julian
2c49328e12
postgres service uses timescale/timescaledb-ha:pg16.6-ts2.17.2-all,
which bundles TimescaleDB and PostGIS (and others) ready for CREATE
EXTENSION. This avoids a future DB image swap when Phase 2 of processor
needs PostGIS for the geofence engine. Pinned to a specific tag for
reproducibility; the Docker Hub URL for verification is in the comment.
Data directory mount path is /home/postgres/pgdata/data (the ha-image
layout, different from the stock postgres image's /var/lib/...).
Internal-only — no host port mapping. POSTGRES_USER/PASSWORD/DB env
vars retained as the credential mechanism; if the ha-image rejects
them, fix the env-var scheme without changing the rest of the layout.
processor service references git.dev.microservices.al/trm/processor:
${PROCESSOR_TAG:-main}, depends on Redis + Postgres healthy, takes its
POSTGRES_URL from the same credential vars Postgres bootstraps with.
.env.example documents the new POSTGRES_*, PROCESSOR_TAG, and
PROCESSOR_INSTANCE_ID variables. Important: POSTGRES_PASSWORD only
applies on first boot; rotate via ALTER USER inside psql afterwards.
60 lines
2.5 KiB
Bash
60 lines
2.5 KiB
Bash
# Copy to `.env` for local docker-compose runs, OR enter these values in
|
|
# Portainer's Stack → Environment variables UI.
|
|
#
|
|
# All variables have defaults baked into compose.yaml — this file is the
|
|
# documentation of what's configurable, not a hard requirement.
|
|
|
|
# ---------------------------------------------------------------------
|
|
# tcp-ingestion
|
|
# ---------------------------------------------------------------------
|
|
|
|
# Image tag to pull. `main` auto-tracks the latest commit on the main branch.
|
|
# In production, pin to a specific commit SHA for reproducibility.
|
|
# Example: TCP_INGESTION_TAG=af06973
|
|
TCP_INGESTION_TAG=main
|
|
|
|
# Instance identifier — must be stable across the lifetime of the process.
|
|
# Phase 2's connection registry depends on this; keep it unique per deployed
|
|
# instance (e.g. `stage-1`, `stage-2`, `prod-eu-1`).
|
|
TCP_INGESTION_INSTANCE_ID=stage-1
|
|
|
|
# Host port that GPS devices connect to. The container always listens on 5027
|
|
# internally; this maps it to a host port. If multiple stacks run on one host,
|
|
# give each a distinct host port (e.g. 5028, 5029).
|
|
TCP_INGESTION_PORT=5027
|
|
|
|
# ---------------------------------------------------------------------
|
|
# postgres / TimescaleDB
|
|
# ---------------------------------------------------------------------
|
|
|
|
# Database superuser, password, and default database. Created on first
|
|
# boot of the postgres container; the volume persists them after that.
|
|
# IMPORTANT: change POSTGRES_PASSWORD before deploying to production.
|
|
# Changing it after first boot has no effect — the volume already has
|
|
# the password baked in. To rotate, ALTER USER inside psql.
|
|
POSTGRES_USER=trm
|
|
POSTGRES_PASSWORD=trm-pilot-change-me
|
|
POSTGRES_DB=trm
|
|
|
|
# ---------------------------------------------------------------------
|
|
# processor
|
|
# ---------------------------------------------------------------------
|
|
|
|
# Image tag to pull. `main` auto-tracks the latest commit on the main branch.
|
|
# In production, pin to a specific commit SHA for reproducibility.
|
|
# Example: PROCESSOR_TAG=9791620
|
|
PROCESSOR_TAG=main
|
|
|
|
# Instance identifier — must be stable across the lifetime of the process,
|
|
# AND unique per running instance (it's used as the Redis consumer-group
|
|
# member name; two instances with the same name will read from the same
|
|
# Pending Entries List, which is undefined behaviour).
|
|
PROCESSOR_INSTANCE_ID=processor-1
|
|
|
|
# ---------------------------------------------------------------------
|
|
# Shared
|
|
# ---------------------------------------------------------------------
|
|
|
|
# pino log level: fatal | error | warn | info | debug | trace
|
|
LOG_LEVEL=info
|