feat: infisical template

2025-06-26 18:27:59 +00:00 · 2024-10-27 19:48:07 +00:00
parent b7d45341bc
commit 15051a1bc2
4 changed files with 195 additions and 0 deletions
--- a/apps/dokploy/public/templates/infisical.jpg
+++ b/apps/dokploy/public/templates/infisical.jpg
--- a/apps/dokploy/templates/infisical/docker-compose.yml
+++ b/apps/dokploy/templates/infisical/docker-compose.yml
@@ -0,0 +1,87 @@
+services:
+  db-migration:
+    depends_on:
+      db:
+        condition: service_healthy
+    image: infisical/infisical:v0.90.1-postgres
+    environment:
+      - NODE_ENV=production
+      - ENCRYPTION_KEY
+      - AUTH_SECRET
+      - SITE_URL
+      - DB_CONNECTION_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
+      - REDIS_URL=redis://redis:6379
+      - SMTP_HOST
+      - SMTP_PORT
+      - SMTP_FROM_NAME
+      - SMTP_USERNAME
+      - SMTP_PASSWORD
+      - SMTP_SECURE=true
+    command: npm run migration:latest
+    pull_policy: always
+    networks:
+      - dokploy-network
+
+  backend:
+    restart: unless-stopped
+    depends_on:
+      db:
+        condition: service_healthy
+      redis:
+        condition: service_started
+      db-migration:
+        condition: service_completed_successfully
+    image: infisical/infisical:v0.90.1-postgres
+    pull_policy: always
+    environment:
+      - NODE_ENV=production
+      - ENCRYPTION_KEY
+      - AUTH_SECRET
+      - SITE_URL
+      - DB_CONNECTION_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
+      - REDIS_URL=redis://redis:6379
+      - SMTP_HOST
+      - SMTP_PORT
+      - SMTP_FROM_NAME
+      - SMTP_USERNAME
+      - SMTP_PASSWORD
+      - SMTP_SECURE=true
+    networks:
+      - dokploy-network
+
+  redis:
+    image: redis:7.4.1
+    env_file: .env
+    restart: always
+    environment:
+      - ALLOW_EMPTY_PASSWORD=yes
+    networks:
+      - dokploy-network
+    volumes:
+      - redis_infisical_data:/data
+
+  db:
+    image: postgres:14-alpine
+    restart: always
+    environment:
+      - POSTGRES_PASSWORD
+      - POSTGRES_USER
+      - POSTGRES_DB
+    volumes:
+      - pg_infisical_data:/var/lib/postgresql/data
+    networks:
+      - dokploy-network
+    healthcheck:
+      test: "pg_isready --username=${POSTGRES_USER} && psql --username=${POSTGRES_USER} --list"
+      interval: 5s
+      timeout: 10s
+      retries: 10
+
+volumes:
+  pg_infisical_data:
+  redis_infisical_data:
+
+networks:
+  dokploy-network:
+    external: true
+
--- a/apps/dokploy/templates/infisical/index.ts
+++ b/apps/dokploy/templates/infisical/index.ts
@@ -0,0 +1,93 @@
+import {
+	type DomainSchema,
+	type Schema,
+	type Template,
+	generateRandomDomain,
+} from "../utils";
+
+export function generate(schema: Schema): Template {
+	const domains: DomainSchema[] = [
+		{
+			host: generateRandomDomain(schema),
+			port: 8080,
+			serviceName: "backend",
+		},
+	];
+
+	const envs = [
+		"# THIS IS A SAMPLE ENCRYPTION KEY AND SHOULD NEVER BE USED FOR PRODUCTION",
+		"ENCRYPTION_KEY=6c1fe4e407b8911c104518103505b218",
+		"",
+		"# THIS IS A SAMPLE AUTH_SECRET KEY AND SHOULD NEVER BE USED FOR PRODUCTION",
+		"AUTH_SECRET=5lrMXKKWCVocS/uerPsl7V+TX/aaUaI7iDkgl3tSmLE=",
+		"# Postgres creds",
+		"POSTGRES_PASSWORD=infisical",
+		"POSTGRES_USER=infisical",
+		"POSTGRES_DB=infisical",
+		"",
+		"# Website URL",
+		"# Required",
+		"SITE_URL=http://localhost:8080",
+		"",
+		"# Mail/SMTP",
+		"SMTP_HOST=",
+		"SMTP_PORT=",
+		"SMTP_NAME=",
+		"SMTP_USERNAME=",
+		"SMTP_PASSWORD=",
+		"",
+		"# Integration",
+		"# Optional only if integration is used",
+		"CLIENT_ID_HEROKU=",
+		"CLIENT_ID_VERCEL=",
+		"CLIENT_ID_NETLIFY=",
+		"CLIENT_ID_GITHUB=",
+		"CLIENT_ID_GITHUB_APP=",
+		"CLIENT_SLUG_GITHUB_APP=",
+		"CLIENT_ID_GITLAB=",
+		"CLIENT_ID_BITBUCKET=",
+		"CLIENT_SECRET_HEROKU=",
+		"CLIENT_SECRET_VERCEL=",
+		"CLIENT_SECRET_NETLIFY=",
+		"CLIENT_SECRET_GITHUB=",
+		"CLIENT_SECRET_GITHUB_APP=",
+		"CLIENT_SECRET_GITLAB=",
+		"CLIENT_SECRET_BITBUCKET=",
+		"CLIENT_SLUG_VERCEL=",
+		"",
+		"CLIENT_PRIVATE_KEY_GITHUB_APP=",
+		"CLIENT_APP_ID_GITHUB_APP=",
+		"",
+		"# Sentry (optional) for monitoring errors",
+		"SENTRY_DSN=",
+		"",
+		"# Infisical Cloud-specific configs",
+		"# Ignore - Not applicable for self-hosted version",
+		"POSTHOG_HOST=",
+		"POSTHOG_PROJECT_API_KEY=",
+		"",
+		"# SSO-specific variables",
+		"CLIENT_ID_GOOGLE_LOGIN=",
+		"CLIENT_SECRET_GOOGLE_LOGIN=",
+		"",
+		"CLIENT_ID_GITHUB_LOGIN=",
+		"CLIENT_SECRET_GITHUB_LOGIN=",
+		"",
+		"CLIENT_ID_GITLAB_LOGIN=",
+		"CLIENT_SECRET_GITLAB_LOGIN=",
+		"",
+		"CAPTCHA_SECRET=",
+		"",
+		"NEXT_PUBLIC_CAPTCHA_SITE_KEY=",
+		"",
+		"PLAIN_API_KEY=",
+		"PLAIN_WISH_LABEL_IDS=",
+		"",
+		"SSL_CLIENT_CERTIFICATE_HEADER_KEY=",
+	];
+
+	return {
+		domains,
+		envs,
+	};
+}
--- a/apps/dokploy/templates/templates.ts
+++ b/apps/dokploy/templates/templates.ts
@@ -572,4 +572,19 @@ export const templates: TemplateData[] = [
 		tags: ["self-hosted", "open-source", "storage", "database"],
 		load: () => import("./influxdb/index").then((m) => m.generate),
 	},
+	{
+		id: "infisical",
+		name: "Infisical",
+		version: "0.90.1",
+		description:
+			"All-in-one platform to securely manage application configuration and secrets across your team and infrastructure.",
+		logo: "infisical.jpg",
+		links: {
+			github: "https://github.com/Infisical/infisical",
+			website: "https://infisical.com/",
+			docs: "https://infisical.com/docs/documentation/getting-started/introduction",
+		},
+		tags: ["self-hosted", "open-source"],
+		load: () => import("./infisical/index").then((m) => m.generate),
+	},
 ];