Update Plunk template to use next version#622
Conversation
built with Refined Cloudflare Pages Action⚡ Cloudflare Pages Deployment
|
There was a problem hiding this comment.
Pull request overview
This PR migrates the Plunk template from the legacy version to the next version (next.useplunk.com), introducing a multi-service architecture with subdomain-based routing, additional infrastructure services (Minio, ntfy), and comprehensive environment configuration.
Key Changes:
- Replaces the legacy
driaug/plunkimage with the officialghcr.io/useplunk/plunk:latestimage - Introduces subdomain-based routing for API, dashboard, landing page, and documentation
- Adds Minio for S3-compatible storage and ntfy for notifications
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| blueprints/plunk/docker-compose.yml | Migrates to new multi-service architecture with nginx reverse proxy, Minio, ntfy, and updated Plunk image |
| blueprints/plunk/template.toml | Expands configuration to support subdomain routing, Minio storage, OAuth, Stripe, and additional service dependencies |
Comments suppressed due to low confidence (1)
blueprints/plunk/template.toml:1
- The environment variable
SES_CONFIGURATION_SET_NO_TRACKINGreferences an undefined variable. This variable is used in docker-compose.yml line 118 but is never defined in the [variables] section or [config.env] array. This will cause deployment failures.
[variables]
| DASHBOARD_DOMAIN = "${dashboard_domain}" | ||
| LANDING_DOMAIN = "${landing_domain}" | ||
| WIKI_DOMAIN = "${wiki_domain}" | ||
| USE_HTTPS = "true" |
There was a problem hiding this comment.
Setting USE_HTTPS = "true" hardcodes HTTPS usage, but the URL variables in lines 71-74 and line 90 will generate HTTP URLs (e.g., http://${api_domain}). This creates a mismatch between the HTTPS flag and the actual URL scheme. Either set USE_HTTPS = "false" to match the HTTP URLs, or update all URL constructions to use HTTPS explicitly.
| S3_ACCESS_KEY_ID = "${minio_root_user}" | ||
| S3_ACCESS_KEY_SECRET = "${minio_root_password}" | ||
| S3_BUCKET = "uploads" | ||
| S3_PUBLIC_URL = "https://${minio_domain}/uploads" |
There was a problem hiding this comment.
The S3_PUBLIC_URL uses HTTPS while the internal S3_ENDPOINT (line 86) uses HTTP. According to the coding guidelines, URLs should use HTTP by default unless explicitly required. Since this is accessing Minio internally through Docker networking, it should be "http://${minio_domain}/uploads" to maintain consistency with the internal endpoint.
|
|
||
| volumes: | ||
| # Mount Traefik certificates for SSL | ||
| - /etc/dokploy/traefik/dynamic/acme.json:/certs/acme.json:ro |
There was a problem hiding this comment.
Mounting host paths directly (especially system paths like /etc/dokploy/) violates Docker Compose best practices for Dokploy templates. According to the coding guidelines, templates should use persistent volumes instead. This mount may not exist in all Dokploy installations and creates tight coupling to the host filesystem. Consider using a named volume or removing this mount if SSL certificate handling is managed by Dokploy's reverse proxy.
| ports: | ||
| - 9000 | ||
| - 9001 |
There was a problem hiding this comment.
According to Dokploy template conventions, the ports section should be omitted as Dokploy handles service isolation via internal networks and proxying. Exposing ports explicitly can cause conflicts in multi-instance deployments. Use expose directive instead if port declaration is needed, or remove entirely since Minio is accessed via service networking.
| ports: | ||
| # Main nginx port (handles all subdomain routing) | ||
| - 80 | ||
| # SMTP ports (for email relay) | ||
| - 465 | ||
| - 587 |
There was a problem hiding this comment.
According to Dokploy template conventions, the ports section should be omitted as Dokploy handles proxying through its own reverse proxy. Explicitly defining ports can cause conflicts. Port 80 is especially problematic as Dokploy manages HTTP/HTTPS routing through Traefik. For SMTP ports (465, 587), if these truly need external access, they should be documented separately as they fall outside typical HTTP proxying.
| api_domain = "${domain}" | ||
| dashboard_domain = "${domain}" | ||
| landing_domain = "${domain}" | ||
| wiki_domain = "${domain}" | ||
| minio_domain = "${domain}" |
There was a problem hiding this comment.
All five domain variables are set to the same value "${domain}", but the comments in docker-compose.yml (lines 4-9) and the template structure indicate these should be different subdomains (api.yourdomain.com, app.yourdomain.com, etc.). This configuration will cause all services to attempt routing on the same domain, breaking the subdomain-based architecture. Each variable should either have distinct subdomain prefixes or the template should be documented to work with path-based routing instead.
| api_domain = "${domain}" | |
| dashboard_domain = "${domain}" | |
| landing_domain = "${domain}" | |
| wiki_domain = "${domain}" | |
| minio_domain = "${domain}" | |
| api_domain = "api.${domain}" | |
| dashboard_domain = "app.${domain}" | |
| landing_domain = "${domain}" | |
| wiki_domain = "docs.${domain}" | |
| minio_domain = "minio.${domain}" |
| plunk_data: | ||
| driver: local |
There was a problem hiding this comment.
The volume plunk_data is defined but never mounted or used by any service in the compose file. This creates unnecessary resource allocation and confusion. Remove this unused volume definition.
| plunk_data: | |
| driver: local |
|
Can you check that? 
|
dosubot
Bot
added
the
size:L
Removed the NTFY service since it is optional and will cause self-hosters more headaches than it will solve issues. |
|
thank you |
What is this PR about?
This PR updates the Plunk template to the Next version (next.useplunk.com)
Checklist
Before submitting this PR, please make sure that:
Issues related (if applicable)
Screenshots or Videos