version: '2' # Docker: Wekan <=> MongoDB <=> ToroDB => PostgreSQL read-only mirroring # for reporting with SQL, and accessing with any programming language, # reporting package and Office suite that can connect to PostgreSQL. # https://github.com/wekan/wekan-postgresql services: torodb-stampede: image: torodb/stampede:1.0.0-SNAPSHOT networks: - wekan-tier links: - postgres - mongodb environment: - POSTGRES_PASSWORD - TORODB_SETUP=true - TORODB_SYNC_SOURCE=mongodb:27017 - TORODB_BACKEND_HOST=postgres - TORODB_BACKEND_PORT=5432 - TORODB_BACKEND_DATABASE=wekan - TORODB_BACKEND_USER=wekan - TORODB_BACKEND_PASSWORD=wekan - DEBUG postgres: image: postgres:9.6 networks: - wekan-tier environment: - POSTGRES_PASSWORD ports: - "15432:5432" mongodb: image: mongo:3.2 networks: - wekan-tier ports: - "28017:27017" entrypoint: - /bin/bash - "-c" - mongo --nodb --eval ' var db; while (!db) { try { db = new Mongo("mongodb:27017").getDB("local"); } catch(ex) {} sleep(3000); }; rs.initiate({_id:"rs1",members:[{_id:0,host:"mongodb:27017"}]}); ' 1>/dev/null 2>&1 & mongod --replSet rs1 wekan: image: quay.io/wekan/wekan container_name: wekan-app restart: always networks: - wekan-tier ports: - 80:8080 environment: - MONGO_URL=mongodb://mongodb:27017/wekan - ROOT_URL=http://localhost #--------------------------------------------------------------- # == WEKAN API == # Wekan Export Board works when WITH_API='true'. # If you disable Wekan API, Export Board does not work. - WITH_API=true # Optional: Integration with Matomo https://matomo.org that is installed to your server # The address of the server where Matomo is hosted. # example: - MATOMO_ADDRESS=https://example.com/matomo #- MATOMO_ADDRESS= # The value of the site ID given in Matomo server for Wekan # example: - MATOMO_SITE_ID=12345 #- MATOMO_SITE_ID= # The option do not track which enables users to not be tracked by matomo # example: - MATOMO_DO_NOT_TRACK=false #- MATOMO_DO_NOT_TRACK= # The option that allows matomo to retrieve the username: # example: MATOMO_WITH_USERNAME=true #- MATOMO_WITH_USERNAME=false # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. # Setting this to false is not recommended, it also disables all other browser policy protections # and allows all iframing etc. See wekan/server/policy.js - BROWSER_POLICY_ENABLED=true # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside. #- TRUSTED_URL= # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId #- WEBHOOKS_ATTRIBUTES= # Enable the OAuth2 connection # example: OAUTH2_ENABLED=true #- OAUTH2_ENABLED=false # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 # example: OAUTH2_CLIENT_ID=abcde12345 #- OAUTH2_CLIENT_ID= # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde # example: OAUTH2_SECRET=54321abcde #- OAUTH2_SECRET= # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com # example: OAUTH2_SERVER_URL=https://chat.example.com #- OAUTH2_SERVER_URL= # OAuth2 Authorization Endpoint. Example: /oauth/authorize # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize #- OAUTH2_AUTH_ENDPOINT= # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo #- OAUTH2_USERINFO_ENDPOINT= # OAuth2 Token Endpoint. Example: /oauth/token # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token #- OAUTH2_TOKEN_ENDPOINT= # LDAP_ENABLE : Enable or not the connection by the LDAP # example : LDAP_ENABLE=true #- LDAP_ENABLE=false # LDAP_PORT : The port of the LDAP server # example : LDAP_PORT=389 #- LDAP_PORT=389 # LDAP_HOST : The host server for the LDAP server # example : LDAP_HOST=localhost #- LDAP_HOST= # LDAP_BASEDN : The base DN for the LDAP Tree # example : LDAP_BASEDN=ou=user,dc=example,dc=org #- LDAP_BASEDN= # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method # example : LDAP_LOGIN_FALLBACK=true #- LDAP_LOGIN_FALLBACK=false # LDAP_RECONNECT : Reconnect to the server if the connection is lost # example : LDAP_RECONNECT=false #- LDAP_RECONNECT=true # LDAP_TIMEOUT : Overall timeout, in milliseconds # example : LDAP_TIMEOUT=12345 #- LDAP_TIMEOUT=10000 # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds # example : LDAP_IDLE_TIMEOUT=12345 #- LDAP_IDLE_TIMEOUT=10000 # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds # example : LDAP_CONNECT_TIMEOUT=12345 #- LDAP_CONNECT_TIMEOUT=10000 # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search # example : LDAP_AUTHENTIFICATION=true #- LDAP_AUTHENTIFICATION=false # LDAP_AUTHENTIFICATION_USERDN : The search user DN # example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org #- LDAP_AUTHENTIFICATION_USERDN= # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user # example : AUTHENTIFICATION_PASSWORD=admin #- LDAP_AUTHENTIFICATION_PASSWORD= # LDAP_LOG_ENABLED : Enable logs for the module # example : LDAP_LOG_ENABLED=true #- LDAP_LOG_ENABLED=false # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background # example : LDAP_BACKGROUND_SYNC=true #- LDAP_BACKGROUND_SYNC=false # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 #- LDAP_BACKGROUND_SYNC_INTERVAL=100 # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true #- LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true #- LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false # LDAP_ENCRYPTION : If using LDAPS # example : LDAP_ENCRYPTION=ssl #- LDAP_ENCRYPTION=false # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- #- LDAP_CA_CERT= # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate # example : LDAP_REJECT_UNAUTHORIZED=true #- LDAP_REJECT_UNAUTHORIZED=false # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : LDAP_USER_SEARCH_FILTER= #- LDAP_USER_SEARCH_FILTER= # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) # example : LDAP_USER_SEARCH_SCOPE=one #- LDAP_USER_SEARCH_SCOPE= # LDAP_USER_SEARCH_FIELD : Which field is used to find the user # example : LDAP_USER_SEARCH_FIELD=uid #- LDAP_USER_SEARCH_FIELD= # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) # example : LDAP_SEARCH_PAGE_SIZE=12345 #- LDAP_SEARCH_PAGE_SIZE=0 # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) # example : LDAP_SEARCH_SIZE_LIMIT=12345 #- LDAP_SEARCH_SIZE_LIMIT=0 # LDAP_GROUP_FILTER_ENABLE : Enable group filtering # example : LDAP_GROUP_FILTER_ENABLE=true #- LDAP_GROUP_FILTER_ENABLE=false # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering # example : LDAP_GROUP_FILTER_OBJECTCLASS=group #- LDAP_GROUP_FILTER_OBJECTCLASS= # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : # example : #- LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : # example : #- LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : # example : #- LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= # LDAP_GROUP_FILTER_GROUP_NAME : # example : #- LDAP_GROUP_FILTER_GROUP_NAME= # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid #- LDAP_UNIQUE_IDENTIFIER_FIELD= # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 # example : LDAP_UTF8_NAMES_SLUGIFY=false #- LDAP_UTF8_NAMES_SLUGIFY=true # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username #- LDAP_USERNAME_FIELD= # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname # example : LDAP_FULLNAME_FIELD=fullname #- LDAP_FULLNAME_FIELD= # LDAP_MERGE_EXISTING_USERS : # example : LDAP_MERGE_EXISTING_USERS=true #- LDAP_MERGE_EXISTING_USERS=false # LDAP_SYNC_USER_DATA : # example : LDAP_SYNC_USER_DATA=true #- LDAP_SYNC_USER_DATA=false # LDAP_SYNC_USER_DATA_FIELDMAP : # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} #- LDAP_SYNC_USER_DATA_FIELDMAP= # LDAP_SYNC_GROUP_ROLES : # example : #- LDAP_SYNC_GROUP_ROLES= # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # example : #- LDAP_DEFAULT_DOMAIN= depends_on: - mongodb volumes: mongodb: driver: local mongodb-dump: driver: local networks: wekan-tier: driver: bridge