diff --git a/README.md b/README.md index d085382..d0bb7ca 100644 --- a/README.md +++ b/README.md @@ -130,6 +130,7 @@ ScaleTail provides ready-to-run [Docker Compose](https://docs.docker.com/compose | 📚 **Docmost** | A self-hosted, real-time collaborative wiki with rich editing, diagrams, permissions, and full-text search. | [Details](services/docmost) | | ✅ **DumbDo** | A self-hosted, minimalistic task manager for simple to-do lists. | [Details](services/dumbdo) | | ✅ **Eigenfocus** | A self-hosted task and project management tool for productivity. | [Details](services/eigenfocus) | +| 🗂️ **EspoCRM** | A CRM for Sales, support and marketing. | [Details](services/espocrm) | | 📝 **Excalidraw** | A virtual collaborative whiteboard tool. | [Details](services/excalidraw) | | 📝 **Flatnotes** | A simple, self-hosted note-taking app using Markdown files. | [Details](services/flatnotes) | | 👨🏼‍💻 **Forgejo** | A community-driven, self-hosted Git service. | [Details](services/forgejo) | diff --git a/services/espocrm/.env b/services/espocrm/.env new file mode 100644 index 0000000..18ad0d9 --- /dev/null +++ b/services/espocrm/.env @@ -0,0 +1,39 @@ +#version=1.1 +#URL=https://github.com/tailscale-dev/ScaleTail +#COMPOSE_PROJECT_NAME= # Optional: only use when running multiple deployments on the same infrastructure. + +# Service Configuration +SERVICE=espocrm # Service name (e.g., adguard). Used as hostname in Tailscale and for container naming (app-${SERVICE}). +IMAGE_URL=espocrm/espocrm # Docker image URL from container registry (e.g., adguard/adguard-home). + +# Network Configuration +SERVICEPORT= # Port to expose to local network. Uncomment the "ports:" section in compose.yaml to enable. +DNS_SERVER=9.9.9.9 # Preferred DNS server for Tailscale. Uncomment the "dns:" section in compose.yaml to enable. + +# Tailscale Configuration +TS_AUTHKEY= # Auth key from https://tailscale.com/admin/authkeys. See: https://tailscale.com/kb/1085/auth-keys#generate-an-auth-key for instructions. + +# Optional Service variables +# PUID=1000 + +#Time Zone setting for containers +TZ=Europe/Amsterdam # See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones + +# Any Container environment variables are declared below. See https://docs.docker.com/compose/how-tos/environment-variables/ + +#EXAMPLE_VAR="Environment varibale" + +TS_DOMAIN=.ts.net + +MARIADB_ROOT_PASSWORD=password +MARIADB_DATABASE=espocrm +MARIADB_USER=espocrm +MARIADB_PASSWORD=password +ESPOCRM_DEFAULT_CURRENCY=EUR +ESPOCRM_DATABASE_PLATFORM=Mysql +ESPOCRM_DATABASE_HOST=espocrm-db +ESPOCRM_DATABASE_USER=espocrm +ESPOCRM_DATABASE_PASSWORD=password +ESPOCRM_ADMIN_USERNAME=admin +ESPOCRM_ADMIN_PASSWORD=password +ESPOCRM_SITE_URL=https://${SERVICE}.${TS_DOMAIN} diff --git a/services/espocrm/README.md b/services/espocrm/README.md new file mode 100644 index 0000000..bd27009 --- /dev/null +++ b/services/espocrm/README.md @@ -0,0 +1,22 @@ +# EspoCRM with Tailscale Sidecar Configuration + +This Docker Compose configuration sets up [EspoCRM](https://www.espocrm.com/) with Tailscale as a sidecar container to keep the app reachable over your Tailnet. + +## EspoCRM + +[EspoCRM](https://www.espocrm.com/) is a web application that allows users to see, enter and evaluate all your company relationships regardless of the type. People, companies, projects or opportunities — all in an easy and intuitive interface. + +## Configuration Overview + +In this setup, the `tailscale-EspoCRM` service runs Tailscale, which manages secure networking for EspoCRM. The `EspoCRM` service utilizes the Tailscale network stack via Docker's `network_mode: service:` configuration. This keeps the app Tailnet-only unless you intentionally expose ports. + +## What to document for users + +- Links: [EspoCRM Features](https://www.espocrm.com/features/) [Environment Details](https://docs.espocrm.com/administration/docker/installation/#installation-environments) + +## Files to check + +Please check the following contents for validity as some variables need to be defined upfront. + +- `.env` // Main variable `TS_AUTHKEY` +- `.env` // Required for normal operation. `TS_DOMAIN` diff --git a/services/espocrm/compose.yml b/services/espocrm/compose.yml new file mode 100644 index 0000000..47c3406 --- /dev/null +++ b/services/espocrm/compose.yml @@ -0,0 +1,88 @@ +configs: + ts-serve: + content: | + {"TCP":{"443":{"HTTPS":true}}, + "Web":{"$${TS_CERT_DOMAIN}:443": + {"Handlers":{"/": + {"Proxy":"http://127.0.0.1:80"}}}}, + "AllowFunnel":{"$${TS_CERT_DOMAIN}:443":false}} + +services: +# Make sure you have updated/checked the .env file with the correct variables. +# All the ${ xx } need to be defined there. + # Tailscale Sidecar Configuration + tailscale: + image: tailscale/tailscale:latest # Image to be used + container_name: tailscale-${SERVICE} # Name for local container management + hostname: ${SERVICE} # Name used within your Tailscale environment + environment: + - TS_AUTHKEY=${TS_AUTHKEY} + - TS_STATE_DIR=/var/lib/tailscale + - TS_SERVE_CONFIG=/config/serve.json # Tailscale Serve configuration to expose the web interface on your local Tailnet - remove this line if not required + - TS_USERSPACE=false + - TS_ENABLE_HEALTH_CHECK=true # Enable healthcheck endpoint: "/healthz" + - TS_LOCAL_ADDR_PORT=127.0.0.1:41234 # The : for the healthz endpoint + #- TS_ACCEPT_DNS=true # Uncomment when using MagicDNS + - TS_AUTH_ONCE=true + configs: + - source: ts-serve + target: /config/serve.json + volumes: + - ./config:/config # Config folder used to store Tailscale files - you may need to change the path + - ./ts/state:/var/lib/tailscale # Tailscale requirement - you may need to change the path + devices: + - /dev/net/tun:/dev/net/tun # Network configuration for Tailscale to work + cap_add: + - net_admin # Tailscale requirement + #ports: + # - 0.0.0.0:${SERVICEPORT}:${SERVICEPORT} # Binding port ${SERVICE}PORT to the local network - may be removed if only exposure to your Tailnet is required + # If any DNS issues arise, use your preferred DNS provider by uncommenting the config below + #dns: + # - ${DNS_SERVER} + healthcheck: + test: ["CMD", "wget", "--spider", "-q", "http://127.0.0.1:41234/healthz"] # Check Tailscale has a Tailnet IP and is operational + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 10s # Time to wait before starting health checks + restart: always + + # ${SERVICE} + database: + image: mariadb:12.2 + container_name: db-${SERVICE} + environment: + - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} + - MARIADB_DATABASE=${MARIADB_DATABASE} + - MARIADB_USER=${MARIADB_USER} + - MARIADB_PASSWORD=${MARIADB_PASSWORD} + volumes: + - ./${SERVICE}-db:/var/lib/mysql + restart: always + healthcheck: + test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] + interval: 1m + start_period: 30s + timeout: 10s + retries: 3 + application: + image: ${IMAGE_URL} + network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale + container_name: app-${SERVICE} + environment: + - ESPOCRM_DATABASE_PLATFORM=${ESPOCRM_DATABASE_PLATFORM} + - ESPOCRM_DATABASE_HOST=${ESPOCRM_DATABASE_HOST} + - ESPOCRM_DATABASE_USER=${ESPOCRM_DATABASE_USER} + - ESPOCRM_DATABASE_PASSWORD=${ESPOCRM_DATABASE_PASSWORD} + - ESPOCRM_ADMIN_USERNAME=${ESPOCRM_ADMIN_USERNAME} + - ESPOCRM_ADMIN_PASSWORD=${ESPOCRM_ADMIN_PASSWORD} + - ESPOCRM_SITE_URL=${ESPOCRM_SITE_URL} + - ESPOCRM_DEFAULT_CURRENCY=${ESPOCRM_DEFAULT_CURRENCY} + volumes: + - ./${SERVICE}-data:/var/www/html + restart: always + depends_on: + tailscale: + condition: service_healthy + database: + condition: service_started