docker-compose(-next).yml: Improve docker compose recipe#1771
Merged
nuclearcat merged 1 commit intokernelci:mainfrom Mar 2, 2026
Merged
docker-compose(-next).yml: Improve docker compose recipe#1771nuclearcat merged 1 commit intokernelci:mainfrom
nuclearcat merged 1 commit intokernelci:mainfrom
Conversation
Comment on lines
+79
to
+80
| - ${SSL_CHAIN_FILE:-/etc/letsencrypt/live/d.kernelci.org/fullchain.pem}:/etc/nginx/ssl/fullchain.pem | ||
| - ${SSL_KEY_FILE:-/etc/letsencrypt/live/d.kernelci.org/privkey.pem}:/etc/nginx/ssl/privkey.pem |
Collaborator
There was a problem hiding this comment.
nit: add a comment about these variables or they'll be undocumented
Comment on lines
-118
to
-121
| ports: | ||
| - target: ${INGESTER_METRICS_PORT:-8002} | ||
| published: ${INGESTER_METRICS_PORT:-8002} | ||
| protocol: tcp |
Collaborator
There was a problem hiding this comment.
Just to confirm: this, backend's port 8001 and pending_aggregations_processor's port 8003 (which is not here, seems like it needs rebasing) are the ports for the prometheus/grafana services, will they still work on production?
Comment on lines
+140
to
+141
| # ports: | ||
| # - 9000:9000 |
Collaborator
There was a problem hiding this comment.
nit: since you are going to comment this service, you could leave the port 80:80 on, so that we can uncomment on development and access the frontend on http://localhost/
nuclearcat
force-pushed
the
deploy-fixes
branch
2 times, most recently
from
0e08b2f to
275a3d1
Compare
Dont use host mode for networking Dont expose ports to external, unless necessary Change to unified .env file Rename container name to not clash with production Expose dashboard directly, without proxy docker-compose-next.yml: Dont expose unnecessary ports to world Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
MarceloRobert
approved these changes
Mar 2, 2026
Collaborator
MarceloRobert
left a comment
MarceloRobert
left a comment
There was a problem hiding this comment.
Works overall. Still need to check if the metrics will continue working but we can fix it on another PR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Dont use host mode for networking
Dont expose ports to external, unless necessary
Change to unified .env file
Rename container name to not clash with production Expose dashboard directly, without proxy
docker-compose-next.yml: Dont expose unnecessary ports to world