chore(17-01): add MinIO to Docker Compose and S3 env config

- Add MinIO + mc init container to docker-compose.dev.yml (fixed creds, console on :9001) - Add MinIO + mc init container to docker-compose.yml (env var creds, no console) - Add S3 env vars to app service in production compose - Remove uploads volume from production compose (replaced by MinIO) - Add S3 configuration section to .env.example
2026-04-05 12:16:16 +02:00
parent f845f878fe
commit 88f988c28d
3 changed files with 179 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,88 @@
+services:
+  postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_USER: gearbox
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: gearbox
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+      - ./docker/init-logto-db.sql:/docker-entrypoint-initdb.d/init-logto-db.sql
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U gearbox"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
+  logto:
+    image: svhd/logto:latest
+    depends_on:
+      postgres:
+        condition: service_healthy
+    entrypoint: ["sh", "-c", "npm run cli db seed -- --swe && npm start"]
+    ports:
+      - "3001:3001"
+      - "3002:3002"
+    environment:
+      TRUST_PROXY_HEADER: "1"
+      DB_URL: postgres://gearbox:${POSTGRES_PASSWORD}@postgres:5432/logto
+      ENDPOINT: ${LOGTO_ENDPOINT:-http://localhost:3001}
+      ADMIN_ENDPOINT: ${LOGTO_ADMIN_ENDPOINT:-http://localhost:3002}
+
+  # MinIO S3-compatible object storage for image uploads.
+  # Note: MinIO GitHub repo archived Feb 2026. The S3 API abstraction in
+  # storage.service.ts makes the provider swappable (SeaweedFS, Garage, AWS S3).
+  minio:
+    image: quay.io/minio/minio:RELEASE.2025-09-07T16-13-09Z
+    command: server /data --console-address ":9001"
+    environment:
+      MINIO_ROOT_USER: ${S3_ACCESS_KEY}
+      MINIO_ROOT_PASSWORD: ${S3_SECRET_KEY}
+    ports:
+      - "9000:9000"
+    volumes:
+      - minio-data:/data
+    healthcheck:
+      test: ["CMD", "mc", "ready", "local"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+
+  minio-init:
+    image: quay.io/minio/mc:latest
+    depends_on:
+      minio:
+        condition: service_healthy
+    entrypoint: >
+      /bin/sh -c "
+      mc alias set myminio http://minio:9000 ${S3_ACCESS_KEY:-minioadmin} ${S3_SECRET_KEY:-minioadmin};
+      mc mb --ignore-existing myminio/gearbox-images;
+      exit 0;
+      "
+
+  app:
+    image: gearbox:latest
+    environment:
+      DATABASE_URL: postgresql://gearbox:${POSTGRES_PASSWORD}@postgres:5432/gearbox
+      GEARBOX_URL: ${GEARBOX_URL}
+      OIDC_ISSUER: ${LOGTO_ENDPOINT:-http://localhost:3001}/oidc
+      OIDC_CLIENT_ID: ${LOGTO_CLIENT_ID}
+      OIDC_CLIENT_SECRET: ${LOGTO_CLIENT_SECRET}
+      OIDC_AUTH_SECRET: ${OIDC_AUTH_SECRET}
+      S3_ENDPOINT: http://minio:9000
+      S3_ACCESS_KEY: ${S3_ACCESS_KEY}
+      S3_SECRET_KEY: ${S3_SECRET_KEY}
+      S3_BUCKET: gearbox-images
+    ports:
+      - "3000:3000"
+    depends_on:
+      postgres:
+        condition: service_healthy
+      logto:
+        condition: service_started
+      minio:
+        condition: service_healthy
+
+volumes:
+  pgdata:
+  minio-data: