cupcakearmy/memoir
1
0
Fork 0
mirror of https://github.com/cupcakearmy/memoir.git synced 2024-12-22 16:16:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
main
memoir/pages/dev_ops/hosting/outline.md
cupcakearmy d8d96e7323
docker images
2023-03-07 21:41:23 +01:00

228 lines
7.0 KiB
Markdown
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Outline
[Outline](https://www.getoutline.com/) does not make it suuuper easy to not pay for their hosted version. So a few things are a bit rough. Here the [official docs](https://wiki.generaloutline.com/s/hosting/doc/hosting-outline-nipGaCRBDu).
1. Copy `docker-compose.yaml` and `.env`
2. Fill in missing values
3. Manually create a bucket called `wiki` in the minio dashboard.
```yaml
version: '3.8'
networks:
proxy:
external: true
services:
outline:
image: outlinewiki/outline
restart: unless-stopped
env_file: .env
command: sh -c "yarn db:migrate --env production-ssl-disabled && yarn start"
depends_on:
- db
- redis
- storage
networks:
- default
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.outline.rule=Host(`example.org`)
- traefik.http.routers.outline.entrypoints=secure
- traefik.http.routers.outline.tls.certresolver=cf
redis:
restart: unless-stopped
image: redis
db:
image: postgres:15-alpine
restart: unless-stopped
volumes:
- ./data/db:/var/lib/postgresql/data
environment:
# PGSSLMODE: disable
POSTGRES_USER: user
POSTGRES_PASSWORD: pass
POSTGRES_DB: outline
storage:
image: minio/minio
restart: unless-stopped
command: server /data --console-address ":80"
volumes:
- ./data/s3:/data
environment:
- MINIO_ROOT_USER=user
- MINIO_ROOT_PASSWORD=pass
- MINIO_DOMAIN=s3.example.org
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.s3.rule=Host(`s3.example.org`)
- traefik.http.routers.s3.entrypoints=secure
- traefik.http.routers.s3.tls.certresolver=cf
- traefik.http.routers.s3.service=s3-service
- traefik.http.services.s3-service.loadbalancer.server.port=9000
- traefik.http.routers.s3-dash.rule=Host(`s3-dash.example.org`)
- traefik.http.routers.s3-dash.entrypoints=secure
- traefik.http.routers.s3-dash.tls.certresolver=cf
- traefik.http.routers.s3-dash.service=s3-dash-service
- traefik.http.services.s3-dash-service.loadbalancer.server.port=80
```
```env
# https://github.com/outline/outline/blob/main/.env.sample
# REQUIRED
NODE_ENV=production
SECRET_KEY=
UTILS_SECRET=
DATABASE_URL=postgres://user:pass@db:5432/outline
PGSSLMODE=disable
REDIS_URL=redis://redis:6379
URL=https://example.org
PORT=3000
COLLABORATION_URL=
AWS_ACCESS_KEY_ID=user
AWS_SECRET_ACCESS_KEY=pass
AWS_S3_ACCELERATE_URL=https://s3.example.org/wiki
AWS_S3_UPLOAD_BUCKET_URL=https://s3.example.org/wiki
AWS_S3_UPLOAD_BUCKET_NAME=wiki
AWS_S3_FORCE_PATH_STYLE=false
# AUTHENTICATION
# Third party signin credentials, at least ONE OF EITHER Google, Slack,
# or Microsoft is required for a working installation or you'll have no sign-in
# options.
# To configure Slack auth, you'll need to create an Application at
# => https://api.slack.com/apps
#
# When configuring the Client ID, add a redirect URL under "OAuth & Permissions":
# https://<URL>/auth/slack.callback
SLACK_CLIENT_ID=
SLACK_CLIENT_SECRET=
# To configure Google auth, you'll need to create an OAuth Client ID at
# => https://console.cloud.google.com/apis/credentials
#
# When configuring the Client ID, add an Authorized redirect URI:
# https://<URL>/auth/google.callback
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
# To configure Microsoft/Azure auth, you'll need to create an OAuth Client. See
# the guide for details on setting up your Azure App:
# => https://wiki.generaloutline.com/share/dfa77e56-d4d2-4b51-8ff8-84ea6608faa4
AZURE_CLIENT_ID=
AZURE_CLIENT_SECRET=
AZURE_RESOURCE_APP_ID=
# To configure generic OIDC auth, you'll need some kind of identity provider.
# See documentation for whichever IdP you use to acquire the following info:
# Redirect URI is https://<URL>/auth/oidc.callback
OIDC_CLIENT_ID=
OIDC_CLIENT_SECRET=
OIDC_AUTH_URI=
OIDC_TOKEN_URI=
OIDC_USERINFO_URI=
# Specify which claims to derive user information from
# Supports any valid JSON path with the JWT payload
OIDC_USERNAME_CLAIM=preferred_username
# Display name for OIDC authentication
OIDC_DISPLAY_NAME=OpenID
# Space separated auth scopes.
OIDC_SCOPES=openid profile email
# OPTIONAL
# Base64 encoded private key and certificate for HTTPS termination. This is only
# required if you do not use an external reverse proxy. See documentation:
# https://wiki.generaloutline.com/share/1c922644-40d8-41fe-98f9-df2b67239d45
SSL_KEY=
SSL_CERT=
# If using a Cloudfront/Cloudflare distribution or similar it can be set below.
# This will cause paths to javascript, stylesheets, and images to be updated to
# the hostname defined in CDN_URL. In your CDN configuration the origin server
# should be set to the same as URL.
CDN_URL=
# Auto-redirect to https in production. The default is true but you may set to
# false if you can be sure that SSL is terminated at an external loadbalancer.
FORCE_HTTPS=false
# Have the installation check for updates by sending anonymized statistics to
# the maintainers
ENABLE_UPDATES=true
# How many processes should be spawned. As a reasonable rule divide your servers
# available memory by 512 for a rough estimate
WEB_CONCURRENCY=1
# Override the maximum size of document imports, could be required if you have
# especially large Word documents with embedded imagery
MAXIMUM_IMPORT_SIZE=5120000
# You can remove this line if your reverse proxy already logs incoming http
# requests and this ends up being duplicative
#DEBUG=http
# For a complete Slack integration with search and posting to channels the
# following configs are also needed, some more details
# => https://wiki.generaloutline.com/share/be25efd1-b3ef-4450-b8e5-c4a4fc11e02a
#
SLACK_VERIFICATION_TOKEN=your_token
SLACK_APP_ID=A0XXXXXXX
SLACK_MESSAGE_ACTIONS=true
# Optionally enable google analytics to track pageviews in the knowledge base
GOOGLE_ANALYTICS_ID=
# Optionally enable Sentry (sentry.io) to track errors and performance,
# and optionally add a Sentry proxy tunnel for bypassing ad blockers in the UI:
# https://docs.sentry.io/platforms/javascript/troubleshooting/#using-the-tunnel-option)
SENTRY_DSN=
SENTRY_TUNNEL=
# To support sending outgoing transactional emails such as "document updated" or
# "you've been invited" you'll need to provide authentication for an SMTP server
SMTP_HOST=
SMTP_PORT=
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_FROM_EMAIL=
SMTP_REPLY_EMAIL=
SMTP_TLS_CIPHERS=
SMTP_SECURE=true
# The default interface language. See translate.getoutline.com for a list of
# available language codes and their rough percentage translated.
DEFAULT_LANGUAGE=en_US
# Optionally enable rate limiter at application web server
RATE_LIMITER_ENABLED=true
# Configure default throttling parameters for rate limiter
RATE_LIMITER_REQUESTS=1000
RATE_LIMITER_DURATION_WINDOW=60
```
Reference in New Issue View Git Blame Copy Permalink