plane
plane copied to clipboard
makeplane
Enabling under Traefik example?
Escalating this discussion to an issue and there is no replying over there.
The submitted example does not appear to work and it seems to be related to strict-origin-when-cross-origin
Has any one solved this?
Discussed in https://github.com/orgs/makeplane/discussions/3432
Originally posted by davekeeshan January 22, 2024 Is there an example of plane running under traefik.
I have a cloud server up and running with a wordpress instance and a few other small services already working. I want to add plane to this list.
I can start plane from docker compose (outside the setup.sh script) and it works is I ssh in and port forward to localhost.
However when I try and get plane to run under a subdomain i have if doesn't work. I do get some landing page, but it is just a spinning wheel. So far I have commented out the proxy part of the docker-compose.yml file and added these lines:
networks:
traefik:
external: true
And, which ${PLANE_DOMAIN} is an environment variable:
networks:
- traefik
labels:
# The labels are usefull for Traefik only
- "traefik.enable=true"
- "traefik.docker.network=traefik"
# Get the routes from http
- traefik.http.routers.plane.rule=Host(`${PLANE_DOMAIN}`)
- "traefik.http.routers.plane.entrypoints=web"
# Redirect these routes to https
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.plane.middlewares=redirect-to-https@docker"
# Get the routes from https
- traefik.http.routers.plane-secured.rule=Host(`${PLANE_DOMAIN}`)
- "traefik.http.routers.plane-secured.entrypoints=web-secure"
# Apply autentificiation with http challenge
- "traefik.http.routers.plane-secured.tls=true"
- "traefik.http.routers.plane-secured.tls.certresolver=myhttpchallenge"
This works in other micro services, but not here, what am I missing?
Have have also set
WEB_URL, CORS_ALLOWED_ORIGINS, NEXT_PUBLIC_DEPLOY_URL in the .env script to reflect my subdomain path
I use Traefik (external compose and postgres) - all works correctly
try with small steps, run one container (nginx for example), then replace it on Place, etc. Seems you have misconfigurations with routing
@mmospanenko
Can you post an example of your docker-compose.yml?
When you say external, do you mean available to the world via a domain name? I have this working internally.
(Please refer to the discussion #3432, there were a few steps covered in there that I didn't replicate here, but if it is too confusing that I might have to)
I just used current example but integrated with my env (Ansible and external Traefik services with different compose, proxy network here). Enough dirty, should be cleaned but it works as example
version: '3.8'
x-app-env: &app-env
environment:
- NGINX_PORT=${NGINX_PORT:-80}
- WEB_URL=${WEB_URL:-http://localhost}
- DEBUG=${DEBUG:-0}
- DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-plane.settings.production} # deprecated
- NEXT_PUBLIC_DEPLOY_URL=${NEXT_PUBLIC_DEPLOY_URL:-http://localhost/spaces} # deprecated
- SENTRY_DSN=${SENTRY_DSN:-""}
- SENTRY_ENVIRONMENT=${SENTRY_ENVIRONMENT:-"production"}
- GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-""}
- GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID:-""}
- GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET:-""}
- DOCKERIZED=${DOCKERIZED:-1} # deprecated
- CORS_ALLOWED_ORIGINS=${CORS_ALLOWED_ORIGINS:-""}
# Gunicorn Workers
- GUNICORN_WORKERS=${GUNICORN_WORKERS:-2}
#DB SETTINGS
- PGHOST=${PGHOST:-plane-db}
- PGDATABASE=${PGDATABASE:-plane}
- POSTGRES_USER=${POSTGRES_USER:-plane}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-plane}
- POSTGRES_DB=${POSTGRES_DB:-plane}
- PGDATA=${PGDATA:-/var/lib/postgresql/data}
- DATABASE_URL=${DATABASE_URL:-postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${PGHOST}/${PGDATABASE}}
# REDIS SETTINGS
- REDIS_HOST=${REDIS_HOST:-plane-redis}
- REDIS_PORT=${REDIS_PORT:-6379}
- REDIS_URL=${REDIS_URL:-redis://${REDIS_HOST}:6379/}
# EMAIL SETTINGS - Deprecated can be configured through admin panel
- EMAIL_HOST=${EMAIL_HOST:-""}
- EMAIL_HOST_USER=${EMAIL_HOST_USER:-""}
- EMAIL_HOST_PASSWORD=${EMAIL_HOST_PASSWORD:-""}
- EMAIL_PORT=${EMAIL_PORT:-587}
- EMAIL_FROM=${EMAIL_FROM:-"Team Plane <[email protected]>"}
- EMAIL_USE_TLS=${EMAIL_USE_TLS:-1}
- EMAIL_USE_SSL=${EMAIL_USE_SSL:-0}
- DEFAULT_EMAIL=${DEFAULT_EMAIL:[email protected]}
- DEFAULT_PASSWORD=${DEFAULT_PASSWORD}
# OPENAI SETTINGS - Deprecated can be configured through admin panel
- OPENAI_API_BASE=${OPENAI_API_BASE:-https://api.openai.com/v1}
- OPENAI_API_KEY=${OPENAI_API_KEY:-""}
- GPT_ENGINE=${GPT_ENGINE:-"gpt-3.5-turbo"}
# LOGIN/SIGNUP SETTINGS - Deprecated can be configured through admin panel
- ENABLE_SIGNUP=${ENABLE_SIGNUP:-1}
- ENABLE_EMAIL_PASSWORD=${ENABLE_EMAIL_PASSWORD:-1}
- ENABLE_MAGIC_LINK_LOGIN=${ENABLE_MAGIC_LINK_LOGIN:-0}
# Application secret
- SECRET_KEY=${SECRET_KEY}
# DATA STORE SETTINGS
- USE_MINIO=${USE_MINIO:-1}
- AWS_REGION=${AWS_REGION:-""}
- AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-"access-key"}
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-"secret-key"}
- AWS_S3_ENDPOINT_URL=${AWS_S3_ENDPOINT_URL:-http://plane-minio:9000}
- AWS_S3_BUCKET_NAME=${AWS_S3_BUCKET_NAME:-uploads}
- MINIO_ROOT_USER=${MINIO_ROOT_USER:-"access-key"}
- MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD:-"secret-key"}
- BUCKET_NAME=${BUCKET_NAME:-uploads}
- FILE_SIZE_LIMIT=${FILE_SIZE_LIMIT:-5242880}
services:
web:
<<: *app-env
image: makeplane/plane-frontend:{{ plane_version }}
restart: unless-stopped
command: /usr/local/bin/start.sh web/server.js web
depends_on:
- api
- worker
expose:
- '3000'
networks:
- plane
space:
<<: *app-env
image: makeplane/plane-space:{{ plane_version }}
restart: always
command: /usr/local/bin/start.sh space/server.js space
depends_on:
- api
- worker
- web
networks:
- plane
api:
<<: *app-env
image: makeplane/plane-backend:{{ plane_version }}
restart: unless-stopped
depends_on:
- plane-redis
- plane-minio
expose:
- '8000'
networks:
- plane
- services
command: ./bin/takeoff
worker:
<<: *app-env
image: makeplane/plane-backend:{{ plane_version }}
depends_on:
- plane-redis
- api
command: ./bin/worker
networks:
- plane
- services
beat-worker:
<<: *app-env
image: makeplane/plane-backend:{{ plane_version }}
depends_on:
- plane-redis
- api
command: ./bin/beat
networks:
- plane
- services
plane-redis:
<<: *app-env
image: redis:6.2.7-alpine
restart: always
volumes:
- redisdata:/data
networks:
- plane
proxy:
<<: *app-env
image: makeplane/plane-proxy:{{ plane_version }}
restart: always
expose:
- '80'
environment:
FILE_SIZE_LIMIT: ${FILE_SIZE_LIMIT:-5242880}
BUCKET_NAME: ${AWS_S3_BUCKET_NAME:-uploads}
depends_on:
- web
- api
- space
networks:
- plane
- proxy
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.plane.rule=Host(`{{ server_name }}`)'
- 'traefik.http.services.plane.loadbalancer.server.port=80'
- 'traefik.http.routers.plane.entrypoints=websecure'
- 'traefik.http.routers.plane.tls.certresolver=letsEncrypt'
plane-minio:
<<: *app-env
image: minio/minio
restart: unless-stopped
command: server /export --console-address ":9090"
volumes:
- ./data/uploads:/export
networks:
- plane
volumes:
redisdata:
networks:
plane:
proxy:
name: '{{ proxy_network }}'
external: true
services:
name: '{{ services_network }}'
external: true