version: "3.4"
########################################################################################
#
# This compose file runs every service separately without any reverse proxy or http
# server to serve user uploaded files. It is intended as a starting point for people
# who want to use their own reverse proxy and run Baserow with one service per
# container. The web-frontend service is available by default at http://localhost:3000
# and the backend service is available by default at http://localhost:8000 .
#
# To use this file you need to:
# 1. Set the PUBLIC_BACKEND_URL to the URL that the user's browser can access the
# backend service on.
# 2. Set the PUBLIC_WEB_FRONTEND_URL to the URL that the user's browser can access the
# web-frontend service on.
# 3. Host the media files in the media volume on a HTTP server and set the MEDIA_URL
# to the URL the user's browser can access the files on.
# 4. Ensure requests sent to the backend in /ws path are upgraded to websocket
# connections.
#
# See the following guides for more details and example configurations:
# 1. https://baserow.io/docs/installation%2Finstall-behind-nginx
# 2. https://baserow.io/docs/installation%2Finstall-behind-apache
#
# Also More documentation can be found in:
# https://baserow.io/docs/installation%2Finstall-with-docker-compose
#
########################################################################################
# See https://baserow.io/docs/installation%2Fconfiguration for more details on these
# backend environment variables, their defaults if left blank etc.
x-backend-variables: &backend-variables
# Most users should only need to set these first four variables.
SECRET_KEY: ${SECRET_KEY:?}
BASEROW_JWT_SIGNING_KEY: ${BASEROW_JWT_SIGNING_KEY:-}
DATABASE_PASSWORD: ${DATABASE_PASSWORD:?}
REDIS_PASSWORD: ${REDIS_PASSWORD:?}
PUBLIC_BACKEND_URL: ${PUBLIC_BACKEND_URL-http://localhost:8000}
PUBLIC_WEB_FRONTEND_URL: ${PUBLIC_WEB_FRONTEND_URL-http://localhost:3000}
BASEROW_EMBEDDED_SHARE_URL:
# Set these if you want to use an external postgres instead of the db service below.
DATABASE_USER: ${DATABASE_USER:-baserow}
DATABASE_NAME: ${DATABASE_NAME:-baserow}
DATABASE_HOST:
DATABASE_PORT:
DATABASE_OPTIONS:
DATABASE_URL:
# Set these if you want to use an external redis instead of the redis service below.
REDIS_HOST:
REDIS_PORT:
REDIS_PROTOCOL:
REDIS_URL:
REDIS_USER:
# Set these to enable Baserow to send emails.
EMAIL_SMTP:
EMAIL_SMTP_HOST:
EMAIL_SMTP_PORT:
EMAIL_SMTP_USE_TLS:
EMAIL_SMTP_USE_SSL:
EMAIL_SMTP_USER:
EMAIL_SMTP_PASSWORD:
EMAIL_SMTP_SSL_CERTFILE_PATH:
EMAIL_SMTP_SSL_KEYFILE_PATH:
FROM_EMAIL:
# Set these to use AWS S3 bucket to store user files.
AWS_ACCESS_KEY_ID:
AWS_SECRET_ACCESS_KEY:
AWS_STORAGE_BUCKET_NAME:
AWS_S3_REGION_NAME:
AWS_S3_ENDPOINT_URL:
AWS_S3_CUSTOM_DOMAIN:
# Misc settings see https://baserow.io/docs/installation%2Fconfiguration for info
BASEROW_AMOUNT_OF_WORKERS:
BASEROW_ROW_PAGE_SIZE_LIMIT:
BATCH_ROWS_SIZE_LIMIT:
INITIAL_TABLE_DATA_LIMIT:
BASEROW_FILE_UPLOAD_SIZE_LIMIT_MB:
BASEROW_OPENAI_UPLOADED_FILE_SIZE_LIMIT_MB:
BASEROW_UNIQUE_ROW_VALUES_SIZE_LIMIT:
BASEROW_EXTRA_ALLOWED_HOSTS:
ADDITIONAL_APPS:
BASEROW_PLUGIN_GIT_REPOS:
BASEROW_PLUGIN_URLS:
BASEROW_ENABLE_SECURE_PROXY_SSL_HEADER:
MIGRATE_ON_STARTUP: ${MIGRATE_ON_STARTUP:-true}
SYNC_TEMPLATES_ON_STARTUP: ${SYNC_TEMPLATES_ON_STARTUP:-true}
BASEROW_SYNC_TEMPLATES_PATTERN:
DONT_UPDATE_FORMULAS_AFTER_MIGRATION:
BASEROW_TRIGGER_SYNC_TEMPLATES_AFTER_MIGRATION:
BASEROW_SYNC_TEMPLATES_TIME_LIMIT:
BASEROW_BACKEND_DEBUG:
BASEROW_BACKEND_LOG_LEVEL:
FEATURE_FLAGS:
BASEROW_ENABLE_OTEL:
BASEROW_DEPLOYMENT_ENV:
OTEL_EXPORTER_OTLP_ENDPOINT:
OTEL_RESOURCE_ATTRIBUTES:
POSTHOG_PROJECT_API_KEY:
POSTHOG_HOST:
PRIVATE_BACKEND_URL: http://backend:8000
BASEROW_PUBLIC_URL:
MEDIA_URL:
MEDIA_ROOT:
BASEROW_AIRTABLE_IMPORT_SOFT_TIME_LIMIT:
HOURS_UNTIL_TRASH_PERMANENTLY_DELETED:
OLD_ACTION_CLEANUP_INTERVAL_MINUTES:
MINUTES_UNTIL_ACTION_CLEANED_UP:
BASEROW_GROUP_STORAGE_USAGE_QUEUE:
DISABLE_ANONYMOUS_PUBLIC_VIEW_WS_CONNECTIONS:
BASEROW_WAIT_INSTEAD_OF_409_CONFLICT_ERROR:
BASEROW_DISABLE_MODEL_CACHE:
BASEROW_PLUGIN_DIR:
BASEROW_JOB_EXPIRATION_TIME_LIMIT:
BASEROW_JOB_CLEANUP_INTERVAL_MINUTES:
BASEROW_ROW_HISTORY_CLEANUP_INTERVAL_MINUTES:
BASEROW_ROW_HISTORY_RETENTION_DAYS:
BASEROW_USER_LOG_ENTRY_CLEANUP_INTERVAL_MINUTES:
BASEROW_USER_LOG_ENTRY_RETENTION_DAYS:
BASEROW_IMPORT_EXPORT_RESOURCE_CLEANUP_INTERVAL_MINUTES:
BASEROW_IMPORT_EXPORT_RESOURCE_REMOVAL_AFTER_DAYS:
BASEROW_IMPORT_EXPORT_TABLE_ROWS_COUNT_LIMIT:
BASEROW_MAX_ROW_REPORT_ERROR_COUNT:
BASEROW_JOB_SOFT_TIME_LIMIT:
BASEROW_FRONTEND_JOBS_POLLING_TIMEOUT_MS:
BASEROW_INITIAL_CREATE_SYNC_TABLE_DATA_LIMIT:
BASEROW_WEBHOOKS_ALLOW_PRIVATE_ADDRESS:
BASEROW_WEBHOOKS_IP_BLACKLIST:
BASEROW_WEBHOOKS_IP_WHITELIST:
BASEROW_WEBHOOKS_URL_REGEX_BLACKLIST:
BASEROW_WEBHOOKS_URL_CHECK_TIMEOUT_SECS:
BASEROW_WEBHOOKS_MAX_CONSECUTIVE_TRIGGER_FAILURES:
BASEROW_WEBHOOKS_MAX_RETRIES_PER_CALL:
BASEROW_WEBHOOKS_MAX_PER_TABLE:
BASEROW_WEBHOOKS_MAX_CALL_LOG_ENTRIES:
BASEROW_WEBHOOKS_REQUEST_TIMEOUT_SECONDS:
BASEROW_ENTERPRISE_AUDIT_LOG_CLEANUP_INTERVAL_MINUTES:
BASEROW_ENTERPRISE_AUDIT_LOG_RETENTION_DAYS:
BASEROW_ALLOW_MULTIPLE_SSO_PROVIDERS_FOR_SAME_ACCOUNT:
BASEROW_STORAGE_USAGE_JOB_CRONTAB:
BASEROW_SEAT_USAGE_JOB_CRONTAB:
BASEROW_PERIODIC_FIELD_UPDATE_CRONTAB:
BASEROW_PERIODIC_FIELD_UPDATE_UNUSED_WORKSPACE_INTERVAL_MIN:
BASEROW_PERIODIC_FIELD_UPDATE_TIMEOUT_MINUTES:
BASEROW_PERIODIC_FIELD_UPDATE_QUEUE_NAME:
BASEROW_MAX_CONCURRENT_USER_REQUESTS:
BASEROW_CONCURRENT_USER_REQUESTS_THROTTLE_TIMEOUT:
BASEROW_SEND_VERIFY_EMAIL_RATE_LIMIT:
BASEROW_LOGIN_ACTION_LOG_LIMIT:
BASEROW_OSS_ONLY:
OTEL_TRACES_SAMPLER:
OTEL_TRACES_SAMPLER_ARG:
OTEL_PER_MODULE_SAMPLER_OVERRIDES:
BASEROW_CACHALOT_ENABLED:
BASEROW_CACHALOT_MODE:
BASEROW_CACHALOT_ONLY_CACHABLE_TABLES:
BASEROW_CACHALOT_UNCACHABLE_TABLES:
BASEROW_CACHALOT_TIMEOUT:
BASEROW_BUILDER_PUBLICLY_USED_PROPERTIES_CACHE_TTL_SECONDS:
BASEROW_BUILDER_DISPATCH_ACTION_CACHE_TTL_SECONDS:
BASEROW_AUTO_INDEX_VIEW_ENABLED:
BASEROW_PERSONAL_VIEW_LOWEST_ROLE_ALLOWED:
BASEROW_DISABLE_LOCKED_MIGRATIONS:
BASEROW_USE_PG_FULLTEXT_SEARCH:
BASEROW_AUTO_VACUUM:
BASEROW_BUILDER_DOMAINS:
BASEROW_ICAL_VIEW_MAX_EVENTS: ${BASEROW_ICAL_VIEW_MAX_EVENTS:-}
BASEROW_WEBHOOK_ROWS_ENTER_VIEW_BATCH_SIZE:
BASEROW_ENTERPRISE_GROUPED_AGGREGATE_SERVICE_MAX_SERIES:
services:
backend:
image: baserow/backend:1.31.1
restart: unless-stopped
ports:
- "${HOST_PUBLISH_IP:-127.0.0.1}:8000:8000"
environment:
<<: *backend-variables
depends_on:
- db
- redis
volumes:
- media:/baserow/media
networks:
local:
web-frontend:
image: baserow/web-frontend:1.31.1
restart: unless-stopped
ports:
- "${HOST_PUBLISH_IP:-127.0.0.1}:3000:3000"
environment:
BASEROW_PUBLIC_URL:
PRIVATE_BACKEND_URL: ${PRIVATE_BACKEND_URL:-http://backend:8000}
PUBLIC_BACKEND_URL:
PUBLIC_WEB_FRONTEND_URL:
BASEROW_EMBEDDED_SHARE_URL:
BASEROW_DISABLE_PUBLIC_URL_CHECK:
INITIAL_TABLE_DATA_LIMIT:
DOWNLOAD_FILE_VIA_XHR:
BASEROW_DISABLE_GOOGLE_DOCS_FILE_PREVIEW:
BASEROW_DISABLE_SUPPORT:
HOURS_UNTIL_TRASH_PERMANENTLY_DELETED:
DISABLE_ANONYMOUS_PUBLIC_VIEW_WS_CONNECTIONS:
FEATURE_FLAGS:
ADDITIONAL_MODULES:
BASEROW_MAX_IMPORT_FILE_SIZE_MB:
BASEROW_MAX_SNAPSHOTS_PER_GROUP:
BASEROW_ENABLE_OTEL:
BASEROW_DEPLOYMENT_ENV:
BASEROW_OSS_ONLY:
BASEROW_USE_PG_FULLTEXT_SEARCH:
BASEROW_UNIQUE_ROW_VALUES_SIZE_LIMIT:
BASEROW_ROW_PAGE_SIZE_LIMIT:
BASEROW_BUILDER_DOMAINS:
BASEROW_FRONTEND_SAME_SITE_COOKIE:
depends_on:
- backend
networks:
local:
celery:
image: baserow/backend:1.31.1
restart: unless-stopped
environment:
<<: *backend-variables
command: celery-worker
# The backend image's baked in healthcheck defaults to the django healthcheck
# override it to the celery one here.
healthcheck:
test: [ "CMD-SHELL", "/baserow/backend/docker/docker-entrypoint.sh celery-worker-healthcheck" ]
depends_on:
- backend
volumes:
- media:/baserow/media
networks:
local:
celery-export-worker:
image: baserow/backend:1.31.1
restart: unless-stopped
command: celery-exportworker
environment:
<<: *backend-variables
# The backend image's baked in healthcheck defaults to the django healthcheck
# override it to the celery one here.
healthcheck:
test: [ "CMD-SHELL", "/baserow/backend/docker/docker-entrypoint.sh celery-exportworker-healthcheck" ]
depends_on:
- backend
volumes:
- media:/baserow/media
networks:
local:
celery-beat-worker:
image: baserow/backend:1.31.1
restart: unless-stopped
command: celery-beat
environment:
<<: *backend-variables
# See https://github.com/sibson/redbeat/issues/129#issuecomment-1057478237
stop_signal: SIGQUIT
depends_on:
- backend
volumes:
- media:/baserow/media
networks:
local:
db:
image: postgres:15
restart: unless-stopped
environment:
- POSTGRES_USER=${DATABASE_USER:-baserow}
- POSTGRES_PASSWORD=${DATABASE_PASSWORD:?}
- POSTGRES_DB=${DATABASE_NAME:-baserow}
healthcheck:
test: [ "CMD-SHELL", "su postgres -c \"pg_isready -U ${DATABASE_USER:-baserow}\"" ]
interval: 10s
timeout: 5s
retries: 5
networks:
local:
volumes:
- pgdata:/var/lib/postgresql/data
redis:
image: redis:6
restart: unless-stopped
command: redis-server --requirepass ${REDIS_PASSWORD:?}
healthcheck:
test: [ "CMD", "redis-cli", "ping" ]
networks:
local:
# By default, the media volume will be owned by root on startup. Ensure it is owned by
# the same user that django is running as, so it can write user files.
volume-permissions-fixer:
image: bash:4.4
command: chown 9999:9999 -R /baserow/media
volumes:
- media:/baserow/media
networks:
local:
volumes:
pgdata:
media:
caddy_data:
caddy_config:
networks:
local:
driver: bridge