Official docker-compose file

[andreapx]

Hi, nice job with GetGrist. Why don't you release a docker-compose.yaml file too?

[paulfitz]

Thanks @andreapx ! There's a yaml here https://community.getgrist.com/t/a-template-for-self-hosting-grist-with-traefik-and-docker-compose/856. Do you happen to have an example of a web app with a docker-compose.yaml that helped you? I see a lot of variability in how people deploy Grist, and I'm not really sure what template to give that saves work overall.

[andreapx]

@paulfitz I've tried that docker-compose removing everything related to Traefik (since I don't need a proxy), but it doesn't work since it seems to require HTTPS. here's the docker-compse.yaml that I'm trying:

services:
  grist:
    image: gristlabs/grist
    environment:
      #GRIST_FORWARD_AUTH_HEADER: X-Forwarded-User
      #GRIST_FORWARD_AUTH_LOGOUT_PATH: _oauth/logout
      GRIST_SINGLE_ORG: grist  # alternatively, GRIST_ORG_IN_PATH: "true" for multi-team operation
      GRIST_DEFAULT_EMAIL: myemail
      APP_HOME_URL: https://getgrist.local
    ports:
      - "8484:8484"
    volumes:
      # You may want to put state somewhere other than /tmp :-)
      - /var/docker/getgrist/data:/persist

[paulfitz]

If you don't want https, try APP_HOME_URL: http://getgrist.local (remove the s). If you do want https, using a proxy is the easiest way to get that (Grist doesn't have built in support for it, there's a lot of variation in how people go about dealing with certificates). Also the APP_HOME_URL doesn't match the 8484 port you have configured. You could try setting it to http://getgrist.local:8484. or set a PORT variable of 80 and use port mapping 80:80.

[andreapx]

Ahahahahaa, you know that I really didn't see the S, dammit! 😄 Thanks a lot!

[andreapx]

@paulfitz Do you happen to know how to create users? Right now there's not even a login request. Thanks!

[paulfitz]

Grist doesn't have a hardcoded login system, since again people want a lot of different things. The yaml I pointed to in the forums uses traefik-forward-auth to integrate with Google, Microsoft, or other logins. Another option is to substitute in grist-omnibus if you want a quick username/password solution and aren't trying to integrate with your own SSO: https://github.com/gristlabs/grist-omnibus

[andreapx]

I got it. I'm quite ignorant about those authentication method: how can they manage permissions on projects/tables?

[paulfitz]

They will handle the authentication part (verifying that someone is who they say they are). Grist will handle aspects of authorization (given that you are who say who you say you care, do you have the right to do what you are trying to do) via team sharing and access rules.

[andreapx]

Thanks!

[hectorm]

I recently did a deployment of Grist with Docker Compose for a friend and I think it might be useful for someone else, although it is very opinionated. It is a Grist deployment with Traefik, authentik, MinIO, Grafana and Prometheus.

Finally, I would like to congratulate the Grist team for their work, your product is fantastic.

[almereyda]

I've added an updated Grist Compose setup with healthchecks for all containers (Grist, Postgres, Redis) and OIDC via GitLab to:

• A template for self-hosting Grist with traefik and docker compose - Showcase - Grist Creators