Delmar/docker_dev
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Julieñ
2025-11-17 18:45:35 +01:00
parent 0f58e3bdff
commit 14d6f9aa73
7607 changed files with 1969407 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

366
lowcoder/deploy/docker/Dockerfile Normal file
View File

@@ -0,0 +1,366 @@
##
## Build Lowcoder api-service application
##
FROM maven:3.9-eclipse-temurin-17 AS build-api-service
# Build lowcoder-api
COPY ./server/api-service /lowcoder-server
WORKDIR /lowcoder-server
RUN --mount=type=cache,target=/root/.m2 mvn -f pom.xml clean package -DskipTests
# Create required folder structure
RUN mkdir -p /lowcoder/api-service/config /lowcoder/api-service/logs /lowcoder/plugins
# Copy lowcoder server configuration
COPY server/api-service/lowcoder-server/src/main/resources/application.yaml /lowcoder/api-service/config/
# Add bootstrapfile
COPY deploy/docker/api-service/entrypoint.sh /lowcoder/api-service/entrypoint.sh
COPY deploy/docker/api-service/init.sh /lowcoder/api-service/init.sh
ENV JAVA_OPTS="-Xmx2G -Xms512M"
RUN chmod +x /lowcoder/api-service/*.sh
##
## Intermediary Lowcoder api-service image
##
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-api-service --target lowcoder-ce-api-service .
##
FROM eclipse-temurin:17-jammy AS lowcoder-ce-api-service
LABEL maintainer="lowcoder"
RUN apt-get update && apt-get install -y --no-install-recommends gosu \
&& rm -rf /var/cache/apt/lists \
&& addgroup --system --gid 9001 lowcoder \
&& adduser --system --disabled-password --no-create-home --uid 9001 --gid 9001 lowcoder
# Copy lowcoder server configuration
COPY --chown=lowcoder:lowcoder --from=build-api-service /lowcoder/api-service /lowcoder/api-service
# Copy lowcoder api service app, dependencies and libs
COPY --chown=lowcoder:lowcoder --from=build-api-service /lowcoder-server/lowcoder-server/target/lowcoder-api-service-bin/lowcoder-api-service.jar /lowcoder/api-service/lowcoder-api-service.jar
COPY --chown=lowcoder:lowcoder --from=build-api-service /lowcoder-server/lowcoder-server/target/lowcoder-api-service-bin/libs /lowcoder/api-service/libs
COPY --chown=lowcoder:lowcoder --from=build-api-service /lowcoder-server/lowcoder-server/target/lowcoder-api-service-bin/plugins /lowcoder/api-service/plugins
EXPOSE 8080
CMD [ "/bin/bash" , "/lowcoder/api-service/entrypoint.sh" ]
#############################################################################
##
## Build lowcoder node service
##
FROM ubuntu:jammy AS build-node-service
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y curl ca-certificates build-essential gnupg
# Add nodejs repo and keys
RUN mkdir -p /etc/apt/keyrings \
&& curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
&& echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
# Download nodejs and install yarn
RUN apt-get update \
&& apt-get install --no-install-recommends -y nodejs \
&& npm install -g yarn
# Copy and build the node-service app
COPY server/node-service/ /lowcoder/node-service/app/
WORKDIR /lowcoder/node-service/app/
RUN yarn --immutable
RUN yarn build
# Copy startup script
COPY deploy/docker/node-service/entrypoint.sh /lowcoder/node-service/entrypoint.sh
COPY deploy/docker/node-service/init.sh /lowcoder/node-service/init.sh
RUN chmod +x /lowcoder/node-service/*.sh
##
## Intermediary Lowcoder node service image
##
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-node-service --target lowcoder-ce-node-service .
##
FROM ubuntu:jammy AS lowcoder-ce-node-service
LABEL maintainer="lowcoder"
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y curl ca-certificates gnupg
# Add nodejs repo and keys
RUN mkdir -p /etc/apt/keyrings \
&& curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
&& echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
# Download nodejs and install yarn
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y nodejs gosu \
&& npm install -g yarn \
&& rm -rf /var/cache/apt/lists \
&& addgroup --system --gid 9001 lowcoder \
&& adduser --system --disabled-password --no-create-home --uid 9001 --gid 9001 lowcoder
COPY --from=build-node-service /lowcoder/node-service /lowcoder/node-service
EXPOSE 6060
CMD [ "/bin/sh", "/lowcoder/node-service/entrypoint.sh" ]
#############################################################################
##
## Build lowcoder client application
##
FROM node:20.2-slim AS build-client
# curl is required for yarn build to succeed, because it calls it while building client
RUN apt-get update && apt-get install -y --no-install-recommends curl ca-certificates
# Build client
COPY ./client /lowcoder-client
WORKDIR /lowcoder-client
RUN yarn --immutable
ARG REACT_APP_COMMIT_ID=test
ARG REACT_APP_ENV=production
ARG REACT_APP_EDITION=community
ARG REACT_APP_DISABLE_JS_SANDBOX=true
RUN yarn build
# Build lowcoder-comps
WORKDIR /lowcoder-client/packages/lowcoder-comps
RUN yarn install
RUN yarn build
RUN tar -zxf lowcoder-comps-*.tgz && mv package lowcoder-comps
# Build lowcoder-sdk
WORKDIR /lowcoder-client/packages/lowcoder-sdk
RUN yarn install
RUN yarn build
WORKDIR /lowcoder-client/packages/lowcoder-sdk-webpack-bundle
RUN yarn install
RUN yarn build
##
## Intermediary Lowcoder client image
##
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-frontend --target lowcoder-ce-frontend .
##
FROM nginx:1.27.1 AS lowcoder-ce-frontend
LABEL maintainer="lowcoder"
# Change default nginx user into lowcoder user and remove default nginx config
RUN usermod --login lowcoder --uid 9001 nginx \
&& groupmod --new-name lowcoder --gid 9001 nginx \
&& rm -f /etc/nginx/nginx.conf \
&& mkdir -p /lowcoder/assets
# Copy lowcoder client
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder/build/ /lowcoder/client
# Copy lowcoder components
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-comps/lowcoder-comps /lowcoder/client-comps
# Copy lowcoder SDK
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-sdk /lowcoder/client-sdk
# Copy lowcoder SDK webpack bundle
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-sdk-webpack-bundle/dist /lowcoder/client-embed
# Copy additional nginx init scripts
COPY deploy/docker/frontend/00-change-nginx-user.sh /docker-entrypoint.d/00-change-nginx-user.sh
COPY deploy/docker/frontend/01-update-nginx-conf.sh /docker-entrypoint.d/01-update-nginx-conf.sh
RUN chmod +x /docker-entrypoint.d/00-change-nginx-user.sh && \
chmod +x /docker-entrypoint.d/01-update-nginx-conf.sh
COPY deploy/docker/frontend/server.conf /etc/nginx/server.conf
COPY deploy/docker/frontend/nginx-http.conf /etc/nginx/nginx-http.conf
COPY deploy/docker/frontend/nginx-https.conf /etc/nginx/nginx-https.conf
COPY deploy/docker/frontend/ssl-certificate.conf /etc/nginx/ssl-certificate.conf
COPY deploy/docker/frontend/ssl-params.conf /etc/nginx/ssl-params.conf
EXPOSE 3000
EXPOSE 3443
#############################################################################
##
## Build lowcoder client (Enterprise) application
##
FROM node:20.2-slim AS build-client-ee
# curl is required for yarn build to succeed, because it calls it while building client
RUN apt-get update && apt-get install -y --no-install-recommends curl ca-certificates
# Build client
COPY ./client /lowcoder-client-ee
WORKDIR /lowcoder-client-ee
RUN yarn --immutable
ARG REACT_APP_COMMIT_ID=test
ARG REACT_APP_ENV=production
ARG REACT_APP_EDITION=enterprise
ARG REACT_APP_DISABLE_JS_SANDBOX=true
RUN yarn build:ee
# Build lowcoder-comps
WORKDIR /lowcoder-client-ee/packages/lowcoder-comps
RUN yarn install
RUN yarn build
RUN tar -zxf lowcoder-comps-*.tgz && mv package lowcoder-comps
# Build lowcoder-sdk
WORKDIR /lowcoder-client-ee/packages/lowcoder-sdk
RUN yarn install
RUN yarn build
WORKDIR /lowcoder-client-ee/packages/lowcoder-sdk-webpack-bundle
RUN yarn install
RUN yarn build
##
## Intermediary Lowcoder client (Enterprise) image
##
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ee-frontend --target lowcoder-ee-frontend .
##
FROM nginx:1.27.1 AS lowcoder-enterprise-frontend
LABEL maintainer="lowcoder"
# Change default nginx user into lowcoder user and remove default nginx config
RUN usermod --login lowcoder --uid 9001 nginx \
&& groupmod --new-name lowcoder --gid 9001 nginx \
&& rm -f /etc/nginx/nginx.conf \
&& mkdir -p /lowcoder/assets
# Copy lowcoder client
COPY --chown=lowcoder:lowcoder --from=build-client-ee /lowcoder-client-ee/packages/lowcoder/build/ /lowcoder/client
# Copy lowcoder components
COPY --chown=lowcoder:lowcoder --from=build-client-ee /lowcoder-client-ee/packages/lowcoder-comps/lowcoder-comps /lowcoder/client-comps
# Copy lowcoder SDK
COPY --chown=lowcoder:lowcoder --from=build-client-ee /lowcoder-client-ee/packages/lowcoder-sdk /lowcoder/client-sdk
# Copy lowcoder SDK webpack bundle
COPY --chown=lowcoder:lowcoder --from=build-client-ee /lowcoder-client-ee/packages/lowcoder-sdk-webpack-bundle/dist /lowcoder/client-embed
# Copy additional nginx init scripts
COPY deploy/docker/frontend/00-change-nginx-user.sh /docker-entrypoint.d/00-change-nginx-user.sh
COPY deploy/docker/frontend/01-update-nginx-conf.sh /docker-entrypoint.d/01-update-nginx-conf.sh
RUN chmod +x /docker-entrypoint.d/00-change-nginx-user.sh && \
chmod +x /docker-entrypoint.d/01-update-nginx-conf.sh
COPY deploy/docker/frontend/server.conf /etc/nginx/server.conf
COPY deploy/docker/frontend/nginx-http.conf /etc/nginx/nginx-http.conf
COPY deploy/docker/frontend/nginx-https.conf /etc/nginx/nginx-https.conf
COPY deploy/docker/frontend/ssl-certificate.conf /etc/nginx/ssl-certificate.conf
COPY deploy/docker/frontend/ssl-params.conf /etc/nginx/ssl-params.conf
EXPOSE 3000
EXPOSE 3444
#############################################################################
##
## Build Lowcoder all-in-one image
##
FROM ubuntu:jammy
LABEL maintainer="lowcoder"
# Install essential tools
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y curl ca-certificates gnupg bash lsb-release \
&& rm -rf /var/cache/apt/lists /var/lib/apt/lists/* /var/log/dpkg.log \
&& apt-get clean
# Add required apt repositories and signing keys
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/nodesource-keyring.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \
&& curl -fsSL https://packages.redis.io/gpg | gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb `lsb_release -cs` main" | tee /etc/apt/sources.list.d/redis.list \
&& curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | gpg --dearmor -o /usr/share/keyrings/mongodb-archive-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/mongodb-archive-keyring.gpg] https://repo.mongodb.org/apt/ubuntu `lsb_release -cs`/mongodb-org/7.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list \
&& curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
# Install required packages
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends -y \
nginx=1.27.1-1~jammy \
mongodb-org \
redis \
supervisor \
gosu \
nodejs \
openjdk-17-jdk-headless \
&& npm install -g yarn \
&& rm -rf /var/cache/apt/lists /var/lib/apt/lists/* /var/log/dpkg.log \
&& apt-get clean \
&& rm -rf /tmp/*
# Use configuration setup from official nginx image
RUN rm -rf /etc/nginx/nginx.conf
COPY --from=nginx:1.27.1 /docker-entrypoint.d /docker-entrypoint.d
COPY --from=nginx:1.27.1 /docker-entrypoint.sh /docker-entrypoint.sh
# Add lowcoder user
RUN usermod --login lowcoder --uid 9001 nginx \
&& groupmod --new-name lowcoder --gid 9001 nginx
# Copy additional nginx init scripts and configs
COPY --chmod=0755 deploy/docker/frontend/00-change-nginx-user.sh /docker-entrypoint.d/00-change-nginx-user.sh
COPY --chmod=0755 deploy/docker/frontend/01-update-nginx-conf.sh /docker-entrypoint.d/01-update-nginx-conf.sh
COPY deploy/docker/frontend/server.conf /etc/nginx/server.conf
COPY deploy/docker/frontend/nginx-http.conf /etc/nginx/nginx-http.conf
COPY deploy/docker/frontend/nginx-https.conf /etc/nginx/nginx-https.conf
COPY deploy/docker/frontend/ssl-certificate.conf /etc/nginx/ssl-certificate.conf
COPY deploy/docker/frontend/ssl-params.conf /etc/nginx/ssl-params.conf
# Add lowcoder frontend
# copy lowcoder client
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder/build/ /lowcoder/client
# copy lowcoder components
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-comps/lowcoder-comps /lowcoder/client-comps
# copy lowcoder SDK
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-sdk /lowcoder/client-sdk
# copy lowcoder SDK webpack bundle
COPY --chown=lowcoder:lowcoder --from=build-client /lowcoder-client/packages/lowcoder-sdk-webpack-bundle/dist /lowcoder/client-embed
RUN mkdir -p /lowcoder/assets/ && chown lowcoder:lowcoder /lowcoder/assets/
# Add lowcoder api-service
COPY --chown=lowcoder:lowcoder --from=lowcoder-ce-api-service /lowcoder/api-service /lowcoder/api-service
RUN mkdir -p /lowcoder/plugins/ && chown lowcoder:lowcoder /lowcoder/plugins/
# Add lowcoder node-service
COPY --chown=lowcoder:lowcoder --from=lowcoder-ce-node-service /lowcoder/node-service /lowcoder/node-service
# Add services configuration
COPY --chown=lowcoder:lowcoder deploy/docker/all-in-one/etc /lowcoder/etc
# Add startup script
COPY --chown=lowcoder:lowcoder --chmod=0755 deploy/docker/all-in-one/entrypoint.sh /lowcoder/entrypoint.sh
# Copy default environment properties
COPY --chown=lowcoder:lowcoder deploy/docker/default.env /lowcoder/etc/default.env
# Fixes for OpenShift compatibility (after all files are copied)
RUN echo \
&& adduser lowcoder root \
&& mkdir -p /lowcoder-stacks \
&& for i in /lowcoder-stacks /lowcoder/assets /lowcoder/api-service/logs /lowcoder/etc/supervisord; do \
chmod -R g+rw "$i"; \
chown -R lowcoder:root "$i"; \
done \
&& chown -R lowcoder:root /var/log \
&& chmod -R g+rw /run /etc/nginx /var/cache/nginx /var/log
EXPOSE 27017
EXPOSE 3000
EXPOSE 3443
ENTRYPOINT [ "/bin/sh" , "/lowcoder/entrypoint.sh" ]
CMD ["/usr/bin/supervisord", "-n" , "-c" , "/lowcoder/etc/supervisord.conf"]

207
lowcoder/deploy/docker/README.md Normal file
View File

@@ -0,0 +1,207 @@
# Lowcoder docker image
Included Dockerfile can be used to build an **all-in-one** image with all required services installed and running within one container, or separate images for frontend and backend services.
For examples on running the all-in-one image or the multi image deployment see **deploy/docker/docker-compose.yaml** and **deploy/docker/docker-compose-multi.yaml**
Environment variables used to configure various aspects of the services are stored in **default.env**, **default-multi.env** and **override.env**. Look into the **default** files to see which variables can be set and what are the default values. To change the defaults, use **override.env**. You don't have to use **--env-file** parameter with **doker compose** because the files are loaded from within `docker-compose.yaml` and `docker-compose-multi.yaml`.
## all-in-one image
This image contains all services needed to run Lowcoder platform in one container.
### Building the image
This is the default target and can be built by running following command from project root:
```
DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce .
```
### Configuration
Image can be configured by setting environment variables.
| Environment variable | Description | Default-Value |
|-------------------------------------| ----------------------------------------------------------------------- | ----------------------------------------------------- |
| `LOWCODER_REDIS_ENABLED` | If **true** redis server is started in the container | `true` |
| `LOWCODER_MONGODB_ENABLED` | If **true** mongo database is started in the container | `true` |
| `LOWCODER_MONGODB_EXPOSED` | If **true** mongo database accept connections from outside the docker | `false` |
| `LOWCODER_API_SERVICE_ENABLED` | If **true** lowcoder api-service is started in the container | `true` |
| `LOWCODER_NODE_SERVICE_ENABLED` | If **true** lowcoder node-service is started in the container | `true` |
| `LOWCODER_FRONTEND_ENABLED` | If **true** lowcoder web frontend is started in the container | `true` |
| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` |
| `LOWCODER_PGID` | ID of group of the user running services. | `9001` |
| `LOWCODER_MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` |
| `LOWCODER_REDIS_URL` | Redis server URL | `redis://localhost:6379` |
| `LOWCODER_DB_ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` |
| `LOWCODER_DB_ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` |
| `LOWCODER_CORS_DOMAINS` | CORS allowed domains | `*` |
| `LOWCODER_PUBLIC_URL` | The URL of the public User Interface | `localhost:3000` |
| `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` |
| `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` |
| `LOWCODER_DEFAULT_QUERY_TIMEOUT` | Lowcoder default query timeout (in seconds) | `10` |
| `LOWCODER_API_RATE_LIMIT` | Number of max Request per Second | `100` |
| `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` |
| `LOWCODER_NODE_SERVICE_URL` | Lowcoder Node service (js executor) URL | `http://localhost:6060` |
| `LOWCODER_NODE_SERVICE_SECRET` | Secret used for encrypting communication between API service and Node service - CHANGE IT! | |
| `LOWCODER_NODE_SERVICE_SALT` | Salt used for encrypting communication between API service and Node service - CHANGE IT! | |
| `LOWCODER_MAX_ORGS_PER_USER` | Default maximum organizations per user | `100` |
| `LOWCODER_MAX_MEMBERS_PER_ORG` | Default maximum members per organization | `1000` |
| `LOWCODER_MAX_GROUPS_PER_ORG` | Default maximum groups per organization | `100` |
| `LOWCODER_MAX_APPS_PER_ORG` | Default maximum applications per organization | `1000` |
| `LOWCODER_MAX_DEVELOPERS` | Default maximum developers | `100` |
| `LOWCODER_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` |
| `LOWCODER_EMAIL_SIGNUP_ENABLED` | Control if users create their own Workspace automatic when Sign Up | `true` |
| `LOWCODER_EMAIL_AUTH_ENABLED` | Controls whether authentication via email is enabled | `true` |
| `LOWCODER_CREATE_WORKSPACE_ON_SIGNUP` | IF LOWCODER_WORKSPACE_MODE = SAAS, controls if a own workspace is created for the user after sign up | `true` |
| `LOWCODER_MARKETPLACE_PRIVATE_MODE` | Control if not to show Apps on the local Marketplace to anonymous users | `true` |
| `LOWCODER_SUPERUSER_USERNAME` | Username of the Super-User of an Lowcoder Installation | `admin@localhost` |
| `LOWCODER_SUPERUSER_PASSWORD` | Password of the Super-User, if not present or empty, it will be generated | `generated and printed into log file |
| `LOWCODER_PLUGINS_DIR` | Directory holding lowcoder plugins | `/lowcoder-stacks/plugins` |
| `LOWCODER_COOKIE_NAME` | Name of the lowcoder application cookie | `LOWCODER_CE_SELFHOST_TOKEN` |
| `LOWCODER_COOKIE_MAX_AGE` | Lowcoder application cookie max age in hours | `24` |
| `LOWCODER_APP_SNAPSHOT_RETENTIONTIME` | Application snapshots retention time in days | `30` |
Also you should set the API-KEY secret, whcih should be a string of at least 32 random characters. (from Lowcoder v2.3.x on)
On linux/mac, generate one eg. with: `head /dev/urandom | head -c 30 | shasum -a 256`
| Environment variable | Description | Default-Value |
|-------------------------------------| ----------------------------------------------------------------------- | ----------------------------------------------------- |
| `LOWCODER_API_KEY_SECRET` | String to encrypt/sign API Keys that users may create | |
To enable secure Password Reset flow for the users, you need to configure your own SMTP Server. You can do this with the following Variables (from Lowcoder v2.4.x on):
| Environment Variable | Description | Default Value |
|-------------------------------------------|---------------------------------------------------------|----------------------|
| `LOWCODER_ADMIN_SMTP_HOST` | SMTP Hostname of your Mail Relay Server | |
| `LOWCODER_ADMIN_SMTP_PORT` | Port number for the SMTP service | `587` |
| `LOWCODER_ADMIN_SMTP_USERNAME` | Username for SMTP authentication | |
| `LOWCODER_ADMIN_SMTP_PASSWORD` | Password for SMTP authentication | |
| `LOWCODER_ADMIN_SMTP_AUTH` | Enable SMTP authentication | `true` |
| `LOWCODER_ADMIN_SMTP_SSL_ENABLED` | Enable SSL encryption | `false` |
| `LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED` | Enable STARTTLS encryption | `true` |
| `LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED` | Require STARTTLS encryption | `true` |
| `LOWCODER_EMAIL_NOTIFICATIONS_SENDER` | "from" Email address of the password Reset Email Sender | `info@localhost` |
## Building api-service image
Standalone Lowcoder api-service image.
### Building the image
From project root run:
```
DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-api-service --target lowcoder-ce-api-service .
```
### Configuration
Image can be configured by setting environment variables.
| Environment variable | Description | Default-Value |
| --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------|
| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` |
| `LOWCODER_PGID` | ID of group of the user running services. | `9001` |
| `LOWCODER_MONGODB_URL` | Mongo database connection string | `mongodb://localhost:27017/lowcoder?authSource=admin` |
| `LOWCODER_REDIS_URL` | Redis server URL | `redis://localhost:6379` |
| `LOWCODER_DB_ENCRYPTION_PASSWORD` | Encryption password | `lowcoder.org` |
| `LOWCODER_DB_ENCRYPTION_SALT` | Salt used for encrypting password | `lowcoder.org` |
| `LOWCODER_CORS_DOMAINS` | CORS allowed domains | `*` |
| `LOWCODER_PUBLIC_URL` | The URL of the public User Interface | `localhost:3000` |
| `LOWCODER_MAX_ORGS_PER_USER` | Default maximum organizations per user | `100` |
| `LOWCODER_MAX_MEMBERS_PER_ORG` | Default maximum members per organization | `1000` |
| `LOWCODER_MAX_GROUPS_PER_ORG` | Default maximum groups per organization | `100` |
| `LOWCODER_MAX_APPS_PER_ORG` | Default maximum applications per organization | `1000` |
| `LOWCODER_MAX_DEVELOPERS` | Default maximum developers | `100` |
| `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` |
| `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` |
| `LOWCODER_DEFAULT_QUERY_TIMEOUT`| Lowcoder default query timeout (in seconds) | `10` |
| `LOWCODER_WORKSPACE_MODE` | SAAS to activate, ENTERPRISE to switch off - Workspaces | `SAAS` |
| `LOWCODER_EMAIL_SIGNUP_ENABLED` | Control is users can create their own Workspace when Sign Up | `true` |
| `LOWCODER_CREATE_WORKSPACE_ON_SIGNUP` | IF LOWCODER_WORKSPACE_MODE = SAAS, controls if a own workspace is created for the user after sign up | `true` |
| `LOWCODER_MARKETPLACE_PRIVATE_MODE` | Control if not to show Apps on the local Marketplace to anonymous users | `true` |
| `LOWCODER_SUPERUSER_USERNAME` | Username of the Super-User of an Lowcoder Installation | `admin@localhost` |
| `LOWCODER_SUPERUSER_PASSWORD` | Password of the Super-User, if not present or empty, it will be generated | `generated and printed into log file |
| `LOWCODER_PLUGINS_DIR` | Directory holding lowcoder plugins | `/lowcoder-stacks/plugins` |
| `LOWCODER_COOKIE_NAME` | Name of the lowcoder application cookie | `LOWCODER_CE_SELFHOST_TOKEN` |
| `LOWCODER_COOKIE_MAX_AGE` | Lowcoder application cookie max age in hours | `24` |
| `LOWCODER_APP_SNAPSHOT_RETENTIONTIME` | Application snapshots retention time in days | `30` |
| `LOWCODER_NODE_SERVICE_SECRET` | Secret used for encrypting communication between API service and Node service - CHANGE IT! | |
| `LOWCODER_NODE_SERVICE_SALT` | Salt used for encrypting communication between API service and Node service - CHANGE IT! | |
Also you should set the API-KEY secret, whcih should be a string of at least 32 random characters. (from Lowcoder v2.3.x on)
On linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
| Environment variable | Description | Default-Value |
|-------------------------------------| ----------------------------------------------------------------------- | ----------------------------------------------------- |
| `LOWCODER_API_KEY_SECRET` | String to encrypt/sign API Keys that users may create | |
To enable secure Password Reset flow for the users, you need to configure your own SMTP Server. You can do this with the following Variables (from Lowcoder v2.4.x on):
| Environment Variable | Description | Default Value |
|-------------------------------------------|---------------------------------------------------------|----------------------|
| `LOWCODER_ADMIN_SMTP_HOST` | SMTP Hostname of your Mail Relay Server | |
| `LOWCODER_ADMIN_SMTP_PORT` | Port number for the SMTP service | `587` |
| `LOWCODER_ADMIN_SMTP_USERNAME` | Username for SMTP authentication | |
| `LOWCODER_ADMIN_SMTP_PASSWORD` | Password for SMTP authentication | |
| `LOWCODER_ADMIN_SMTP_AUTH` | Enable SMTP authentication | `true` |
| `LOWCODER_ADMIN_SMTP_SSL_ENABLED` | Enable SSL encryption | `false` |
| `LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED` | Enable STARTTLS encryption | `true` |
| `LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED` | Require STARTTLS encryption | `true` |
| `LOWCODER_EMAIL_NOTIFICATIONS_SENDER` | "from" Email address of the password Reset Email Sender | `info@localhost` |
## Building node-service image
Standalone Lowcoder node-service (JS executor) image.
### Building the image
From project root run:
```
DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-node-service --target lowcoder-ce-node-service .
```
### Configuration
Image can be configured by setting environment variables.
| Environment variable | Description | Default-Value |
| --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------- |
| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` |
| `LOWCODER_PGID` | ID of group of the user running services. | `9001` |
| `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` |
| `LOWCODER_NODE_SERVICE_SECRET` | Secret used for encrypting communication between API service and Node service - CHANGE IT! | |
| `LOWCODER_NODE_SERVICE_SALT` | Salt used for encrypting communication between API service and Node service - CHANGE IT! | |
## Building web frontend image
Standalone Lowcoder web frontend image.
### Building the image
From project root run:
```
DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-frontend --target lowcoder-ce-frontend .
```
### Configuration
Image can be configured by setting environment variables.
| Environment variable | Description | Default-Value |
| --------------------------------| --------------------------------------------------------------------| ------------------------------------------------------- |
| `LOWCODER_PUID` | ID of user running services. It will own all created logs and data. | `9001` |
| `LOWCODER_PGID` | ID of group of the user running services. | `9001` |
| `LOWCODER_MAX_QUERY_TIMEOUT` | Lowcoder max query timeout (in seconds) | `120` |
| `LOWCODER_MAX_REQUEST_SIZE` | Lowcoder max request size | `20m` |
| `LOWCODER_API_SERVICE_URL` | Lowcoder API service URL | `http://localhost:8080` |
| `LOWCODER_NODE_SERVICE_URL` | Lowcoder Node service (js executor) URL | `http://localhost:6060` |

106
lowcoder/deploy/docker/all-in-one/entrypoint.sh Normal file
View File

@@ -0,0 +1,106 @@
#!/bin/bash
set -e
export USER_ID=${LOWCODER_PUID:=9001}
export GROUP_ID=${LOWCODER_PGID:=9001}
# Set default variable values
echo "Overriding default environment variables:"
for line in `grep '^[ \t]*LOWCODER_.*$' /lowcoder/etc/default.env`; do
VARNAME=`echo ${line} | sed -e 's/^\([A-Z0-9_]\+\)\([ \t]*=[ \t]*\)\(.*\)$/\1/'`
if [ -z "$(eval echo \"\$$VARNAME\")" ]; then
export $(eval echo "${line}")
else
echo " ${line}"
fi;
done;
echo "Done."
# Update ID of lowcoder user if required
if [ ! "$(id --user lowcoder)" -eq ${USER_ID} ]; then
usermod --uid ${USER_ID} lowcoder
echo "ID for lowcoder user changed to: ${USER_ID}"
fi;
# Update ID of lowcoder group if required
if [ ! "$(id --group lowcoder)" -eq ${GROUP_ID} ]; then
groupmod --gid ${GROUP_ID} lowcoder
echo "ID for lowcoder group changed to: ${GROUP_ID}"
fi;
# Update host on which mongo is supposed to listen
# If LOWCODER_MONGODB_EXPOSED is true, it will listen on all interfaces
if [ "${LOWCODER_MONGODB_EXPOSED}" = "true" ]; then
export MONGO_LISTEN_HOST="0.0.0.0"
else
export MONGO_LISTEN_HOST="127.0.0.1"
fi;
# Set the default mongodb connection string if not set explicitly
if [ -z "${LOWCODER_MONGODB_URL}" ]; then
export LOWCODER_MONGODB_URL="mongodb://localhost:27017/lowcoder?authSource=admin"
fi;
LOGS="/lowcoder-stacks/logs"
DATA="/lowcoder-stacks/data"
CERT="/lowcoder-stacks/ssl"
# Create folder for holding application logs and data
mkdir -p ${LOGS}/redis \
${LOGS}/mongodb \
${LOGS}/api-service \
${LOGS}/node-service \
${LOGS}/frontend \
${DATA}/redis \
${DATA}/mongodb \
${CERT}
# Update owner of logs and data - do not try if not running as root (OpenShift)
if [ "$(id -u)" -eq 0 ]; then
chown -R "${USER_ID}:${GROUP_ID}" /lowcoder-stacks/ /lowcoder/etc
fi
# Enable services
SUPERVISOR_AVAILABLE="/lowcoder/etc/supervisord/conf-available"
SUPERVISOR_ENABLED="/lowcoder/etc/supervisord/conf-enabled"
# Create folder for supervisor conf-enabled
mkdir -p ${SUPERVISOR_ENABLED}
# Recreate links to enabled services
rm -f ${SUPERVISOR_ENABLED}/*.conf
# Enable redis if configured to run
if [ "${LOWCODER_REDIS_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/01-redis.conf ${SUPERVISOR_ENABLED}/01-redis.conf
fi;
# Enable mongodb if configured to run
if [ "${LOWCODER_MONGODB_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/02-mongodb.conf ${SUPERVISOR_ENABLED}/02-mongodb.conf
fi;
# Enable api-service if configured to run
if [ "${LOWCODER_API_SERVICE_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/10-api-service.conf ${SUPERVISOR_ENABLED}/10-api-service.conf
fi;
# Enable node-service if configured to run
if [ "${LOWCODER_NODE_SERVICE_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/11-node-service.conf ${SUPERVISOR_ENABLED}/11-node-service.conf
fi;
# Enable frontend if configured to run
if [ "${LOWCODER_FRONTEND_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/20-frontend.conf ${SUPERVISOR_ENABLED}/20-frontend.conf
fi;
# disable user directive if image is running non-root (Openshift)
if [ "$(id -u)" -ne 0 ]; then
for i in "${SUPERVISOR_ENABLED}"/*.conf; do
sed -Ei 's/^\s*user=.*$//' "$i"
done
fi
# Handle CMD command
"$@"

2276
lowcoder/deploy/docker/all-in-one/etc/redis/redis.conf Normal file
View File

File diff suppressed because it is too large Load Diff

45
lowcoder/deploy/docker/all-in-one/etc/supervisord.conf Normal file
View File

@@ -0,0 +1,45 @@
; supervisor config file
[unix_http_server]
file = /var/run/supervisor.sock ; (the path to the socket file)
chmod = 0700 ; socket file mode (default 0700)
;[inet_http_server] ; inet (TCP) server disabled by default
;port=*:9001 ; (ip_address:port specifier, *:port for all iface)
;username=user ; (default is no username (open server))
;password=123 ; (default is no password (open server))
[supervisord]
logfile = /dev/null ; (no logfile, stdout only; default $CWD/supervisord.log)
pidfile = /var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
childlogdir = /var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
logfile_maxbytes = 0
stdout_logfile_maxbytes = 0
stderr_logfile_maxbytes = 0
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl = unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket
; The [include] section can just contain the "files" setting. This
; setting can list multiple files (separated by whitespace or
; newlines). It can also contain wildcards. The filenames are
; interpreted as relative to this file. Included files *cannot*
; include files themselves.
[include]
files = /lowcoder/etc/supervisord/conf-enabled/*.conf
# ; This event listener is used to capture processes log
# ; and forward to container log using supervisor_stdout
# ; Ref: https://github.com/coderanger/supervisor-stdout
# [eventlistener:stdout]
# command = supervisor_stdout
# buffer_size = 100
# events = PROCESS_LOG
# result_handler = supervisor_stdout:event_handler

17
lowcoder/deploy/docker/all-in-one/etc/supervisord/conf-available/01-redis.conf Normal file
View File

@@ -0,0 +1,17 @@
[program:redis]
user=lowcoder
directory=/lowcoder/etc/redis
command=redis-server /lowcoder/etc/redis/redis.conf --daemonize no
priority=5
autostart=true
autorestart=true
startsecs=0
startretries=3
stdout_logfile=/lowcoder-stacks/logs/%(program_name)s/%(program_name)s.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
stderr_logfile_maxbytes=10MB
stdout_logfile_backups=5
stderr_logfile_backups=5
stdout_events_enabled=true
stderr_events_enabled=true

17
lowcoder/deploy/docker/all-in-one/etc/supervisord/conf-available/02-mongodb.conf Normal file
View File

@@ -0,0 +1,17 @@
[program:mongodb]
user=lowcoder
directory=/lowcoder-stacks/data/mongodb
command=mongod --port 27017 --dbpath /lowcoder-stacks/data/mongodb --logpath log --bind_ip %(ENV_MONGO_LISTEN_HOST)s
priority=10
autostart=true
autorestart=true
startsecs=10
startretries=3
stdout_logfile=/lowcoder-stacks/logs/%(program_name)s/%(program_name)s.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
stderr_logfile_maxbytes=10MB
stdout_logfile_backups=5
stderr_logfile_backups=5
stdout_events_enabled=true
stderr_events_enabled=true

18
lowcoder/deploy/docker/all-in-one/etc/supervisord/conf-available/10-api-service.conf Normal file
View File

@@ -0,0 +1,18 @@
[program:api-service]
# privileges will be dropped in entrypoint
user=root
directory=/lowcoder/api-service
command=/lowcoder/api-service/entrypoint.sh
priority=15
autostart=true
autorestart=true
startsecs=10
startretries=3
stdout_logfile=/lowcoder-stacks/logs/%(program_name)s/%(program_name)s.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
stderr_logfile_maxbytes=10MB
stdout_logfile_backups=5
stderr_logfile_backups=5
stdout_events_enabled=true
stderr_events_enabled=true

18
lowcoder/deploy/docker/all-in-one/etc/supervisord/conf-available/11-node-service.conf Normal file
View File

@@ -0,0 +1,18 @@
[program:node-service]
# privileges will be dropped in entrypoint
user=root
directory=/lowcoder/node-service
command=/lowcoder/node-service/entrypoint.sh
priority=15
autostart=true
autorestart=true
startsecs=10
startretries=3
stdout_logfile=/lowcoder-stacks/logs/%(program_name)s/%(program_name)s.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
stderr_logfile_maxbytes=10MB
stdout_logfile_backups=5
stderr_logfile_backups=5
stdout_events_enabled=true
stderr_events_enabled=true

17
lowcoder/deploy/docker/all-in-one/etc/supervisord/conf-available/20-frontend.conf Normal file
View File

@@ -0,0 +1,17 @@
[program:frontend]
# privileges will be dropped in entrypoint
user=root
command=/docker-entrypoint.sh nginx -g "daemon off;"
priority=15
autostart=true
autorestart=true
startsecs=10
startretries=3
stdout_logfile=/lowcoder-stacks/logs/%(program_name)s/%(program_name)s.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
stderr_logfile_maxbytes=10MB
stdout_logfile_backups=5
stderr_logfile_backups=5
stdout_events_enabled=true
stderr_events_enabled=true

45
lowcoder/deploy/docker/api-service/entrypoint.sh Normal file
View File

@@ -0,0 +1,45 @@
#!/bin/bash
set -e
export USER_ID="${LOWCODER_PUID:=9001}"
export GROUP_ID="${LOWCODER_PGID:=9001}"
# Run init script
echo "Initializing api-service..."
/lowcoder/api-service/init.sh
if [ -z "$JAVA_HOME" ]; then
JAVA_HOME=$(dirname "$(dirname "$(readlink -f "$(which javac)")")")
fi;
APP_JAR="${APP_JAR:=/lowcoder/api-service/lowcoder-api-service.jar}"
JAVA_OPTS="${JAVA_OPTS:=}"
CUSTOM_APP_PROPERTIES="${APP_PROPERTIES}"
CONTEXT_PATH=${CONTEXT_PATH:=/}
echo
echo "Running lowcoder api-server with:"
echo " base path: ${CONTEXT_PATH}"
if [ "$(id -u)" -eq 0 ]; then
# only use su if its possible, suppress for containers running non-root
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
GOSU="gosu ${USER_ID}:${GROUP_ID}"
fi
echo
"${JAVA_HOME}/bin/java" -version
echo
cd /lowcoder/api-service
exec $GOSU "${JAVA_HOME}/bin/java" \
-Djava.util.prefs.userRoot=/tmp \
-Djava.security.egd=file:/dev/./urandom \
-Dhttps.protocols=TLSv1.1,TLSv1.2 \
-Dlog4j2.formatMsgNoLookups=true \
-Dspring.config.location="file:///lowcoder/api-service/config/application.yaml" \
--add-opens java.base/java.nio=ALL-UNNAMED \
${JAVA_OPTS} \
-Dpf4j.pluginsDir=/lowcoder/api-service/plugins \
-jar "${APP_JAR}" --spring.webflux.base-path="${CONTEXT_PATH}" ${CUSTOM_APP_PROPERTIES}

38
lowcoder/deploy/docker/api-service/init.sh Normal file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
set -e
API_SERVICE_ROOT=/lowcoder/api-service
# Update ID of lowcoder user if required
if [ ! `id --user lowcoder` -eq ${USER_ID} ]; then
usermod --uid ${USER_ID} lowcoder
echo "ID for lowcoder user changed to: ${USER_ID}"
DO_CHOWN="true"
fi;
# Update ID of lowcoder group if required
if [ ! `id --group lowcoder` -eq ${GROUP_ID} ]; then
groupmod --gid ${GROUP_ID} lowcoder
echo "ID for lowcoder group changed to: ${GROUP_ID}"
DO_CHOWN="true"
fi;
# Update api-server installation owner
if [ "${DO_CHOWN}" = "true" ]; then
chown -R ${USER_ID}:${GROUP_ID} ${API_SERVICE_ROOT}
fi;
# Link log files to /dev/null
# - we don't need log files, because all logs are also printed to console
if [ ! -e ${API_SERVICE_ROOT}/logs/main.log ]; then
ln -s /dev/null ${API_SERVICE_ROOT}/logs/main.log
chmod 777 ${API_SERVICE_ROOT}/logs/main.log
fi;
if [ ! -e ${API_SERVICE_ROOT}/logs/query-error.log ]; then
ln -s /dev/null ${API_SERVICE_ROOT}/logs/query-error.log
chmod 777 ${API_SERVICE_ROOT}/logs/query-error.log
fi;
echo "Lowcoder api-service setup finished."

131
lowcoder/deploy/docker/compose-multi.yaml Normal file
View File

@@ -0,0 +1,131 @@
# sheldon
---
name: lowcoder
volumes:
mongodb:
lowcoder-stacks:
assets:
ssl:
services:
mongodb:
image: "mongo:7.0"
container_name: mongodb
environment:
MONGO_INITDB_DATABASE: lowcoder
MONGO_INITDB_ROOT_USERNAME: lowcoder
MONGO_INITDB_ROOT_PASSWORD: secret123
volumes:
- mongodb:/data/db
restart: unless-stopped
healthcheck:
test:
[
"CMD",
"mongosh",
"--quiet",
"127.0.0.1/test",
"--eval",
"'quit(db.runCommand({ ping: 1 }).ok ? 0 : 2)'",
]
interval: 5s
timeout: 10s
retries: 10
start_period: 40s
redis:
image: valkey/valkey
container_name: redis
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
interval: 1s
timeout: 3s
retries: 10
lowcoder-api-service:
image: lowcoderorg/lowcoder-ce-api-service:latest
container_name: lowcoder-api-service
# Enabled ports to be able to access backend from host
# ports:
# - "8080:8080"
env_file:
- path: ./default.env
required: true
- path: ./default-multi.env
required: true
- path: ./override.env
required: false
restart: unless-stopped
depends_on:
mongodb:
condition: service_healthy
restart: true
redis:
condition: service_healthy
restart: true
volumes:
- lowcoder-stacks:/lowcoder-stacks
- assets:/lowcoder/assets
healthcheck:
test: curl -sS http://lowcoder-api-service:8080 | grep -c "Lowcoder API is up and runnig" > /dev/null
interval: 3s
timeout: 5s
retries: 10
lowcoder-node-service:
image: lowcoderorg/lowcoder-ce-node-service:latest
container_name: lowcoder-node-service
# Enabled ports to be able to access backend from host
# ports:
# - "6060:6060"
env_file:
- path: ./default.env
required: true
- path: ./default-multi.env
required: true
- path: ./override.env
required: false
restart: unless-stopped
depends_on:
lowcoder-api-service:
condition: service_healthy
restart: true
healthcheck:
test: curl -sS http://lowcoder-node-service:6060 | grep -c "Lowcoder Node Service is up and running" > /dev/null
interval: 3s
timeout: 5s
retries: 10
lowcoder-frontend:
image: lowcoderorg/lowcoder-ce-frontend:latest
container_name: lowcoder-frontend
ports:
- "50154:3000"
env_file:
- path: ./default.env
required: true
- path: ./default-multi.env
required: true
- path: ./override.env
required: false
restart: unless-stopped
depends_on:
lowcoder-node-service:
condition: service_healthy
restart: true
lowcoder-api-service:
condition: service_healthy
restart: true
volumes:
- assets:/lowcoder/assets
- ssl:/lowcoder-stacks/ssl
healthcheck:
test: curl --fail http://lowcoder-frontend:3000 || exit 1
interval: 5s
retries: 10
start_period: 10s
timeout: 10s

25
lowcoder/deploy/docker/compose.yaml Normal file
View File

@@ -0,0 +1,25 @@
# sheldon (asm.delmar.bzh)
---
name: lowcoder
volumes:
lowcoder-stacks:
assets:
services:
lowcoder-all-in-one:
image: lowcoderorg/lowcoder-ce:latest
container_name: lowcoder
env_file:
- path: ./default.env
required: true
- path: ./override.env
required: false
ports:
- "50154:3000"
- "50155:3443"
# - "27017:27017"
volumes:
- lowcoder-stacks:/lowcoder-stacks
- assets:/lowcoder/assets
restart: unless-stopped

5
lowcoder/deploy/docker/default-multi.env Normal file
View File

@@ -0,0 +1,5 @@
LOWCODER_MONGODB_URL="mongodb://lowcoder:mKjqe9CAYiWXPz74@mongodb/lowcoder?authSource=admin"
LOWCODER_REDIS_URL="redis://redis:6379"
LOWCODER_NODE_SERVICE_URL="http://lowcoder-node-service:6060"
LOWCODER_API_SERVICE_URL="http://lowcoder-api-service:8080"

21
lowcoder/deploy/docker/default-multi.example.env Normal file
View File

@@ -0,0 +1,21 @@
#####################################################################
## ##
## Lowcoder environment variables override for multi image ##
## installation. ##
## ##
## !!! PLEASE DO NOT CHANGE THIS FILE !!! ##
## ##
## To change the variables use file: override.env ##
## ##
## It will be loaded automatically and will override the defaults ##
## You don't have to copy the whole default.env, only the changed ##
## environment variables. ##
## ##
#####################################################################
# Update individual service URLs to match the multi setup
LOWCODER_MONGODB_URL="mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin"
LOWCODER_REDIS_URL="redis://redis:6379"
LOWCODER_NODE_SERVICE_URL="http://lowcoder-node-service:6060"
LOWCODER_API_SERVICE_URL="http://lowcoder-api-service:8080"

49
lowcoder/deploy/docker/default.env Normal file
View File

@@ -0,0 +1,49 @@
LOWCODER_REDIS_ENABLED="true"
LOWCODER_MONGODB_ENABLED="true"
LOWCODER_API_SERVICE_ENABLED="true"
LOWCODER_NODE_SERVICE_ENABLED="true"
LOWCODER_FRONTEND_ENABLED="true"
LOWCODER_MONGODB_EXPOSED="false"
LOWCODER_PUBLIC_URL="http://localhost:50154/"
LOWCODER_PUID="1000"
LOWCODER_PGID="1000"
LOWCODER_COOKIE_NAME=LOWCODER_CE_SELFHOST_TOKEN
LOWCODER_COOKIE_MAX_AGE=24
LOWCODER_MAX_ORGS_PER_USER=100
LOWCODER_MAX_MEMBERS_PER_ORG=1000
LOWCODER_MAX_GROUPS_PER_ORG=100
LOWCODER_MAX_APPS_PER_ORG=1000
LOWCODER_MAX_DEVELOPERS=50
LOWCODER_MONGODB_URL="mongodb://localhost:27017/lowcoder?authSource=admin"
#LOWCODER_MONGODB_URL="mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin"
LOWCODER_REDIS_URL="redis://localhost:6379"
LOWCODER_EMAIL_SIGNUP_ENABLED="true"
LOWCODER_EMAIL_AUTH_ENABLED="true"
LOWCODER_CREATE_WORKSPACE_ON_SIGNUP="true"
LOWCODER_APP_SNAPSHOT_RETENTIONTIME=30
LOWCODER_DB_ENCRYPTION_PASSWORD="ZvmM5LrH2UfFyge6NvRaHFiDrXQoGRsi"
LOWCODER_DB_ENCRYPTION_SALT="Ky8t3iD4M97JSohdLkM7KgA9GjGWCoFs"
LOWCODER_CORS_DOMAINS="*"
LOWCODER_API_KEY_SECRET="B9tGgrnPJ37nqXnY9CnSsD9Xuksy2SCH"
LOWCODER_PLUGINS_DIR="../plugins"
LOWCODER_API_RATE_LIMIT=100
LOWCODER_API_SERVICE_URL="http://localhost:8080"
LOWCODER_NODE_SERVICE_URL="http://localhost:6060"
LOWCODER_NODE_SERVICE_SECRET="Yc89xF7Q8gzHK5DNc7CCW8KD7iqKHYBi"
LOWCODER_NODE_SERVICE_SECRET_SALT="9ZxfctRtTkoYXrGnXjwbBGZGW5A48D8u"
LOWCODER_MAX_REQUEST_SIZE=20m
LOWCODER_MAX_QUERY_TIMEOUT=120
LOWCODER_DEFAULT_QUERY_TIMEOUT=10
LOWCODER_WORKSPACE_MODE=SAAS
LOWCODER_MARKETPLACE_PRIVATE_MODE="true"
LOWCODER_ADMIN_SMTP_HOST=pro1.mail.ovh.net
LOWCODER_ADMIN_SMTP_PORT=587
LOWCODER_ADMIN_SMTP_AUTH="true"
LOWCODER_ADMIN_SMTP_USERNAME=admin@delmar.bzh
LOWCODER_ADMIN_SMTP_PASSWORD=sxS4GA8rBfmFkCFL
LOWCODER_ADMIN_SMTP_SSL_ENABLED="false"
LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED="true"
LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED="true"
LOWCODER_EMAIL_NOTIFICATIONS_SENDER=noreply@delmar.bzh
LOWCODER_SUPERUSER_USERNAME=admin@delmar.bzh
LOWCODER_SUPERUSER_PASSWORD=mKjqe9CAYiWXPz74

160
lowcoder/deploy/docker/default.example.env Normal file
View File

@@ -0,0 +1,160 @@
#####################################################################
## ##
## Default lowcoder environment variables. ##
## ##
## !!! PLEASE DO NOT CHANGE THIS FILE !!! ##
## ##
## To change the variables use file: override.env ##
## ##
## It will be loaded automatically and will override the defaults ##
## You don't have to copy the whole default.env, only the changed ##
## environment variables. ##
## ##
#####################################################################
##
## Enable services (applies to all-in-one deployment) ##
## - you can disable them in favor of external services
#
# If true redis server is started in the container
LOWCODER_REDIS_ENABLED="true"
# If true mongo database is started in the container
LOWCODER_MONGODB_ENABLED="true"
# If true lowcoder api-service is started in the container
LOWCODER_API_SERVICE_ENABLED="true"
# If true lowcoder node-service is started in the container
LOWCODER_NODE_SERVICE_ENABLED="true"
# If true lowcoder web frontend is started in the container
LOWCODER_FRONTEND_ENABLED="true"
#
# Set LOWCODER_MONGODB_EXPOSED to "true" and uncomment mongodb port
# to make internal mongo database accessible from host
# (applies to all-in-one deployment)
#
LOWCODER_MONGODB_EXPOSED="false"
##
## Generic parameters
##
#
# URL of the public User Interface
LOWCODER_PUBLIC_URL="http://localhost:3000/"
# ID of user running services. It will own all created logs and data.
LOWCODER_PUID="1000"
# ID of group of the user running services
LOWCODER_PGID="1000"
##
## api-service parameters
##
# Name of the lowcoder application cookie
LOWCODER_COOKIE_NAME=LOWCODER_CE_SELFHOST_TOKEN
# Lowcoder application cookie max age in hours
LOWCODER_COOKIE_MAX_AGE=24
# Default maximum organizations per user
LOWCODER_MAX_ORGS_PER_USER=100
# Default maximum members per organization
LOWCODER_MAX_MEMBERS_PER_ORG=1000
# Default maximum groups per organization
LOWCODER_MAX_GROUPS_PER_ORG=100
# Default maximum applications per organization
LOWCODER_MAX_APPS_PER_ORG=1000
# Default maximum developers
LOWCODER_MAX_DEVELOPERS=50
# Mongo database connection string (use the later one in case of multi-image compose)
LOWCODER_MONGODB_URL="mongodb://localhost:27017/lowcoder?authSource=admin"
#LOWCODER_MONGODB_URL="mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin"
# Redis server URL
LOWCODER_REDIS_URL="redis://localhost:6379"
# Control if users create their own Workspace automatic when Sign Up
LOWCODER_EMAIL_SIGNUP_ENABLED="true"
# Controls whether authentication via email is enabled
LOWCODER_EMAIL_AUTH_ENABLED="true"
# IF LOWCODER_WORKSPACE_MODE = SAAS, controls if own workspace is created for the user after sign up
LOWCODER_CREATE_WORKSPACE_ON_SIGNUP="true"
# Application snapshots retention time in days
LOWCODER_APP_SNAPSHOT_RETENTIONTIME=30
#
# ! PLEASE CHANGE THESE TO SOMETHING UNIQUE !
#
# LOWCODER_DB_ENCRYPTION_PASSWORD and LOWCODER_DB_ENCRYPTION_SALT is used
# to encrypt sensitive data in mongo database so it is important to change the defaults
#
LOWCODER_DB_ENCRYPTION_PASSWORD="lowcoder.org"
LOWCODER_DB_ENCRYPTION_SALT="lowcoder.org"
# CORS allowed domains
LOWCODER_CORS_DOMAINS="*"
#
# API-KEY secret - should be a string of at least 32 random characters
# - on linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
#
LOWCODER_API_KEY_SECRET="5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b"
##
## api and node service parameters
##
# Directory holding lowcoder plugins
LOWCODER_PLUGINS_DIR="../plugins"
# Number of max Request per Second - set to 0 to disable rate limiting
LOWCODER_API_RATE_LIMIT=100
# Lowcoder API service URL
LOWCODER_API_SERVICE_URL="http://localhost:8080"
# Lowcoder Node service URL
LOWCODER_NODE_SERVICE_URL="http://localhost:6060"
#
# ! PLEASE CHANGE THESE TO SOMETHING UNIQUE !
#
# Secret and salt used for encrypting comunication between API service and NODE service
#
LOWCODER_NODE_SERVICE_SECRET="62e348319ab9f5c43c3b5a380b4d82525cdb68740f21140e767989b509ab0aa2"
LOWCODER_NODE_SERVICE_SECRET_SALT="lowcoder.org"
##
## Frontend parameters
##
# Lowcoder max request size
LOWCODER_MAX_REQUEST_SIZE=20m
# Lowcoder max query timeout (in seconds)
LOWCODER_MAX_QUERY_TIMEOUT=120
# Default lowcoder query timeout
LOWCODER_DEFAULT_QUERY_TIMEOUT=10
# SAAS to activate, ENTERPRISE to switch off - Workspaces
LOWCODER_WORKSPACE_MODE=SAAS
# Controls whether to show Apps on the local Marketplace to anonymous users
# - if true, apps are not shown to anonymous users
LOWCODER_MARKETPLACE_PRIVATE_MODE="true"
##
## Lowcoder notification emails setup
##
# Mail server host
LOWCODER_ADMIN_SMTP_HOST=localhost
# Mail server port
LOWCODER_ADMIN_SMTP_PORT=587
# Use authentication when sending email
LOWCODER_ADMIN_SMTP_AUTH="true"
# Username (email) used for authentication
LOWCODER_ADMIN_SMTP_USERNAME=
# Password used for authentication
LOWCODER_ADMIN_SMTP_PASSWORD=
# Enable SSL for connetion to the mail server
LOWCODER_ADMIN_SMTP_SSL_ENABLED="false"
# Enable STARTTLS
LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED="true"
# Require STARTTLS
LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED="true"
# Email used in notifications from lowcoder
LOWCODER_EMAIL_NOTIFICATIONS_SENDER=info@localhost
# Lowcoder superuser username
LOWCODER_SUPERUSER_USERNAME=admin@localhost
# Lowcoder superuser password
# If left blank, a password will be generated and written into log (lowcoder-stacks/logs/api-service/api-service.log)
LOWCODER_SUPERUSER_PASSWORD=

28
lowcoder/deploy/docker/frontend/00-change-nginx-user.sh Normal file
View File

@@ -0,0 +1,28 @@
#!/bin/sh
set -e
USER_ID=${LOWCODER_PUID:=9001}
GROUP_ID=${LOWCODER_PGID:=9001}
CLIENT_ROOT=/lowcoder/client
# Update ID of lowcoder user if required
if [ ! `id --user lowcoder` -eq ${USER_ID} ]; then
usermod --uid ${USER_ID} lowcoder
echo "ID for lowcoder user changed to: ${USER_ID}"
DO_CHOWN="true"
fi;
# Update ID of lowcoder group if required
if [ ! `id --group lowcoder` -eq ${GROUP_ID} ]; then
groupmod --gid ${GROUP_ID} lowcoder
echo "ID for lowcoder group changed to: ${GROUP_ID}"
DO_CHOWN="true"
fi;
# Update api-server installation owner
if [ "${DO_CHOWN}" = "true" ]; then
chown -R ${USER_ID}:${GROUP_ID} ${CLIENT_ROOT}
echo "Lowcoder client files owner modified."
fi;

29
lowcoder/deploy/docker/frontend/01-update-nginx-conf.sh Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
set -e
CERT="/lowcoder-stacks/ssl"
rm -f /etc/nginx/nginx.conf
echo "Creating nginx config..."
if [ -e "${CERT}/fullchain.pem" ] && [ -e "${CERT}/privkey.pem" ]; then
echo "Certificates found, configuring with HTTPS."
ln -s /etc/nginx/nginx-https.conf /etc/nginx/nginx.conf
if [ ! -e "${CERT}/dhparam.pem" ]; then
echo "Diffle-Helmann parameters file not found, generating in now... (this can take some time)"
openssl dhparam -out "${CERT}/dhparam.pem" 4096
fi;
else
echo "Certificates not found, configuring with HTTP."
ln -s /etc/nginx/nginx-http.conf /etc/nginx/nginx.conf
fi;
sed -i "s@__LOWCODER_MAX_REQUEST_SIZE__@${LOWCODER_MAX_REQUEST_SIZE:=20m}@" /etc/nginx/nginx.conf
sed -i "s@__LOWCODER_MAX_QUERY_TIMEOUT__@${LOWCODER_MAX_QUERY_TIMEOUT:=120}@" /etc/nginx/server.conf
sed -i "s@__LOWCODER_API_SERVICE_URL__@${LOWCODER_API_SERVICE_URL:=http://localhost:8080}@" /etc/nginx/server.conf
sed -i "s@__LOWCODER_NODE_SERVICE_URL__@${LOWCODER_NODE_SERVICE_URL:=http://localhost:6060}@" /etc/nginx/server.conf
echo "nginx config updated with:"
echo " Lowcoder max upload size: ${LOWCODER_MAX_REQUEST_SIZE:=20m}"
echo " Lowcoder api service URL: ${LOWCODER_API_SERVICE_URL:=http://localhost:8080}"
echo " Lowcoder node service URL: ${LOWCODER_NODE_SERVICE_URL:=http://localhost:6060}"

39
lowcoder/deploy/docker/frontend/nginx-http.conf Normal file
View File

@@ -0,0 +1,39 @@
user lowcoder;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
client_max_body_size __LOWCODER_MAX_REQUEST_SIZE__;
log_format main '"$time_local" client=$remote_addr '
'method=$request_method request="$request" '
'request_length=$request_length '
'status=$status bytes_sent=$bytes_sent '
'body_bytes_sent=$body_bytes_sent '
'referer=$http_referer '
'http_x_forwarded_for=$http_x_forwarded_for '
'user_agent="$http_user_agent" '
'upstream_addr=$upstream_addr '
'upstream_status=$upstream_status '
'request_time=$request_time '
'upstream_response_time=$upstream_response_time '
'upstream_connect_time=$upstream_connect_time '
'upstream_header_time=$upstream_header_time';
keepalive_timeout 65;
sendfile on;
#tcp_nopush on;
server {
listen 3000 default_server;
include /etc/nginx/server.conf;
}
}

43
lowcoder/deploy/docker/frontend/nginx-https.conf Normal file
View File

@@ -0,0 +1,43 @@
user lowcoder;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
client_max_body_size __LOWCODER_MAX_REQUEST_SIZE__;
log_format main '"$time_local" client=$remote_addr '
'method=$request_method request="$request" '
'request_length=$request_length '
'status=$status bytes_sent=$bytes_sent '
'body_bytes_sent=$body_bytes_sent '
'referer=$http_referer '
'http_x_forwarded_for=$http_x_forwarded_for '
'user_agent="$http_user_agent" '
'upstream_addr=$upstream_addr '
'upstream_status=$upstream_status '
'request_time=$request_time '
'upstream_response_time=$upstream_response_time '
'upstream_connect_time=$upstream_connect_time '
'upstream_header_time=$upstream_header_time';
keepalive_timeout 65;
sendfile on;
#tcp_nopush on;
server {
listen 3443 ssl;
include /etc/nginx/ssl-certificate.conf;
include /etc/nginx/ssl-params.conf;
include /etc/nginx/server.conf;
}
}

58
lowcoder/deploy/docker/frontend/server.conf Normal file
View File

@@ -0,0 +1,58 @@
root /lowcoder/client;
proxy_connect_timeout __LOWCODER_MAX_QUERY_TIMEOUT__;
proxy_send_timeout __LOWCODER_MAX_QUERY_TIMEOUT__;
proxy_read_timeout __LOWCODER_MAX_QUERY_TIMEOUT__;
location / {
try_files $uri /index.html;
if ($request_filename ~* .*.(html|htm)$) {
add_header Cache-Control no-cache;
}
}
location /sdk {
try_files $uri =404;
alias /lowcoder/client-sdk;
expires 1M;
}
location /comps {
try_files $uri =404;
alias /lowcoder/client-comps;
expires 1M;
}
location /embed {
try_files $uri =404;
alias /lowcoder/client-embed;
expires 1M;
}
location /assets {
try_files $uri =404;
alias /lowcoder/assets;
expires 1M;
}
location /api {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass __LOWCODER_API_SERVICE_URL__;
}
location /node-service/plugin-icons {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass __LOWCODER_NODE_SERVICE_URL__;
}

2
lowcoder/deploy/docker/frontend/ssl-certificate.conf Normal file
View File

@@ -0,0 +1,2 @@
ssl_certificate /lowcoder-stacks/ssl/fullchain.pem;
ssl_certificate_key /lowcoder-stacks/ssl/privkey.pem;

18
lowcoder/deploy/docker/frontend/ssl-params.conf Normal file
View File

@@ -0,0 +1,18 @@
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /lowcoder-stacks/ssl/dhparam.pem;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable strict transport security for now. You can uncomment the following
# line if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

26
lowcoder/deploy/docker/node-service/entrypoint.sh Executable file
View File

@@ -0,0 +1,26 @@
#!/bin/bash
set -e
export USER_ID=${LOWCODER_PUID:=9001}
export GROUP_ID=${LOWCODER_PGID:=9001}
export API_HOST="${LOWCODER_API_SERVICE_URL:=http://localhost:8080}"
# Run init script
echo "Initializing node-service..."
/lowcoder/node-service/init.sh
cd /lowcoder/node-service/app
echo
echo "Running Lowcoder node-service with:"
echo " API service host: ${API_HOST}"
if [ "$(id -u)" -eq 0 ]; then
# only use su if its possible, suppress for containers running non-root
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
GOSU="gosu ${USER_ID}:${GROUP_ID}"
fi
echo
exec $GOSU yarn start

27
lowcoder/deploy/docker/node-service/init.sh Normal file
View File

@@ -0,0 +1,27 @@
#!/bin/bash
set -e
NODE_SERVICE_ROOT=/lowcoder/node-service
# Update ID of lowcoder user if required
if [ ! `id --user lowcoder` -eq ${USER_ID} ]; then
usermod --uid ${USER_ID} lowcoder
echo "ID for lowcoder user changed to: ${USER_ID}"
DO_CHOWN="true"
fi;
# Update ID of lowcoder group if required
if [ ! `id --group lowcoder` -eq ${GROUP_ID} ]; then
groupmod --gid ${GROUP_ID} lowcoder
echo "ID for lowcoder group changed to: ${GROUP_ID}"
DO_CHOWN="true"
fi;
# Update node-server installation owner
if [ "${DO_CHOWN}" = "true" ]; then
echo "Changing node-service owner to ${USER_ID}:${GROUP_ID}"
chown -R ${USER_ID}:${GROUP_ID} ${NODE_SERVICE_ROOT}
fi;
echo "Lowcoder node-service setup finished."

9
lowcoder/deploy/docker/override.env Normal file
View File

@@ -0,0 +1,9 @@
#####################################################################
## ##
## Use this file to override environment variables for compose ##
## files. ##
## Add only variables you want to override. ##
## ##
#####################################################################

9
lowcoder/deploy/docker/override.example.env Normal file
View File

@@ -0,0 +1,9 @@
#####################################################################
## ##
## Use this file to override environment variables for compose ##
## files. ##
## Add only variables you want to override. ##
## ##
#####################################################################