gib/GibSend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b20f3b5d74b747c6bbbcb108e9fb7e857c2d85ef
GibSend/docker/prod/compose.yml
T
Michał Ordon 62d7c44efc feat: add REDIS_KEY_PREFIX env var for Redis ACL namespace isolation (#365) 
* feat: add REDIS_KEY_PREFIX env var for Redis ACL namespace isolation

Adds optional REDIS_KEY_PREFIX env var that prefixes all Redis keys
(BullMQ queues via `prefix` option, cache/lock/rate-limit keys via
`redisKey()` helper). When unset, behavior is unchanged (BullMQ
defaults to "bull:", cache keys are unprefixed).

This enables self-hosters using Redis ACL multi-tenancy to restrict
useSend to its own key namespace (e.g. `~usesend:*`).

16 files changed across env schema, Redis module, 9 BullMQ queue/worker
files, and 5 direct Redis key operation sites.

* docs: add REDIS_KEY_PREFIX to self-host assets and fix docker run example

Add REDIS_KEY_PREFIX env var to docker/prod/compose.yml, .env.example,
.env.selfhost.example, and self-hosting docs. Fix missing trailing
backslashes in standalone docker run example.

* fix(redis): disable ioredis ready check and BullMQ version check

Redis ACL blocks INFO command (in @dangerous category). ioredis uses
INFO for ready check, BullMQ uses it for version detection. Without
these flags, BullMQ workers fail to initialize and silently stop
processing jobs.

- Add enableReadyCheck: false to ioredis connection
- Add skipVersionCheck: true to all 5 Queue + 5 Worker constructors

* fix(redis): add skipVersionCheck to remaining BullMQ job queues

Add skipVersionCheck: true to Queue and Worker constructors in all 4 job
files (campaign-scheduler, cleanup-email-bodies, usage-job,
webhook-cleanup) to match the pattern already used in service files.
This prevents BullMQ version mismatch errors when using REDIS_KEY_PREFIX
with Redis ACL namespace isolation.
2026-03-02 08:12:47 +11:00

78 lines
2.0 KiB
YAML
Raw Blame History

name: usesend-prod
services:
postgres:
image: postgres:16
container_name: usesend-db-prod
restart: always
environment:
- POSTGRES_USER=${POSTGRES_USER:?err}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?err}
- POSTGRES_DB=${POSTGRES_DB:?err}
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 10s
timeout: 5s
retries: 5
# ports:
# - "5432:5432"
volumes:
- database:/var/lib/postgresql/data
redis:
image: redis:7
container_name: usesend-redis-prod
restart: always
# ports:
# - "6379:6379"
volumes:
- cache:/data
command: ["redis-server", "--maxmemory-policy", "noeviction"]
minio:
image: minio/minio
container_name: usesend-storage-prod
ports:
- 9002:9002
- 9001:9001
volumes:
- storage:/data
environment:
MINIO_ROOT_USER: unsend
MINIO_ROOT_PASSWORD: password
entrypoint: sh
command: -c 'mkdir -p /data/unsend && minio server /data --console-address ":9001" --address ":9002"'
usesend:
image: usesend/usesend:latest
container_name: usesend
restart: always
ports:
- ${PORT:-3000}:${PORT:-3000}
environment:
- PORT=${PORT:-3000}
- DATABASE_URL=${DATABASE_URL:?err}
- NEXTAUTH_URL=${NEXTAUTH_URL:?err}
- NEXTAUTH_SECRET=${NEXTAUTH_SECRET:?err}
- AWS_ACCESS_KEY=${AWS_ACCESS_KEY:?err}
- AWS_SECRET_KEY=${AWS_SECRET_KEY:?err}
- AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION:?err}
- GITHUB_ID=${GITHUB_ID:?err}
- GITHUB_SECRET=${GITHUB_SECRET:?err}
- REDIS_URL=${REDIS_URL:?err}
- REDIS_KEY_PREFIX=${REDIS_KEY_PREFIX:-}
- NEXT_PUBLIC_IS_CLOUD=${NEXT_PUBLIC_IS_CLOUD:-false}
- API_RATE_LIMIT=${API_RATE_LIMIT:-1}
- SMTP_HOST=${SMTP_HOST:-smtp.usesend.com}
- SMTP_USER=${SMTP_USER:-usesend}
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_started
volumes:
database:
cache:
storage:
Reference in New Issue View Git Blame Copy Permalink