version: '3.8' name: canvus # ============================================================================== # Canvus Server - Production Deployment (Combined Container) # ============================================================================== # # This deploys Canvus Server using a combined container that includes both # the server and dashboard in a single image, plus PostgreSQL. # # Registry Credentials: # Username: canvus-deploy # Token: gldt-synTX_NnF8LcmnktR1xK # # Quick Start: # 1. sudo podman login docker.multitaction.com -u canvus-deploy -p gldt-synTX_NnF8LcmnktR1xK # 2. wget https://canvus-downloads.s3.amazonaws.com/server/podman-compose.yml # 3. Edit CANVUS_EXTERNAL_URL below to match your domain # 4. sudo podman-compose up -d # # Access: # - Dashboard: https://localhost (or your configured domain) # - Default admin: admin@local.local / Taction123! # # NOTE: sudo required for all podman commands — Podman uses separate # namespaces for root vs. user. Start with sudo, use sudo everywhere. # # IMPORTANT: Use Podman (not Docker) to avoid enterprise licensing costs. # Install: sudo apt install -y podman podman-compose # # ============================================================================== services: # ============================================================================ # PostgreSQL Database # ============================================================================ postgres: image: docker.multitaction.com/swrd/conan/canvus/canvus-server/postgres:3.4.12 container_name: canvus-postgres restart: unless-stopped environment: POSTGRES_DB: canvus POSTGRES_USER: canvus POSTGRES_PASSWORD: canvus volumes: # :Z enables SELinux relabeling (required for RHEL/Fedora, ignored on Ubuntu) - /canvus-data/postgres:/var/lib/postgresql/data:Z - /canvus-data/backups/database:/backups:Z networks: - canvus-network healthcheck: test: ["CMD-SHELL", "pg_isready -U canvus -d canvus"] interval: 10s timeout: 5s start_period: 30s retries: 5 # ============================================================================ # Canvus Server + Dashboard (Combined) # ============================================================================ canvus: image: docker.multitaction.com/swrd/conan/canvus/canvus-server/combined:3.4.12 container_name: canvus-combined restart: unless-stopped depends_on: postgres: condition: service_healthy cap_add: - NET_BIND_SERVICE environment: # Database connection POSTGRES_HOST: postgres POSTGRES_PORT: 5432 POSTGRES_DB: canvus POSTGRES_USER: canvus POSTGRES_PASSWORD: canvus # Server configuration # EDIT: Change to your domain name CANVUS_EXTERNAL_URL: https://localhost # SSL Configuration (recommended for production) CANVUS_SSL_ENABLED: "true" CANVUS_HTTPS_PORT: 443 # NOTE: HTTP redirect always listens on port 80 inside the container. # To change the host-side HTTP port, modify the port mapping below. # Admin account (created on first startup only) # EDIT: Change these credentials! CANVUS_ADMIN_EMAIL: admin@local.local CANVUS_ADMIN_PASSWORD: Taction123! # License activation (optional - can also activate via dashboard) # CANVUS_LICENSE_KEY: YOUR-ACTIVATION-KEY # Dashboard configuration (internal) BACKEND_PORT: 5805 NODE_ENV: production volumes: # :Z enables SELinux relabeling (required for RHEL/Fedora, ignored on Ubuntu) - /canvus-data/config:/etc/MultiTaction/canvus:Z - /canvus-data/certs:/etc/MultiTaction/canvus/server/certificates:Z - /canvus-data/assets:/var/lib/mt-canvus-server/assets:Z - /canvus-data/logs:/var/lib/mt-canvus-server/logs:Z - /canvus-data/licenses:/var/lib/mt-canvus-server/MultiTaction/Licenses:Z - /canvus-data/backups:/var/lib/mt-canvus-server/backups:Z networks: - canvus-network ports: - "80:80" # HTTP redirect (always port 80 inside container) - "443:443" # HTTPS (matches CANVUS_HTTPS_PORT) healthcheck: test: ["CMD-SHELL", "/usr/local/bin/health-check.sh"] interval: 30s timeout: 10s start_period: 120s retries: 5 networks: canvus-network: driver: bridge