumes: |
|
- '/srv/docker/zulip/zulip:/data:rw' |
|
|
|
ulimits: |
|
nofile: |
|
soft: 40000 |
|
hard: 50000 |