# ============================================================================ # atBB Docker Compose Example # ============================================================================ # This example demonstrates how to run atBB with PostgreSQL for local testing # and development. For production deployments, see docs/deployment-guide.md. # # Prerequisites: # - Docker Engine 20.10+ or Docker Desktop # - Docker Compose v2.0+ # - .env file with your configuration (copy .env.production.example) # # Quick Start: # 1. Copy environment template: # cp .env.production.example .env # # 2. Generate session secret: # openssl rand -hex 32 # # 3. Edit .env and fill in required values: # - SESSION_SECRET (generated above) # - FORUM_DID (your forum's AT Protocol DID) # - PDS_URL (your PDS server URL) # - FORUM_HANDLE (your forum's handle) # - FORUM_PASSWORD (your forum account password) # - OAUTH_PUBLIC_URL (e.g., http://localhost for local testing) # # 4. Start services: # docker-compose -f docker-compose.example.yml up -d # # 5. Run database migrations (IMPORTANT - do this before first use): # docker-compose -f docker-compose.example.yml exec atbb \ # pnpm --filter @atbb/appview db:migrate # # 6. Access your forum at http://localhost # # Management: # - View logs: docker-compose -f docker-compose.example.yml logs -f # - Stop services: docker-compose -f docker-compose.example.yml down # - Remove data: docker-compose -f docker-compose.example.yml down -v # - Restart: docker-compose -f docker-compose.example.yml restart # # Production Deployment: # This example is for LOCAL TESTING ONLY. For production: # - Use managed PostgreSQL (AWS RDS, DigitalOcean, etc.) # - Use strong passwords (minimum 16 characters) # - Enable HTTPS with Caddy or nginx reverse proxy # - Set OAUTH_PUBLIC_URL to your actual domain (https://forum.example.com) # - Use environment variable injection instead of .env files # - Enable database SSL/TLS (?sslmode=require) # - Set up automated backups and monitoring # - Review security checklist in .env.production.example # # See docs/deployment-guide.md for complete production setup instructions. # ============================================================================ version: '3.8' services: # PostgreSQL Database # Stores forum data: posts, users, categories, moderation actions. postgres: image: postgres:17-alpine container_name: atbb-postgres # Database credentials # For local testing only - use strong passwords in production! environment: POSTGRES_USER: atbb POSTGRES_PASSWORD: atbb_local_dev_password POSTGRES_DB: atbb # Expose PostgreSQL port for debugging (optional) # Remove in production or restrict to localhost: "127.0.0.1:5432:5432" ports: - "5432:5432" # Persist database data across container restarts # Data stored in Docker volume: docker volume inspect atbb_postgres_data volumes: - postgres_data:/var/lib/postgresql/data # Health check ensures database is ready before starting atbb service # Prevents connection errors during startup healthcheck: test: ["CMD-SHELL", "pg_isready -U atbb"] interval: 10s timeout: 5s retries: 5 start_period: 10s # Restart policy: restart unless explicitly stopped # Ensures database comes back online after host reboot restart: unless-stopped # atBB Application # Runs both appview (API) and web (UI) services with nginx routing. atbb: # Build from Dockerfile in current directory build: context: . dockerfile: Dockerfile container_name: atbb-app # Expose nginx port (public HTTP access) # nginx routes: # - /api/* → appview:3000 (API server) # - /* → web:3001 (web UI) ports: - "80:80" # Wait for database to be healthy before starting # Prevents connection errors at startup depends_on: postgres: condition: service_healthy # Environment variables # Load from .env file + override specific values # NOTE: DATABASE_URL must use container name "postgres" as hostname environment: # Database connection (uses container service name as hostname) DATABASE_URL: postgresql://atbb:atbb_local_dev_password@postgres:5432/atbb # AT Protocol credentials (loaded from .env file) FORUM_DID: ${FORUM_DID} PDS_URL: ${PDS_URL} FORUM_HANDLE: ${FORUM_HANDLE} FORUM_PASSWORD: ${FORUM_PASSWORD} # OAuth configuration # For local testing, use http://localhost # For production, use your actual domain (https://forum.example.com) OAUTH_PUBLIC_URL: ${OAUTH_PUBLIC_URL} # Internal service communication # Web service connects to appview API at http://localhost:3000 # (both run in same container, so localhost is correct) APPVIEW_URL: http://localhost:3000 # Session encryption key # CRITICAL: Generate with: openssl rand -hex 32 SESSION_SECRET: ${SESSION_SECRET} # Optional: Session TTL (defaults to 7 days if not set) # SESSION_TTL_DAYS: ${SESSION_TTL_DAYS:-7} # Optional: Jetstream firehose URL (uses default if not set) # JETSTREAM_URL: ${JETSTREAM_URL:-wss://jetstream2.us-east.bsky.network/subscribe} # Load additional environment variables from .env file # Variables defined above take precedence over .env file env_file: - .env # Health check for container orchestration # Verifies web UI is responding to requests # NOTE: This checks nginx, which proxies to both appview and web healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost/"] interval: 30s timeout: 3s retries: 3 start_period: 10s # Restart policy: restart unless explicitly stopped # Ensures forum comes back online after crashes or host reboot restart: unless-stopped # Named volumes for data persistence # Volumes survive container removal (docker-compose down) # To remove volumes: docker-compose down -v volumes: postgres_data: # PostgreSQL data directory # Contains all forum data (posts, users, categories, etc.) # Backup strategy: Use pg_dump or managed database backups in production