Merged
Conversation
- Add Rote deployment template with frontend, backend, and PostgreSQL services - Configure domain routing for frontend (port 80) and backend (port 3000) - Set up automatic password generation and environment variables - Use latest image tag by default - Add logo and metadata to meta.json
…demirror/autocomplete', '@radix-ui/react-dialog', and React packages to their latest versions. This includes updates to '@types/react' and '@types/react-dom' for improved compatibility and performance.
… target 'canary' branch for pull requests.
… and future modifications.
…deployment process and clarity.
* Update template.toml * Update template.toml * Update template.toml
feat: add Rote template
…shrouded-server for autoupdate and easier config
changed image to mornedhels/enshrouded-server
* feat: add Openinary template * feat: update Openinary configuration to support ALLOWED_ORIGIN and refactor domain variable
… template files - Introduced a GitHub Actions workflow to validate Docker Compose files and template.toml on pull requests. - Added helper functions for generating random values and processing variables in templates. - Implemented validation scripts for checking the structure, syntax, and best practices of Docker Compose and template files. - Created necessary TypeScript types and configuration files for the build scripts.
* feat(templates): add Passbolt blueprint for Dokploy - Add docker-compose.yml defining services for Passbolt and MariaDB - Create template.toml with configurable domain, email, and database credentials - Add meta.json with metadata, tags, and link to logo * fix(meta): sort meta.json entries * fix: passbolt template had several issues that broke deployment - env variables were using old array format, changed to new table format - mariadb healthcheck was broken (wrong command for mariadb 11) - missing volume mounts for gpg keys, jwt tokens, and database - setup instructions weren't visible to users, moved to docker-compose - email config had circular references causing warnings - tested admin user creation and confirmed working everything works now, fully tested * Update blueprints/passbolt/template.toml --------- Co-authored-by: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com>
* feat: Add Kokoro TTS FastAPI template (#353) - Add CPU-optimized docker-compose.yml with source build - Add GPU-optimized docker-compose-gpu.yml for NVIDIA support - Add comprehensive template.toml with OpenAI-compatible API docs - Add kokoro-tts.svg logo and meta.json entry - Support streaming audio, timestamps, and multi-language TTS - Resolves #353 * updated the meta.json for the build errors * removed the docker-compose-gpu.yml file * Update docker-compose.yml --------- Co-authored-by: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com>
- Added guidelines for keeping pull requests small and focused. - Emphasized the importance of testing contributions before submission to maintain a tidy PR queue.
* feat/add trilium next template * fix: test verify to pr * fix: fix validation error in docker-compose * fix: static version to trilium image --------- Co-authored-by: jbello <jbello@raodsystem.com>
* feat: add wuzapi template * chore: remove temporary meta_entry.json * fix(wuzapi): remove explicit networks and simplify depends_on for Dokploy compatibility * fix(wuzapi): remove invalid config.mounts from template.toml * Update Docker images for wuzapi and PostgreSQL fixed the version of the wuzapi docker image.
* feat: add PostgreSQL with PgDog template Add postgres-pgdog template providing PostgreSQL database with PgDog connection pooler, load balancer, and horizontal scaling proxy. Modern alternative to PgBouncer with multi-threading support. - Configurable PostgreSQL (default: 18-alpine) and PgDog (default: v0.1.26) images - Optional admin interface on port 6433 - Includes healthcheck and dependency management * 🐛 fix(postgres-pgdog): add config mounts and fix postgres volume path - Add [[config.mounts]] for pgdog.toml and users.toml - Mount config files from ../files/ in docker-compose - Change postgres volume to /var/lib/postgresql (postgres 18+ standard) - Add explicit command with config paths to prevent warnings * 🐛 fix(postgres-pgdog): correct binary path and use default config locations - Mount configs to /pgdog/ (default WorkingDir) instead of /etc/pgdog/ - Remove explicit command (binary is /usr/local/bin/pgdog, not /pgdog/pgdog) - Use image's default CMD with default config paths * 🐛 fix(postgres-pgdog): remove invalid admin_port config field - Remove admin_port from [general] section (not a valid field) - Admin DB uses same port 6432 with special database name - Remove commented admin domain config * 🐛 fix(postgres-pgdog): enable external access via fixed port mapping - Add fixed port 6432:6432 to postgres-pgdog service - Remove HTTP domain config (incompatible with TCP protocol) - Add comment for internal-only option Fixes UnsupportedStartup errors when using domain config for PostgreSQL protocol access. * 🐛 fix(postgres-pgdog): use standard port format per convention - Change port mapping from '6432:6432' to '6432' format - Follows Dokploy template convention for port declarations - External access requires checking Dokploy UI for assigned host port * 📝 docs(postgres-pgdog): clarify port settings comment * 🐛 fix(postgres-pgdog): default to internal access with opt-in external port - Remove obsolete version field - Port mapping commented by default for security - Users uncomment to enable external access on port 6432
* Add IPFS Kubo template * Update init cmds * Remove port forwarding
* Bump version to 2.1.0 * Update meta.json with new version number
Co-authored-by: Aaron McGuire <git.figment276@passmail.net>
…ork instructions (#595) * fix: superset version fixed, tweak network instructions * chore: simplify mapbox key * fix: volume mount * deps: bump superset to 6.0.0
* feat: Add imgproxy template * fix: Configure docker-compose to match requirements * fix: Process meta * fix: Change logo name * fix: Remove incorrect mounts * fix: Expose 80 port instead of direct mapping * fix: Change nginx cache keys default zone size and correct format negotiation * fix: Escaping
…mproved setup (#672) * Update docker-compose.yml * fix: stable nextcloud, add redis, auto config, fixed mariadb * fix: meta nextcloud * fix: vars * fix: non capital * fix: template.toml * fix: env vars * fix: var naming * fix: command * fix: command * another try * keep it simple * fix toml * retry classic * add: admin user * no aito install * feat: automated fixes * fix file pasth * fix: manual script * fix: script * fix: png logo * fix: meta logo data --------- Co-authored-by: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com>
* feat: add MediaFetch template * Corrected .toml * .toml
* feat: add unleash template * feat: update unleash template to version 7.4.0 and fix formatting * feat: update database user in unleash template from postgres to unleash
* Update Notifuse template: replace PASETO with SECRET_KEY auth * Update docker-compose.yml --------- Co-authored-by: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com>
* chore: update convex backend and dashboard images, switch from port mapping to expose in docker-compose.yml * fix: set default value for DISABLE_BEACON in docker-compose.yml
* Update grafana 12.4 * Update meta.json
* feat: add tuwunel template for matrix * fix: replace HTML placeholder with actual SVG logo for tuwunel * fix: remove enforcement and rename logo
dosubot
bot
added
the
size:XL
Deploying canary-templates with
|
| Latest commit: |
d157cef
|
| Status: | ⚡️ Build in progress... |
|
Related Documentation Checked 7 published document(s) in 1 knowledge base(s). No updates required. How did I do? Any feedback? |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| version: "3.8" | ||
| services: | ||
| mediafetch: | ||
| image: lukedunsmoto/mediafetch:latest |
There was a problem hiding this comment.
Version mismatch between image tag and meta.json
AGENTS.md requires the version field in meta.json to exactly match the Docker image tag. meta.json lists "version": "1.1.1" for mediafetch, but the image here uses latest. Users will not be deploying the advertised 1.1.1 version.
Suggested change
| image: lukedunsmoto/mediafetch:latest | |
| image: lukedunsmoto/mediafetch:1.1.1 |
Context Used: Rule from dashboard - AGENTS.md (source)
| services: | ||
| evolution-api: | ||
| image: atendai/evolution-api:v2.1.2 | ||
| image: evoapicloud/evolution-api:latest |
There was a problem hiding this comment.
Version mismatch and unpinned latest tag
meta.json still has "version": "v2.1.2" for evolutionapi, but the image was changed to evoapicloud/evolution-api:latest. This violates the AGENTS.md requirement that the version field must match the image tag. Additionally, using latest means users will silently receive unverified future updates.
Please pin to a specific version tag and update meta.json to match.
Context Used: Rule from dashboard - AGENTS.md (source)
Comment on lines
+4
to
+9
| verdaccio: | ||
| image: verdaccio/verdaccio:6 | ||
| environment: | ||
| - VERDACCIO_PORT=4873 | ||
| ports: | ||
| - 4873 |
There was a problem hiding this comment.
Missing restart policy and forbidden ports directive
Two issues in this service:
- There is no
restartdirective.AGENTS.mdrequiresrestart: unless-stoppedorrestart: alwayson every service. ports: - 4873is forbidden. Useexpose: - 4873and configure routing via[[config.domains]]intemplate.toml.
Suggested change
| verdaccio: | |
| image: verdaccio/verdaccio:6 | |
| environment: | |
| - VERDACCIO_PORT=4873 | |
| ports: | |
| - 4873 | |
| verdaccio: | |
| image: verdaccio/verdaccio:6 | |
| restart: unless-stopped | |
| environment: | |
| - VERDACCIO_PORT=4873 | |
| expose: | |
| - 4873 |
Context Used: Rule from dashboard - AGENTS.md (source)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What is this PR about?
New PR of [Template Name]
Checklist
Before submitting this PR, please make sure that:
Issues related (if applicable)
Close automatically the related issues using the keywords:
closes #ISSUE_NUMBERScreenshots or Videos
Greptile Summary
This is a large bulk update PR touching 72 files — adding ~20 new blueprints and updating ~15 existing ones with version bumps, dependency fixes, and structural improvements. While many individual changes are sound (convex
ports→exposefix, budibase/appsmith/grafana version bumps, supabaseCONTAINER_PREFIXfix), the sheer scale of changes introduces numerous violations of the project'sAGENTS.mdconventions that need to be resolved before merging.Critical issues requiring fixes:
portsdirective used in 4 blueprints (ipfs,trilium-next,verdaccio,vikunja) — this is explicitly forbidden; useexpose+[[config.domains]]instead. Thevikunjacase is a regression.container_name: wg-easyadded towg-easy/docker-compose.yml— explicitly forbidden.wuzapi-server(folder:wuzapi) andtrilium_next(folder:trilium-next) — must match exactly.trilium-next(~/trilium-data,/etc/timezone,/etc/localtime) — forbidden perAGENTS.md.mediafetchimage useslatestbutmeta.jsonsays1.1.1;evolutionapiimage changed tolatestbutmeta.jsonstill showsv2.1.2.postgres-pgdog(${PGDOG_IMAGE},${POSTGRES_IMAGE}) — images must be pinned to specific versions.vikunjahealthcheck:CMD-SHELLarray form with env vars that won't be shell-substituted.restartpolicy onverdaccioandopenclawmain service.version: "3.8"inopenclaw,seaweedfs,strapi, andtrilium-next.Confidence Score: 1/5
portsdirectives (4 files), forbiddencontainer_name(1 file), service naming mismatches (2 files), absolute host bind mounts (1 file), version mismatches between meta.json and image tags (2 files), non-deterministic image references (1 file), a broken healthcheck (1 file), missingrestartpolicies (2 files), and missingversion: "3.8"declarations (4 files). Many of these would cause actual deployment failures in Dokploy.Comments Outside Diff (8)
General comment
portsdirective forbidden by project conventionsPer
AGENTS.md,portsmust never be included in Dokploy blueprints — Dokploy handles routing via its own ingress. This same violation appears in several other files in this PR:blueprints/ipfs/docker-compose.ymllines 11–14blueprints/trilium-next/docker-compose.ymllines 11–17blueprints/verdaccio/docker-compose.ymllines 8–9blueprints/vikunja/docker-compose.ymllines 14–15 (regression — previously usedexpose)Replace
portswithexposein all of these files and configure routing throughtemplate.toml[[config.domains]]entries instead.Context Used: Rule from
dashboard- AGENTS.md (source)General comment
container_nameforbidden by project conventionsAGENTS.mdexplicitly states thatcontainer_namemust never be included in Dokploy blueprints, as it can conflict with Dokploy's internal container management.(Remove the
container_name: wg-easyline entirely.)Context Used: Rule from
dashboard- AGENTS.md (source)General comment
Service name must match blueprint folder name
AGENTS.mdrequires that the primary service name exactly matches the blueprint folder name. The folder iswuzapibut the service is namedwuzapi-server. This mismatch will cause Dokploy domain routing (configured intemplate.tomlwithserviceName = "wuzapi-server") to be inconsistent with the convention.Context Used: Rule from
dashboard- AGENTS.md (source)General comment
Service name must match blueprint folder name
AGENTS.mdrequires the primary service name to exactly match the blueprint folder name. The folder istrilium-nextbut the service istrilium_next(underscore instead of hyphen). These are treated as distinct identifiers.Context Used: Rule from
dashboard- AGENTS.md (source)General comment
Absolute host paths in bind mounts are forbidden
AGENTS.mdexplicitly prohibits absolute host paths in volume bind mounts. Three bind mounts here violate this rule:${TRILIUM_DATA_DIR:-~/trilium-data}— uses a~-relative home directory path, which is an absolute path on the host/etc/timezone:/etc/timezone:ro— absolute host path/etc/localtime:/etc/localtime:ro— absolute host pathFor
trilium-data, use a named volume instead. For timezone/locale, these are host-specific paths that are not portable in a Dokploy context and should be removed; the container image handles its own timezone.Context Used: Rule from
dashboard- AGENTS.md (source)General comment
Docker images must be pinned to specific versions, not user-supplied variables
Both
${PGDOG_IMAGE}and${POSTGRES_IMAGE}(line 18) are environment variable references used as image names. This means the actual image to be pulled is entirely determined at runtime by the user, making the template non-deterministic and impossible to validate.AGENTS.mdrequires images to be pinned to specific versions to prevent supply chain attacks and ensure consistent deployments.Hardcode the image references to specific, tested version tags (e.g.,
pgdogio/pgdog:0.1.6andpostgres:17-alpine) and updatemeta.jsonaccordingly.Context Used: Rule from
dashboard- AGENTS.md (source)General comment
Broken healthcheck:
CMD-SHELLrequires a single shell string, not multiple argumentsCMD-SHELLruns a command via the shell and expects a single string as its argument. When passed as an array like["CMD-SHELL", "pg_isready", "-U", "...", "-d", "..."], onlypg_isreadyis passed as the shell command — the-Uand-dflags are silently ignored, so the healthcheck will succeed regardless of the database state.Additionally, environment variable substitution does not occur in the exec-form array —
${VIKUNJA_DATABASE_USER}will be passed as a literal string rather than the resolved value.(Use
$to escape the `## What is this PR about?New PR of [Template Name]
Checklist
Before submitting this PR, please make sure that:
Issues related (if applicable)
Close automatically the related issues using the keywords:
closes #ISSUE_NUMBERScreenshots or Videos
Greptile Summary
This is a large bulk update PR touching 72 files — adding ~20 new blueprints and updating ~15 existing ones with version bumps, dependency fixes, and structural improvements. While many individual changes are sound (convex
ports→exposefix, budibase/appsmith/grafana version bumps, supabaseCONTAINER_PREFIXfix), the sheer scale of changes introduces numerous violations of the project'sAGENTS.mdconventions that need to be resolved before merging.Critical issues requiring fixes:
portsdirective used in 4 blueprints (ipfs,trilium-next,verdaccio,vikunja) — this is explicitly forbidden; useexpose+[[config.domains]]instead. Thevikunjacase is a regression.container_name: wg-easyadded towg-easy/docker-compose.yml— explicitly forbidden.wuzapi-server(folder:wuzapi) andtrilium_next(folder:trilium-next) — must match exactly.trilium-next(~/trilium-data,/etc/timezone,/etc/localtime) — forbidden perAGENTS.md.mediafetchimage useslatestbutmeta.jsonsays1.1.1;evolutionapiimage changed tolatestbutmeta.jsonstill showsv2.1.2.postgres-pgdog(${PGDOG_IMAGE},${POSTGRES_IMAGE}) — images must be pinned to specific versions.vikunjahealthcheck:CMD-SHELLarray form with env vars that won't be shell-substituted.restartpolicy onverdaccioandopenclawmain service.version: "3.8"inopenclaw,seaweedfs,strapi, andtrilium-next.Confidence Score: 1/5
portsdirectives (4 files), forbiddencontainer_name(1 file), service naming mismatches (2 files), absolute host bind mounts (1 file), version mismatches between meta.json and image tags (2 files), non-deterministic image references (1 file), a broken healthcheck (1 file), missingrestartpolicies (2 files), and missingversion: "3.8"declarations (4 files). Many of these would cause actual deployment failures in Dokploy.so Docker performs the substitution at container runtime.)
General comment
Missing
version: "3.8"andrestartpolicy; unpinned browser imageThree issues in this file:
version: "3.8"—AGENTS.mdrequires all Dokploy blueprints to declareversion: "3.8"at the top of the compose file. This also applies toblueprints/seaweedfs/docker-compose.yml,blueprints/strapi/docker-compose.yml, andblueprints/trilium-next/docker-compose.ymlin this PR.openclawservice is missing arestartpolicy — addrestart: unless-stoppedorrestart: always.coollabsio/openclaw-browser:latest— thebrowserservice uses an unpinnedlatesttag. Pin it to a specific version to match theopenclawservice version and updatemeta.jsonaccordingly.Context Used: Rule from
dashboard- AGENTS.md (source)Last reviewed commit: d157cef
Context used:
dashboard- AGENTS.md (source)