feat: fine grained docker compose with example external nginx conf

docker-compose-base.yml

@@ -0,0 +1,211 @@
+services:
+  # You do not need this if you have configured to use your own s3 file storage
+  minio:
+    restart: on-failure
+    image: minio/minio
+    environment:
+      - MINIO_BROWSER_REDIRECT_URL=${APPFLOWY_BASE_URL?:err}/minio
+      - MINIO_ROOT_USER=${APPFLOWY_S3_ACCESS_KEY:-minioadmin}
+      - MINIO_ROOT_PASSWORD=${APPFLOWY_S3_SECRET_KEY:-minioadmin}
+    command: server /data --console-address ":9001"
+    volumes:
+      - minio_data:/data
+
+  postgres:
+    restart: on-failure
+    image: pgvector/pgvector:pg16
+    environment:
+      - POSTGRES_USER=${POSTGRES_USER:-postgres}
+      - POSTGRES_DB=${POSTGRES_DB:-postgres}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
+      - POSTGRES_HOST=${POSTGRES_HOST:-postgres}
+      - SUPABASE_PASSWORD=${SUPABASE_PASSWORD:-root}
+    healthcheck:
+      test: [ "CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}" ]
+      interval: 5s
+      timeout: 5s
+      retries: 12
+    volumes:
+      - ./migrations/before:/docker-entrypoint-initdb.d
+      - postgres_data:/var/lib/postgresql/data
+
+  redis:
+    restart: on-failure
+    image: redis
+
+  gotrue:
+    restart: on-failure
+    build:
+      context: docker/gotrue
+      dockerfile: Dockerfile
+    depends_on:
+      postgres:
+        condition: service_healthy
+    healthcheck:
+      test: "curl --fail http://127.0.0.1:9999/health || exit 1"
+      interval: 5s
+      timeout: 5s
+      retries: 12
+    image: appflowyinc/gotrue:${GOTRUE_VERSION:-latest}
+    environment:
+      # There are a lot of options to configure GoTrue. You can reference the example config:
+      # https://github.com/supabase/gotrue/blob/master/example.env
+      - GOTRUE_ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
+      - GOTRUE_ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
+      - GOTRUE_DISABLE_SIGNUP=${GOTRUE_DISABLE_SIGNUP:-false}
+      - GOTRUE_SITE_URL=appflowy-flutter://                           # redirected to AppFlowy application
+      - GOTRUE_URI_ALLOW_LIST=** # adjust restrict if necessary
+      - GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}                        # authentication secret
+      - GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
+      # Without this environment variable, the createuser command will create an admin
+      # with the `admin` role as opposed to `supabase_admin`
+      - GOTRUE_JWT_ADMIN_GROUP_NAME=supabase_admin
+      - GOTRUE_DB_DRIVER=postgres
+      - API_EXTERNAL_URL=${API_EXTERNAL_URL}
+      - DATABASE_URL=${GOTRUE_DATABASE_URL}
+      - PORT=9999
+      - GOTRUE_SMTP_HOST=${GOTRUE_SMTP_HOST}                          # e.g. smtp.gmail.com
+      - GOTRUE_SMTP_PORT=${GOTRUE_SMTP_PORT}                          # e.g. 465
+      - GOTRUE_SMTP_USER=${GOTRUE_SMTP_USER}                          # email sender, e.g. noreply@appflowy.io
+      - GOTRUE_SMTP_PASS=${GOTRUE_SMTP_PASS}                          # email password
+      - GOTRUE_MAILER_URLPATHS_CONFIRMATION=/gotrue/verify
+      - GOTRUE_MAILER_URLPATHS_INVITE=/gotrue/verify
+      - GOTRUE_MAILER_URLPATHS_RECOVERY=/gotrue/verify
+      - GOTRUE_MAILER_URLPATHS_EMAIL_CHANGE=/gotrue/verify
+      - GOTRUE_MAILER_TEMPLATES_MAGIC_LINK=${GOTRUE_MAILER_TEMPLATES_MAGIC_LINK}
+      - GOTRUE_SMTP_ADMIN_EMAIL=${GOTRUE_SMTP_ADMIN_EMAIL}                # email with admin privileges e.g. internal@appflowy.io
+      - GOTRUE_SMTP_MAX_FREQUENCY=${GOTRUE_SMTP_MAX_FREQUENCY:-1ns}       # set to 1ns for running tests
+      - GOTRUE_RATE_LIMIT_EMAIL_SENT=${GOTRUE_RATE_LIMIT_EMAIL_SENT:-100} # number of email sendable per minute
+      - GOTRUE_MAILER_AUTOCONFIRM=${GOTRUE_MAILER_AUTOCONFIRM:-false}     # change this to true to skip email confirmation
+      # Google OAuth config
+      - GOTRUE_EXTERNAL_GOOGLE_ENABLED=${GOTRUE_EXTERNAL_GOOGLE_ENABLED}
+      - GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=${GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID}
+      - GOTRUE_EXTERNAL_GOOGLE_SECRET=${GOTRUE_EXTERNAL_GOOGLE_SECRET}
+      - GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=${GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI}
+      # GITHUB OAuth config
+      - GOTRUE_EXTERNAL_GITHUB_ENABLED=${GOTRUE_EXTERNAL_GITHUB_ENABLED}
+      - GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=${GOTRUE_EXTERNAL_GITHUB_CLIENT_ID}
+      - GOTRUE_EXTERNAL_GITHUB_SECRET=${GOTRUE_EXTERNAL_GITHUB_SECRET}
+      - GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=${GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI}
+      # Discord OAuth config
+      - GOTRUE_EXTERNAL_DISCORD_ENABLED=${GOTRUE_EXTERNAL_DISCORD_ENABLED}
+      - GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=${GOTRUE_EXTERNAL_DISCORD_CLIENT_ID}
+      - GOTRUE_EXTERNAL_DISCORD_SECRET=${GOTRUE_EXTERNAL_DISCORD_SECRET}
+      - GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=${GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI}
+      # SAML 2.0 OAuth config
+      - GOTRUE_SAML_ENABLED=${GOTRUE_SAML_ENABLED}
+      - GOTRUE_SAML_PRIVATE_KEY=${GOTRUE_SAML_PRIVATE_KEY}
+
+  appflowy_cloud:
+    restart: on-failure
+    environment:
+      - RUST_LOG=${RUST_LOG:-info}
+      - APPFLOWY_ENVIRONMENT=production
+      - APPFLOWY_DATABASE_URL=${APPFLOWY_DATABASE_URL}
+      - APPFLOWY_REDIS_URI=${APPFLOWY_REDIS_URI}
+      - APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
+      - APPFLOWY_GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
+      - APPFLOWY_GOTRUE_BASE_URL=${APPFLOWY_GOTRUE_BASE_URL}
+      - APPFLOWY_GOTRUE_EXT_URL=${API_EXTERNAL_URL}
+      - APPFLOWY_GOTRUE_ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
+      - APPFLOWY_GOTRUE_ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
+      - APPFLOWY_S3_CREATE_BUCKET=${APPFLOWY_S3_CREATE_BUCKET}
+      - APPFLOWY_S3_USE_MINIO=${APPFLOWY_S3_USE_MINIO}
+      - APPFLOWY_S3_MINIO_URL=${APPFLOWY_S3_MINIO_URL}
+      - APPFLOWY_S3_ACCESS_KEY=${APPFLOWY_S3_ACCESS_KEY}
+      - APPFLOWY_S3_SECRET_KEY=${APPFLOWY_S3_SECRET_KEY}
+      - APPFLOWY_S3_BUCKET=${APPFLOWY_S3_BUCKET}
+      - APPFLOWY_S3_REGION=${APPFLOWY_S3_REGION}
+      - APPFLOWY_S3_PRESIGNED_URL_ENDPOINT=${APPFLOWY_S3_PRESIGNED_URL_ENDPOINT}
+      - APPFLOWY_MAILER_SMTP_HOST=${APPFLOWY_MAILER_SMTP_HOST}
+      - APPFLOWY_MAILER_SMTP_PORT=${APPFLOWY_MAILER_SMTP_PORT}
+      - APPFLOWY_MAILER_SMTP_USERNAME=${APPFLOWY_MAILER_SMTP_USERNAME}
+      - APPFLOWY_MAILER_SMTP_EMAIL=${APPFLOWY_MAILER_SMTP_EMAIL}
+      - APPFLOWY_MAILER_SMTP_PASSWORD=${APPFLOWY_MAILER_SMTP_PASSWORD}
+      - APPFLOWY_MAILER_SMTP_TLS_KIND=${APPFLOWY_MAILER_SMTP_TLS_KIND}
+      - APPFLOWY_ACCESS_CONTROL=${APPFLOWY_ACCESS_CONTROL}
+      - APPFLOWY_DATABASE_MAX_CONNECTIONS=${APPFLOWY_DATABASE_MAX_CONNECTIONS}
+      - AI_SERVER_HOST=${AI_SERVER_HOST}
+      - AI_SERVER_PORT=${AI_SERVER_PORT}
+      - AI_OPENAI_API_KEY=${AI_OPENAI_API_KEY}
+      - APPFLOWY_ADMIN_FRONTEND_PATH_PREFIX=${ADMIN_FRONTEND_PATH_PREFIX}
+      - APPFLOWY_WEB_URL=${APPFLOWY_WEB_URL}
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        FEATURES: ""
+    image: appflowyinc/appflowy_cloud:${APPFLOWY_CLOUD_VERSION:-latest}
+    depends_on:
+      gotrue:
+        condition: service_healthy
+
+  admin_frontend:
+    restart: on-failure
+    build:
+      context: .
+      dockerfile: ./admin_frontend/Dockerfile
+    image: appflowyinc/admin_frontend:${APPFLOWY_ADMIN_FRONTEND_VERSION:-latest}
+    environment:
+      - RUST_LOG=${RUST_LOG:-info}
+      - ADMIN_FRONTEND_REDIS_URL=${ADMIN_FRONTEND_REDIS_URL:-redis://redis:6379}
+      - ADMIN_FRONTEND_GOTRUE_URL=${ADMIN_FRONTEND_GOTRUE_URL:-http://gotrue:9999}
+      - ADMIN_FRONTEND_APPFLOWY_CLOUD_URL=${ADMIN_FRONTEND_APPFLOWY_CLOUD_URL:-http://appflowy_cloud:8000}
+      - ADMIN_FRONTEND_PATH_PREFIX=${ADMIN_FRONTEND_PATH_PREFIX:-}
+    depends_on:
+      appflowy_cloud:
+        condition: service_started
+
+  ai:
+    restart: on-failure
+    image: appflowyinc/appflowy_ai:${APPFLOWY_AI_VERSION:-latest}
+    environment:
+      - OPENAI_API_KEY=${AI_OPENAI_API_KEY}
+      - APPFLOWY_AI_SERVER_PORT=${AI_SERVER_PORT}
+      - APPFLOWY_AI_DATABASE_URL=${AI_DATABASE_URL}
+      - APPFLOWY_AI_REDIS_URL=${AI_REDIS_URL}
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+  appflowy_worker:
+    restart: on-failure
+    image: appflowyinc/appflowy_worker:${APPFLOWY_WORKER_VERSION:-latest}
+    build:
+      context: .
+      dockerfile: ./services/appflowy-worker/Dockerfile
+    environment:
+      - RUST_LOG=${RUST_LOG:-info}
+      - APPFLOWY_ENVIRONMENT=production
+      - APPFLOWY_WORKER_REDIS_URL=${APPFLOWY_WORKER_REDIS_URL:-redis://redis:6379}
+      - APPFLOWY_WORKER_ENVIRONMENT=production
+      - APPFLOWY_WORKER_DATABASE_URL=${APPFLOWY_WORKER_DATABASE_URL}
+      - APPFLOWY_WORKER_DATABASE_NAME=${APPFLOWY_WORKER_DATABASE_NAME}
+      - APPFLOWY_WORKER_IMPORT_TICK_INTERVAL=30
+      - APPFLOWY_S3_USE_MINIO=${APPFLOWY_S3_USE_MINIO}
+      - APPFLOWY_S3_MINIO_URL=${APPFLOWY_S3_MINIO_URL}
+      - APPFLOWY_S3_ACCESS_KEY=${APPFLOWY_S3_ACCESS_KEY}
+      - APPFLOWY_S3_SECRET_KEY=${APPFLOWY_S3_SECRET_KEY}
+      - APPFLOWY_S3_BUCKET=${APPFLOWY_S3_BUCKET}
+      - APPFLOWY_S3_REGION=${APPFLOWY_S3_REGION}
+      - APPFLOWY_MAILER_SMTP_HOST=${APPFLOWY_MAILER_SMTP_HOST}
+      - APPFLOWY_MAILER_SMTP_PORT=${APPFLOWY_MAILER_SMTP_PORT}
+      - APPFLOWY_MAILER_SMTP_USERNAME=${APPFLOWY_MAILER_SMTP_USERNAME}
+      - APPFLOWY_MAILER_SMTP_EMAIL=${APPFLOWY_MAILER_SMTP_EMAIL}
+      - APPFLOWY_MAILER_SMTP_PASSWORD=${APPFLOWY_MAILER_SMTP_PASSWORD}
+      - APPFLOWY_MAILER_SMTP_TLS_KIND=${APPFLOWY_MAILER_SMTP_TLS_KIND}
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+  appflowy_web:
+    restart: on-failure
+    image: appflowyinc/appflowy_web:${APPFLOWY_WEB_VERSION:-latest}
+    depends_on:
+      - appflowy_cloud
+    environment:
+      - AF_BASE_URL=${APPFLOWY_BASE_URL:?err}
+      - AF_GOTRUE_URL=${API_EXTERNAL_URL}
+volumes:
+  postgres_data:
+  minio_data:

docker-compose-external.yml

@@ -0,0 +1,21 @@
+services:
+  minio:
+    ports:
+      - "9000:9000"
+      - "9001:9001"
+
+  gotrue:
+    ports:
+      - "9999:9999"
+
+  appflowy_cloud:
+    ports:
+      - "8000:8000"
+
+  admin_frontend:
+    ports:
+      - "3001:3000"
+
+  appflowy_web:
+    ports:
+      - "3000:80"

docker-compose.yml

@@ -1,4 +1,6 @@
 # Essential services for AppFlowy Cloud
+include:
+  - docker-compose-base.yml
 
 services:
   nginx:
@@ -11,214 +13,3 @@ services:
       - ./nginx/nginx.conf:/etc/nginx/nginx.conf
       - ./nginx/ssl/certificate.crt:/etc/nginx/ssl/certificate.crt
       - ./nginx/ssl/private_key.key:/etc/nginx/ssl/private_key.key
-
-  # You do not need this if you have configured to use your own s3 file storage
-  minio:
-    restart: on-failure
-    image: minio/minio
-    environment:
-      - MINIO_BROWSER_REDIRECT_URL=${APPFLOWY_BASE_URL?:err}/minio
-      - MINIO_ROOT_USER=${APPFLOWY_S3_ACCESS_KEY:-minioadmin}
-      - MINIO_ROOT_PASSWORD=${APPFLOWY_S3_SECRET_KEY:-minioadmin}
-    command: server /data --console-address ":9001"
-    volumes:
-      - minio_data:/data
-
-  postgres:
-    restart: on-failure
-    image: pgvector/pgvector:pg16
-    environment:
-      - POSTGRES_USER=${POSTGRES_USER:-postgres}
-      - POSTGRES_DB=${POSTGRES_DB:-postgres}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
-      - POSTGRES_HOST=${POSTGRES_HOST:-postgres}
-      - SUPABASE_PASSWORD=${SUPABASE_PASSWORD:-root}
-    healthcheck:
-      test: [ "CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}" ]
-      interval: 5s
-      timeout: 5s
-      retries: 12
-    volumes:
-      - ./migrations/before:/docker-entrypoint-initdb.d
-      - postgres_data:/var/lib/postgresql/data
-
-  redis:
-    restart: on-failure
-    image: redis
-
-  gotrue:
-    restart: on-failure
-    build:
-      context: docker/gotrue
-      dockerfile: Dockerfile
-    depends_on:
-      postgres:
-        condition: service_healthy
-    healthcheck:
-      test: "curl --fail http://127.0.0.1:9999/health || exit 1"
-      interval: 5s
-      timeout: 5s
-      retries: 12
-    image: appflowyinc/gotrue:${GOTRUE_VERSION:-latest}
-    environment:
-      # There are a lot of options to configure GoTrue. You can reference the example config:
-      # https://github.com/supabase/gotrue/blob/master/example.env
-      - GOTRUE_ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
-      - GOTRUE_ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
-      - GOTRUE_DISABLE_SIGNUP=${GOTRUE_DISABLE_SIGNUP:-false}
-      - GOTRUE_SITE_URL=appflowy-flutter://                           # redirected to AppFlowy application
-      - GOTRUE_URI_ALLOW_LIST=** # adjust restrict if necessary
-      - GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}                        # authentication secret
-      - GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
-      # Without this environment variable, the createuser command will create an admin
-      # with the `admin` role as opposed to `supabase_admin`
-      - GOTRUE_JWT_ADMIN_GROUP_NAME=supabase_admin
-      - GOTRUE_DB_DRIVER=postgres
-      - API_EXTERNAL_URL=${API_EXTERNAL_URL}
-      - DATABASE_URL=${GOTRUE_DATABASE_URL}
-      - PORT=9999
-      - GOTRUE_SMTP_HOST=${GOTRUE_SMTP_HOST}                          # e.g. smtp.gmail.com
-      - GOTRUE_SMTP_PORT=${GOTRUE_SMTP_PORT}                          # e.g. 465
-      - GOTRUE_SMTP_USER=${GOTRUE_SMTP_USER}                          # email sender, e.g. noreply@appflowy.io
-      - GOTRUE_SMTP_PASS=${GOTRUE_SMTP_PASS}                          # email password
-      - GOTRUE_MAILER_URLPATHS_CONFIRMATION=/gotrue/verify
-      - GOTRUE_MAILER_URLPATHS_INVITE=/gotrue/verify
-      - GOTRUE_MAILER_URLPATHS_RECOVERY=/gotrue/verify
-      - GOTRUE_MAILER_URLPATHS_EMAIL_CHANGE=/gotrue/verify
-      - GOTRUE_MAILER_TEMPLATES_MAGIC_LINK=${GOTRUE_MAILER_TEMPLATES_MAGIC_LINK}
-      - GOTRUE_SMTP_ADMIN_EMAIL=${GOTRUE_SMTP_ADMIN_EMAIL}                # email with admin privileges e.g. internal@appflowy.io
-      - GOTRUE_SMTP_MAX_FREQUENCY=${GOTRUE_SMTP_MAX_FREQUENCY:-1ns}       # set to 1ns for running tests
-      - GOTRUE_RATE_LIMIT_EMAIL_SENT=${GOTRUE_RATE_LIMIT_EMAIL_SENT:-100} # number of email sendable per minute
-      - GOTRUE_MAILER_AUTOCONFIRM=${GOTRUE_MAILER_AUTOCONFIRM:-false}     # change this to true to skip email confirmation
-      # Google OAuth config
-      - GOTRUE_EXTERNAL_GOOGLE_ENABLED=${GOTRUE_EXTERNAL_GOOGLE_ENABLED}
-      - GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=${GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID}
-      - GOTRUE_EXTERNAL_GOOGLE_SECRET=${GOTRUE_EXTERNAL_GOOGLE_SECRET}
-      - GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=${GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI}
-      # GITHUB OAuth config
-      - GOTRUE_EXTERNAL_GITHUB_ENABLED=${GOTRUE_EXTERNAL_GITHUB_ENABLED}
-      - GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=${GOTRUE_EXTERNAL_GITHUB_CLIENT_ID}
-      - GOTRUE_EXTERNAL_GITHUB_SECRET=${GOTRUE_EXTERNAL_GITHUB_SECRET}
-      - GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=${GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI}
-      # Discord OAuth config
-      - GOTRUE_EXTERNAL_DISCORD_ENABLED=${GOTRUE_EXTERNAL_DISCORD_ENABLED}
-      - GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=${GOTRUE_EXTERNAL_DISCORD_CLIENT_ID}
-      - GOTRUE_EXTERNAL_DISCORD_SECRET=${GOTRUE_EXTERNAL_DISCORD_SECRET}
-      - GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=${GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI}
-      # SAML 2.0 OAuth config
-      - GOTRUE_SAML_ENABLED=${GOTRUE_SAML_ENABLED}
-      - GOTRUE_SAML_PRIVATE_KEY=${GOTRUE_SAML_PRIVATE_KEY}
-
-  appflowy_cloud:
-    restart: on-failure
-    environment:
-      - RUST_LOG=${RUST_LOG:-info}
-      - APPFLOWY_ENVIRONMENT=production
-      - APPFLOWY_DATABASE_URL=${APPFLOWY_DATABASE_URL}
-      - APPFLOWY_REDIS_URI=${APPFLOWY_REDIS_URI}
-      - APPFLOWY_GOTRUE_JWT_SECRET=${GOTRUE_JWT_SECRET}
-      - APPFLOWY_GOTRUE_JWT_EXP=${GOTRUE_JWT_EXP}
-      - APPFLOWY_GOTRUE_BASE_URL=${APPFLOWY_GOTRUE_BASE_URL}
-      - APPFLOWY_GOTRUE_EXT_URL=${API_EXTERNAL_URL}
-      - APPFLOWY_GOTRUE_ADMIN_EMAIL=${GOTRUE_ADMIN_EMAIL}
-      - APPFLOWY_GOTRUE_ADMIN_PASSWORD=${GOTRUE_ADMIN_PASSWORD}
-      - APPFLOWY_S3_CREATE_BUCKET=${APPFLOWY_S3_CREATE_BUCKET}
-      - APPFLOWY_S3_USE_MINIO=${APPFLOWY_S3_USE_MINIO}
-      - APPFLOWY_S3_MINIO_URL=${APPFLOWY_S3_MINIO_URL}
-      - APPFLOWY_S3_ACCESS_KEY=${APPFLOWY_S3_ACCESS_KEY}
-      - APPFLOWY_S3_SECRET_KEY=${APPFLOWY_S3_SECRET_KEY}
-      - APPFLOWY_S3_BUCKET=${APPFLOWY_S3_BUCKET}
-      - APPFLOWY_S3_REGION=${APPFLOWY_S3_REGION}
-      - APPFLOWY_S3_PRESIGNED_URL_ENDPOINT=${APPFLOWY_S3_PRESIGNED_URL_ENDPOINT}
-      - APPFLOWY_MAILER_SMTP_HOST=${APPFLOWY_MAILER_SMTP_HOST}
-      - APPFLOWY_MAILER_SMTP_PORT=${APPFLOWY_MAILER_SMTP_PORT}
-      - APPFLOWY_MAILER_SMTP_USERNAME=${APPFLOWY_MAILER_SMTP_USERNAME}
-      - APPFLOWY_MAILER_SMTP_EMAIL=${APPFLOWY_MAILER_SMTP_EMAIL}
-      - APPFLOWY_MAILER_SMTP_PASSWORD=${APPFLOWY_MAILER_SMTP_PASSWORD}
-      - APPFLOWY_MAILER_SMTP_TLS_KIND=${APPFLOWY_MAILER_SMTP_TLS_KIND}
-      - APPFLOWY_ACCESS_CONTROL=${APPFLOWY_ACCESS_CONTROL}
-      - APPFLOWY_DATABASE_MAX_CONNECTIONS=${APPFLOWY_DATABASE_MAX_CONNECTIONS}
-      - AI_SERVER_HOST=${AI_SERVER_HOST}
-      - AI_SERVER_PORT=${AI_SERVER_PORT}
-      - AI_OPENAI_API_KEY=${AI_OPENAI_API_KEY}
-      - APPFLOWY_ADMIN_FRONTEND_PATH_PREFIX=${ADMIN_FRONTEND_PATH_PREFIX}
-      - APPFLOWY_WEB_URL=${APPFLOWY_WEB_URL}
-    build:
-      context: .
-      dockerfile: Dockerfile
-      args:
-        FEATURES: ""
-    image: appflowyinc/appflowy_cloud:${APPFLOWY_CLOUD_VERSION:-latest}
-    depends_on:
-      gotrue:
-        condition: service_healthy
-
-  admin_frontend:
-    restart: on-failure
-    build:
-      context: .
-      dockerfile: ./admin_frontend/Dockerfile
-    image: appflowyinc/admin_frontend:${APPFLOWY_ADMIN_FRONTEND_VERSION:-latest}
-    environment:
-      - RUST_LOG=${RUST_LOG:-info}
-      - ADMIN_FRONTEND_REDIS_URL=${ADMIN_FRONTEND_REDIS_URL:-redis://redis:6379}
-      - ADMIN_FRONTEND_GOTRUE_URL=${ADMIN_FRONTEND_GOTRUE_URL:-http://gotrue:9999}
-      - ADMIN_FRONTEND_APPFLOWY_CLOUD_URL=${ADMIN_FRONTEND_APPFLOWY_CLOUD_URL:-http://appflowy_cloud:8000}
-      - ADMIN_FRONTEND_PATH_PREFIX=${ADMIN_FRONTEND_PATH_PREFIX:-}
-    depends_on:
-      appflowy_cloud:
-        condition: service_started
-
-  ai:
-    restart: on-failure
-    image: appflowyinc/appflowy_ai:${APPFLOWY_AI_VERSION:-latest}
-    environment:
-      - OPENAI_API_KEY=${AI_OPENAI_API_KEY}
-      - APPFLOWY_AI_SERVER_PORT=${AI_SERVER_PORT}
-      - APPFLOWY_AI_DATABASE_URL=${AI_DATABASE_URL}
-      - APPFLOWY_AI_REDIS_URL=${AI_REDIS_URL}
-    depends_on:
-      postgres:
-        condition: service_healthy
-
-  appflowy_worker:
-    restart: on-failure
-    image: appflowyinc/appflowy_worker:${APPFLOWY_WORKER_VERSION:-latest}
-    build:
-      context: .
-      dockerfile: ./services/appflowy-worker/Dockerfile
-    environment:
-      - RUST_LOG=${RUST_LOG:-info}
-      - APPFLOWY_ENVIRONMENT=production
-      - APPFLOWY_WORKER_REDIS_URL=${APPFLOWY_WORKER_REDIS_URL:-redis://redis:6379}
-      - APPFLOWY_WORKER_ENVIRONMENT=production
-      - APPFLOWY_WORKER_DATABASE_URL=${APPFLOWY_WORKER_DATABASE_URL}
-      - APPFLOWY_WORKER_DATABASE_NAME=${APPFLOWY_WORKER_DATABASE_NAME}
-      - APPFLOWY_WORKER_IMPORT_TICK_INTERVAL=30
-      - APPFLOWY_S3_USE_MINIO=${APPFLOWY_S3_USE_MINIO}
-      - APPFLOWY_S3_MINIO_URL=${APPFLOWY_S3_MINIO_URL}
-      - APPFLOWY_S3_ACCESS_KEY=${APPFLOWY_S3_ACCESS_KEY}
-      - APPFLOWY_S3_SECRET_KEY=${APPFLOWY_S3_SECRET_KEY}
-      - APPFLOWY_S3_BUCKET=${APPFLOWY_S3_BUCKET}
-      - APPFLOWY_S3_REGION=${APPFLOWY_S3_REGION}
-      - APPFLOWY_MAILER_SMTP_HOST=${APPFLOWY_MAILER_SMTP_HOST}
-      - APPFLOWY_MAILER_SMTP_PORT=${APPFLOWY_MAILER_SMTP_PORT}
-      - APPFLOWY_MAILER_SMTP_USERNAME=${APPFLOWY_MAILER_SMTP_USERNAME}
-      - APPFLOWY_MAILER_SMTP_EMAIL=${APPFLOWY_MAILER_SMTP_EMAIL}
-      - APPFLOWY_MAILER_SMTP_PASSWORD=${APPFLOWY_MAILER_SMTP_PASSWORD}
-      - APPFLOWY_MAILER_SMTP_TLS_KIND=${APPFLOWY_MAILER_SMTP_TLS_KIND}
-    depends_on:
-      postgres:
-        condition: service_healthy
-
-  appflowy_web:
-    restart: on-failure
-    image: appflowyinc/appflowy_web:${APPFLOWY_WEB_VERSION:-latest}
-    depends_on:
-      - appflowy_cloud
-    environment:
-      - AF_BASE_URL=${APPFLOWY_BASE_URL:?err}
-      - AF_GOTRUE_URL=${API_EXTERNAL_URL}
-volumes:
-  postgres_data:
-  minio_data:

nginx/external/appflowy-cloud-site.conf

@@ -0,0 +1,164 @@
+# Minimal external nginx configuration for AppFlowy-Cloud
+# Self Hosted AppFlowy Cloud user should alter this file to suit their needs
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    '' close;
+}
+
+server {
+    server_name appflowy-cloud.example.com;
+    listen 80;
+    underscores_in_headers on;
+    set $appflowy_cloud_backend "http://127.0.0.1:8000";
+    set $gotrue_backend "http://127.0.0.1:9999";
+    set $admin_frontend_backend "http://127.0.0.1:3001";
+    set $appflowy_web_backend "http://127.0.0.1:3000";
+    set $appflowy_ai_backend "http://127.0.0.1:5001";
+    set $minio_backend "http://127.0.0.1:9001";
+    set $minio_api_backend "http://127.0.0.1:9000";
+    # Host name for minio, used internally within docker compose
+    set $minio_internal_host "minio:9000";
+
+    # GoTrue
+    location /gotrue/ {
+        proxy_pass $gotrue_backend;
+
+        rewrite ^/gotrue(/.*)$ $1 break;
+
+        # Allow headers like redirect_to to be handed over to the gotrue
+        # for correct redirecting
+        proxy_set_header Host $http_host;
+        proxy_pass_request_headers on;
+    }
+
+    # WebSocket
+    location /ws {
+        proxy_pass $appflowy_cloud_backend;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_read_timeout 86400;
+    }
+
+    location /api {
+        proxy_pass $appflowy_cloud_backend;
+        proxy_set_header X-Request-Id $request_id;
+        proxy_set_header Host $http_host;
+
+        location ~* ^/api/workspace/([a-zA-Z0-9_-]+)/publish$ {
+            proxy_pass $appflowy_cloud_backend;
+            proxy_request_buffering off;
+            client_max_body_size 256M;
+        }
+
+        # AppFlowy-Cloud
+        location /api/chat {
+            proxy_pass $appflowy_cloud_backend;
+
+            proxy_http_version 1.1;
+            proxy_set_header Connection "";
+            chunked_transfer_encoding on;
+            proxy_buffering off;
+            proxy_cache off;
+
+            proxy_read_timeout 600s;
+            proxy_connect_timeout 600s;
+            proxy_send_timeout 600s;
+        }
+
+        location /api/import {
+            proxy_pass $appflowy_cloud_backend;
+
+            # Set headers
+            proxy_set_header X-Request-Id $request_id;
+            proxy_set_header Host $http_host;
+
+            # Timeouts
+            proxy_read_timeout 600s;
+            proxy_connect_timeout 600s;
+            proxy_send_timeout 600s;
+
+            # Disable buffering for large file uploads
+            proxy_request_buffering off;
+            proxy_buffering off;
+            proxy_cache off;
+            client_max_body_size 2G;
+        }
+    }
+
+
+    # AppFlowy AI
+    location /ai {
+        proxy_pass $appflowy_ai_backend;
+        proxy_set_header Host $host;
+        proxy_pass_request_headers on;
+    }
+
+    # Minio Web UI
+    # Derive from: https://min.io/docs/minio/linux/integrations/setup-nginx-proxy-with-minio.html
+    # Optional Module, comment this section if you are did not deploy minio in docker-compose.yml
+    # This endpoint is meant to be used for the MinIO Web UI, accessible via the admin portal
+    location /minio/ {
+        proxy_pass $minio_backend;
+
+        rewrite ^/minio/(.*) /$1 break;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-NginX-Proxy true;
+
+        ## This is necessary to pass the correct IP to be hashed
+        real_ip_header X-Real-IP;
+
+        proxy_connect_timeout 300;
+
+        ## To support websockets in MinIO versions released after January 2023
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
+        # Uncomment the following line to set the Origin request to an empty string
+        # proxy_set_header Origin '';
+
+        chunked_transfer_encoding off;
+    }
+
+    # Optional Module, comment this section if you are did not deploy minio in docker-compose.yml
+    # This is used for presigned url, which is needs to be exposed to the AppFlowy client application.
+    location /minio-api/ {
+        proxy_pass $minio_api_backend;
+
+        # Set the host to internal host because the presigned url was signed against the internal host
+        proxy_set_header Host $minio_internal_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        rewrite ^/minio-api/(.*) /$1 break;
+
+        proxy_connect_timeout 300;
+        # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+        chunked_transfer_encoding off;
+    }
+
+    # Admin Frontend
+    # Optional Module, comment this section if you are did not deploy admin_frontend in docker-compose.yml
+    location /console {
+        proxy_pass $admin_frontend_backend;
+
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header Host $host;
+    }
+
+    # AppFlowy Web
+    location / {
+        proxy_pass $appflowy_web_backend;
+        proxy_set_header X-Scheme $scheme;
+        proxy_set_header Host $host;
+    }
+}