mirror of
https://github.com/Dokploy/templates.git
synced 2026-07-10 00:15:28 +02:00
The template helper's ${password:N} can emit URL-reserved characters
(!@#$%^&*), which corrupt ENGRAM_DATABASE_URL while Postgres receives
the raw password, causing intermittent connection failures on first
deploy. Postgres is not exposed (internal network only), so a static
internal password is safe and matches the convention used by the
umami and documenso templates. Real secrets (JWT, cloud token, admin
token) remain randomly generated.
38 lines
1.0 KiB
YAML
38 lines
1.0 KiB
YAML
version: "3.8"
|
|
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_USER: engram
|
|
POSTGRES_PASSWORD: engram
|
|
POSTGRES_DB: engram_cloud
|
|
volumes:
|
|
- engram-postgres:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U engram -d engram_cloud"]
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 10
|
|
|
|
engram:
|
|
image: ghcr.io/gentleman-programming/engram:1.16.3
|
|
restart: unless-stopped
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
environment:
|
|
ENGRAM_DATABASE_URL: postgres://engram:engram@postgres:5432/engram_cloud?sslmode=disable
|
|
ENGRAM_JWT_SECRET: ${ENGRAM_JWT_SECRET}
|
|
ENGRAM_CLOUD_TOKEN: ${ENGRAM_CLOUD_TOKEN}
|
|
ENGRAM_CLOUD_ADMIN: ${ENGRAM_CLOUD_ADMIN}
|
|
ENGRAM_CLOUD_ALLOWED_PROJECTS: ${ENGRAM_CLOUD_ALLOWED_PROJECTS}
|
|
ENGRAM_CLOUD_HOST: "0.0.0.0"
|
|
ENGRAM_PORT: "8080"
|
|
command: ["cloud", "serve"]
|
|
expose:
|
|
- 8080
|
|
|
|
volumes:
|
|
engram-postgres:
|