Deployment updates

.github/workflows/docker-images.yml

@@ -41,24 +41,60 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
+      - name: 'Setup jq'
+        uses: dcarbone/install-jq-action@v3
+        with:
+          version: '1.7'
+
       - name: Set environment variables
         shell: bash
         run: |
           # Get the short SHA of last commit
           echo "SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)" >> "${GITHUB_ENV}"
-          
+
           # Get branch name - we don't use github.ref_head_name since we don't build on PRs
           echo "BRANCH_NAME=${{ github.ref_name }}" >> "${GITHUB_ENV}"
-          
+
           # Set docker image tag
-          echo "IMAGE_TAG=${{ inputs.imageTag || github.ref_name }}" >> "${GITHUB_ENV}"
-
+          IMAGE_TAG=${{ inputs.imageTag || github.ref_name }}
+
+          # Check whether it's a release
+          LATEST_TAG=$(
+            curl -s -L \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ github.token }}" \
+              https://api.github.com/repos/${{ github.repository }}/releases/latest \
+              | jq -r '.tag_name'
+          )
+          IS_LATEST="false"
+          if [[ "${LATEST_TAG}" == "${{ github.event.release.tag_name }}" ]]; then
+              IS_LATEST="true"
+          fi;
+
           # Control which images to build
           echo "BUILD_ALLINONE=${{ inputs.build_allinone || true }}" >> "${GITHUB_ENV}"
           echo "BUILD_FRONTEND=${{ inputs.build_frontend || true }}" >> "${GITHUB_ENV}"
           echo "BUILD_NODESERVICE=${{ inputs.build_nodeservice || true }}" >> "${GITHUB_ENV}"
           echo "BUILD_APISERVICE=${{ inputs.build_apiservice || true }}" >> "${GITHUB_ENV}"
 
+          # Image names
+          ALLINONE_IMAGE_NAMES=lowcoderorg/lowcoder-ce:${IMAGE_TAG}
+          FRONTEND_IMAGE_NAMES=lowcoderorg/lowcoder-ce-frontend:${IMAGE_TAG}
+          APISERVICE_IMAGE_NAMES=lowcoderorg/lowcoder-ce-api-service:${IMAGE_TAG}
+          NODESERVICE_IMAGE_NAMES=lowcoderorg/lowcoder-ce-node-service:${IMAGE_TAG}
+
+          if [[ "${IS_LATEST}" == "true" ]]; then
+               ALLINONE_IMAGE_NAMES="lowcoderorg/lowcoder-ce:latest,${ALLINONE_IMAGE_NAMES}"
+               FRONTEND_IMAGE_NAMES="lowcoderorg/lowcoder-ce-frontend:latest,${FRONTEND_IMAGE_NAMES}"
+               APISERVICE_IMAGE_NAMES="lowcoderorg/lowcoder-ce-api-service:latest,${APISERVICE_IMAGE_NAMES}"
+               NODESERVICE_IMAGE_NAMES="lowcoderorg/lowcoder-ce-node-service:latest,${NODESERVICE_IMAGE_NAMES}"
+          fi;
+
+          echo "ALLINONE_IMAGE_NAMES=${ALLINONE_IMAGE_NAMES}" >> "${GITHUB_ENV}"
+          echo "FRONTEND_IMAGE_NAMES=${FRONTEND_IMAGE_NAMES}" >> "${GITHUB_ENV}"
+          echo "APISERVICE_IMAGE_NAMES=${APISERVICE_IMAGE_NAMES}" >> "${GITHUB_ENV}"
+          echo "NODESERVICE_IMAGE_NAMES=${NODESERVICE_IMAGE_NAMES}" >> "${GITHUB_ENV}"
+
       - name: Checkout lowcoder source
         uses: actions/checkout@v4
         with:
@@ -91,7 +127,7 @@ jobs:
             linux/amd64
             linux/arm64
           push: true
-          tags: lowcoderorg/lowcoder-ce:${{ env.IMAGE_TAG }}
+          tags: ${{ env.ALLINONE_IMAGE_NAMES }}
 
       - name: Build and push the frontend image
         if: ${{ env.BUILD_FRONTEND == 'true' }}
@@ -108,7 +144,7 @@ jobs:
             linux/amd64
             linux/arm64
           push: true
-          tags: lowcoderorg/lowcoder-ce-frontend:${{ env.IMAGE_TAG }}
+          tags: ${{ env.FRONTEND_IMAGE_NAMES }}
 
       - name: Build and push the node service image
         if: ${{ env.BUILD_NODESERVICE == 'true' }}
@@ -120,7 +156,7 @@ jobs:
             linux/amd64
             linux/arm64
           push: true
-          tags: lowcoderorg/lowcoder-ce-node-service:${{ env.IMAGE_TAG }}
+          tags: ${{ env.NODESERVICE_IMAGE_NAMES }}
 
       - name: Build and push the API service image
         if: ${{ env.BUILD_APISERVICE == 'true' }}
@@ -132,5 +168,5 @@ jobs:
             linux/amd64
             linux/arm64
           push: true
-          tags: lowcoderorg/lowcoder-ce-api-service:${{ env.IMAGE_TAG }}
+          tags: ${{ env.APISERVICE_IMAGE_NAMES }}
 

deploy/docker/README.md

@@ -4,6 +4,7 @@ Included Dockerfile can be used to build an **all-in-one** image with all requir
 
 For examples on running the all-in-one image or the multi image deployment see **deploy/docker/docker-compose.yaml** and **deploy/docker/docker-compose-multi.yaml**
 
+Environment variables used to configure various aspects of the services are stored in **default.env**, **default-multi.env** and **override.env**. Look into the **default** files to see which variables can be set and what are the default values. To change the defaults, use **override.env**. You don't have to use **--env-file** parameter with **doker compose** because the files are loaded from within `docker-compose.yaml` and `docker-compose-multi.yaml`.
 
 ## all-in-one image
 
@@ -50,14 +51,18 @@ Image can be configured by setting environment variables.
 | `LOWCODER_MAX_DEVELOPERS`           | Default maximum developers                                              | `100`                                                 |
 | `LOWCODER_WORKSPACE_MODE`           | SAAS to activate, ENTERPRISE to switch off - Workspaces                 | `SAAS`                                                |
 | `LOWCODER_EMAIL_SIGNUP_ENABLED`     | Control if users create their own Workspace automatic when Sign Up      | `true`                                                |
+| `LOWCODER_EMAIL_AUTH_ENABLED`       | Controls whether authentication via email is enabled                    | `true`                                                |
 | `LOWCODER_CREATE_WORKSPACE_ON_SIGNUP` | IF LOWCODER_WORKSPACE_MODE = SAAS, controls if a own workspace is created for the user after sign up   | `true`               |
 | `LOWCODER_MARKETPLACE_PRIVATE_MODE` | Control if not to show Apps on the local Marketplace to anonymous users | `true`                                                |
 | `LOWCODER_SUPERUSER_USERNAME`       | Username of the Super-User of an Lowcoder Installation | `admin@localhost`                                                      |
 | `LOWCODER_SUPERUSER_PASSWORD`       | Password of the Super-User, if not present or empty, it will be generated | `generated and printed into log file                |
-
+| `LOWCODER_PLUGINS_DIR`              | Directory holding lowcoder plugins                                      | `/lowcoder-stacks/plugins`                            |
+| `LOWCODER_COOKIE_NAME`              | Name of the lowcoder application cookie                                 | `LOWCODER_CE_SELFHOST_TOKEN`                          |
+| `LOWCODER_COOKIE_MAX_AGE`           | Lowcoder application cookie max age in hours                            | `24`                                                  |
+| `LOWCODER_APP_SNAPSHOT_RETENTIONTIME` | Application snapshots retention time in days                          | `30`                                                  |
 
 Also you should set the API-KEY secret, whcih should be a string of at least 32 random characters. (from Lowcoder v2.3.x on)
-On linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
+On linux/mac, generate one eg. with: `head /dev/urandom | head -c 30 | shasum -a 256`
 
 | Environment variable                | Description                                                             | Default-Value                                         |
 |-------------------------------------| ----------------------------------------------------------------------- | ----------------------------------------------------- |
@@ -76,7 +81,7 @@ To enable secure Password Reset flow for the users, you need to configure your o
 | `LOWCODER_ADMIN_SMTP_SSL_ENABLED`         | Enable SSL encryption                                   | `false`              |
 | `LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED`    | Enable STARTTLS encryption                              | `true`               |
 | `LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED`   | Require STARTTLS encryption                             | `true`               |
-| `LOWCODER_LOST_PASSWORD_EMAIL_SENDER`     | "from" Email address of the password Reset Email Sender | `[email protected]` |
+| `LOWCODER_EMAIL_NOTIFICATIONS_SENDER`     | "from" Email address of the password Reset Email Sender | `info@localhost` |
 
 
 ## Building api-service image
@@ -119,6 +124,10 @@ Image can be configured by setting environment variables.
 | `LOWCODER_MARKETPLACE_PRIVATE_MODE` | Control if not to show Apps on the local Marketplace to anonymous users | `true`                                                |
 | `LOWCODER_SUPERUSER_USERNAME` | Username of the Super-User of an Lowcoder Installation | `admin@localhost`                                                    |
 | `LOWCODER_SUPERUSER_PASSWORD` | Password of the Super-User, if not present or empty, it will be generated | `generated and printed into log file              |
+| `LOWCODER_PLUGINS_DIR`              | Directory holding lowcoder plugins                                      | `/lowcoder-stacks/plugins`                            |
+| `LOWCODER_COOKIE_NAME`              | Name of the lowcoder application cookie                                 | `LOWCODER_CE_SELFHOST_TOKEN`                          |
+| `LOWCODER_COOKIE_MAX_AGE`           | Lowcoder application cookie max age in hours                            | `24`                                                  |
+| `LOWCODER_APP_SNAPSHOT_RETENTIONTIME` | Application snapshots retention time in days                          | `30`                                                  |
 
 Also you should set the API-KEY secret, whcih should be a string of at least 32 random characters. (from Lowcoder v2.3.x on)
 On linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
@@ -140,7 +149,7 @@ To enable secure Password Reset flow for the users, you need to configure your o
 | `LOWCODER_ADMIN_SMTP_SSL_ENABLED`         | Enable SSL encryption                                   | `false`              |
 | `LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED`    | Enable STARTTLS encryption                              | `true`               |
 | `LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED`   | Require STARTTLS encryption                             | `true`               |
-| `LOWCODER_LOST_PASSWORD_EMAIL_SENDER`     | "from" Email address of the password Reset Email Sender | `[email protected]` |
+| `LOWCODER_EMAIL_NOTIFICATIONS_SENDER`     | "from" Email address of the password Reset Email Sender | `info@localhost` |
 
 ## Building node-service image
 

deploy/docker/default-multi.env

@@ -0,0 +1,21 @@
+#####################################################################
+##                                                                 ##
+##  Lowcoder environment variables override for multi image        ##
+##  installation.                                                  ##
+##                                                                 ##
+##  !!! PLEASE DO NOT CHANGE THIS FILE !!!                         ##
+##                                                                 ##
+##  To change the variables use file: override.env                 ##
+##                                                                 ##
+##  It will be loaded automatically and will override the defaults ##
+##  You don't have to copy the whole default.env, only the changed ##
+##  environment variables.                                         ##
+##                                                                 ##
+#####################################################################
+
+# Update individual service URLs to match the multi setup
+LOWCODER_MONGODB_URL="mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin"
+LOWCODER_REDIS_URL="redis://redis:6379"
+LOWCODER_NODE_SERVICE_URL="http://lowcoder-node-service:6060"
+LOWCODER_API_SERVICE_URL="http://lowcoder-api-service:8080"
+

deploy/docker/default.env

@@ -0,0 +1,152 @@
+#####################################################################
+##                                                                 ##
+##  Default lowcoder environment variables.                        ##
+##                                                                 ##
+##  !!! PLEASE DO NOT CHANGE THIS FILE !!!                         ##
+##                                                                 ##
+##  To change the variables use file: override.env                 ##
+##                                                                 ##
+##  It will be loaded automatically and will override the defaults ##
+##  You don't have to copy the whole default.env, only the changed ##
+##  environment variables.                                         ##
+##                                                                 ##
+#####################################################################
+
+
+##
+## Enable services (applies to all-in-one deployment) ##
+##   - you can disable them in favor of external services
+#
+# If true redis server is started in the container
+LOWCODER_REDIS_ENABLED="true"
+# If true mongo database is started in the container
+LOWCODER_MONGODB_ENABLED="true"
+# If true lowcoder api-service is started in the container 
+LOWCODER_API_SERVICE_ENABLED="true"
+# If true lowcoder node-service is started in the container
+LOWCODER_NODE_SERVICE_ENABLED="true"
+# If true lowcoder web frontend is started in the container
+LOWCODER_FRONTEND_ENABLED="true"
+# 
+# Set LOWCODER_MONGODB_EXPOSED to "true" and uncomment mongodb port
+# to make internal mongo database accessible from host
+# (applies to all-in-one deployment)
+#
+LOWCODER_MONGODB_EXPOSED="false"
+
+##
+## Generic parameters
+##
+#
+# URL of the public User Interface 
+LOWCODER_PUBLIC_URL="http://localhost:3000/"
+
+# ID of user running services. It will own all created logs and data.
+LOWCODER_PUID="1000"
+# ID of group of the user running services
+LOWCODER_PGID="1000"
+
+##
+## api-service parameters
+##
+# Name of the lowcoder application cookie
+LOWCODER_COOKIE_NAME=LOWCODER_CE_SELFHOST_TOKEN
+# Lowcoder application cookie max age in hours
+LOWCODER_COOKIE_MAX_AGE=24
+# Default maximum organizations per user
+LOWCODER_MAX_ORGS_PER_USER=100
+# Default maximum members per organization
+LOWCODER_MAX_MEMBERS_PER_ORG=1000
+# Default maximum groups per organization
+LOWCODER_MAX_GROUPS_PER_ORG=100
+# Default maximum applications per organization
+LOWCODER_MAX_APPS_PER_ORG=1000
+# Default maximum developers
+LOWCODER_MAX_DEVELOPERS=50
+# Mongo database connection string (use the later one in case of multi-image compose)
+LOWCODER_MONGODB_URL="mongodb://localhost:27017/lowcoder?authSource=admin"
+#LOWCODER_MONGODB_URL="mongodb://lowcoder:secret123@mongodb/lowcoder?authSource=admin"
+# Redis server URL
+LOWCODER_REDIS_URL="redis://localhost:6379"
+# Control if users create their own Workspace automatic when Sign Up
+LOWCODER_EMAIL_SIGNUP_ENABLED="true"
+# Controls whether authentication via email is enabled
+LOWCODER_EMAIL_AUTH_ENABLED="true"
+# IF LOWCODER_WORKSPACE_MODE = SAAS, controls if own workspace is created for the user after sign up
+LOWCODER_CREATE_WORKSPACE_ON_SIGNUP="true"
+# Application snapshots retention time in days
+LOWCODER_APP_SNAPSHOT_RETENTIONTIME=30
+#
+# ! PLEASE CHANGE THESE TO SOMETHING UNIQUE !
+# 
+#    LOWCODER_DB_ENCRYPTION_PASSWORD and LOWCODER_DB_ENCRYPTION_SALT is used 
+#    to encrypt sensitive data in mongo database so it is important to change the defaults
+#
+LOWCODER_DB_ENCRYPTION_PASSWORD="lowcoder.org"
+LOWCODER_DB_ENCRYPTION_SALT="lowcoder.org"
+
+# CORS allowed domains
+LOWCODER_CORS_DOMAINS="*"
+#
+# API-KEY secret - should be a string of at least 32 random characters
+#    - on linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
+#
+LOWCODER_API_KEY_SECRET="5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b"
+
+##
+## api and node service parameters
+##
+# Directory holding lowcoder plugins
+LOWCODER_PLUGINS_DIR="../plugins"
+# Number of max Request per Second - set to 0 to disable rate limiting
+LOWCODER_API_RATE_LIMIT=100
+# Lowcoder API service URL
+LOWCODER_API_SERVICE_URL="http://localhost:8080"
+# Lowcoder Node service URL
+LOWCODER_NODE_SERVICE_URL="http://localhost:6060"
+
+##
+## Frontend parameters
+##
+# Lowcoder max request size
+LOWCODER_MAX_REQUEST_SIZE=20m
+# Lowcoder max query timeout (in seconds)
+LOWCODER_MAX_QUERY_TIMEOUT=120
+# Default lowcoder query timeout
+LOWCODER_DEFAULT_QUERY_TIMEOUT=10
+# SAAS to activate, ENTERPRISE to switch off - Workspaces
+LOWCODER_WORKSPACE_MODE=SAAS
+# Controls whether to show Apps on the local Marketplace to anonymous users
+#   - if true, apps are not shown to anonymous users
+LOWCODER_MARKETPLACE_PRIVATE_MODE="true"
+
+##
+## Lowcoder notification emails setup
+##
+# Mail server host
+LOWCODER_ADMIN_SMTP_HOST=localhost
+# Mail server port
+LOWCODER_ADMIN_SMTP_PORT=587
+# Use authentication when sending email
+LOWCODER_ADMIN_SMTP_AUTH="true"
+# Username (email) used for authentication
+LOWCODER_ADMIN_SMTP_USERNAME=
+# Password used for authentication
+LOWCODER_ADMIN_SMTP_PASSWORD=
+# Enable SSL for connetion to the mail server
+LOWCODER_ADMIN_SMTP_SSL_ENABLED="false"
+# Enable STARTTLS
+LOWCODER_ADMIN_SMTP_STARTTLS_ENABLED="true"
+# Require STARTTLS
+LOWCODER_ADMIN_SMTP_STARTTLS_REQUIRED="true"
+
+# Email used in notifications from lowcoder
+LOWCODER_EMAIL_NOTIFICATIONS_SENDER=info@localhost
+
+# Lowcoder superuser username
+LOWCODER_SUPERUSER_USERNAME=admin@localhost
+# Lowcoder superuser password
+# If left blank, a password will be generated and written into log (lowcoder-stacks/logs/api-service/api-service.log)
+LOWCODER_SUPERUSER_PASSWORD=
+
+