Files
templates/blueprints/engram/docker-compose.yml
Daniel Esteves 01f532d02c fix(engram): use static internal Postgres password in DSN
The template helper's ${password:N} can emit URL-reserved characters
(!@#$%^&*), which corrupt ENGRAM_DATABASE_URL while Postgres receives
the raw password, causing intermittent connection failures on first
deploy. Postgres is not exposed (internal network only), so a static
internal password is safe and matches the convention used by the
umami and documenso templates. Real secrets (JWT, cloud token, admin
token) remain randomly generated.
2026-06-19 19:17:19 -04:00

38 lines
1.0 KiB
YAML

version: "3.8"
services:
postgres:
image: postgres:16-alpine
restart: unless-stopped
environment:
POSTGRES_USER: engram
POSTGRES_PASSWORD: engram
POSTGRES_DB: engram_cloud
volumes:
- engram-postgres:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U engram -d engram_cloud"]
interval: 5s
timeout: 3s
retries: 10
engram:
image: ghcr.io/gentleman-programming/engram:1.16.3
restart: unless-stopped
depends_on:
postgres:
condition: service_healthy
environment:
ENGRAM_DATABASE_URL: postgres://engram:engram@postgres:5432/engram_cloud?sslmode=disable
ENGRAM_JWT_SECRET: ${ENGRAM_JWT_SECRET}
ENGRAM_CLOUD_TOKEN: ${ENGRAM_CLOUD_TOKEN}
ENGRAM_CLOUD_ADMIN: ${ENGRAM_CLOUD_ADMIN}
ENGRAM_CLOUD_ALLOWED_PROJECTS: ${ENGRAM_CLOUD_ALLOWED_PROJECTS}
ENGRAM_CLOUD_HOST: "0.0.0.0"
ENGRAM_PORT: "8080"
command: ["cloud", "serve"]
expose:
- 8080
volumes:
engram-postgres: