dep.env

[hello2ashu]

Summary by Sourcery

Deployment:

• Introduce dep.yaml describing the containerized AppFlowy environment including nginx, Postgres, Redis, Minio, auth, backend, workers, search, and web frontends with associated volumes and environment configuration.

[sourcery-ai]

Reviewer's Guide

Adds a new dep.yaml defining the full AppFlowy self-hosted stack as a set of containerized services (nginx, minio, postgres, redis, auth, core backend, worker, search, web, and admin UI), wired together via environment variables, healthchecks, and persistent volumes for a Synology-style deployment.

Sequence diagram for HTTP request through nginx to AppFlowy web and backend

sequenceDiagram
  actor User
  participant browser
  participant nginx
  participant appflowy_web
  participant appflowy_cloud
  participant gotrue
  participant postgres

  User->>browser: Open AppFlowy_URL
  browser->>nginx: HTTPS GET /
  nginx->>appflowy_web: HTTP GET /
  appflowy_web-->>nginx: HTML_CSS_JS
  nginx-->>browser: HTML_CSS_JS

  User->>browser: Trigger_authenticated_action
  browser->>nginx: HTTPS request_with_JWT_or_auth_redirect
  nginx->>appflowy_web: Proxied_request
  appflowy_web->>appflowy_cloud: API_request_with_auth_header
  appflowy_cloud->>gotrue: Verify_JWT
  gotrue-->>appflowy_cloud: JWT_valid
  appflowy_cloud->>postgres: Read_write_data
  postgres-->>appflowy_cloud: Query_result
  appflowy_cloud-->>appflowy_web: API_response
  appflowy_web-->>nginx: HTTP_response
  nginx-->>browser: HTTP_response
  browser-->>User: Render_updated_UI

Loading

File-Level Changes

Change	Details	Files
Introduce container orchestration configuration for the AppFlowy stack.	Define nginx as the public entrypoint with HTTP/HTTPS ports configurable via environment variables and bind-mounted config and TLS certificate files. Configure MinIO object storage with environment-driven credentials, redirect URL, healthcheck, and persistent data volume. Set up a pgvector-enabled Postgres service with environment-configurable credentials/port, healthcheck, and bound data directory. Add a basic Redis service for caching/queues.	dep.yaml
Add authentication and core backend services with appropriate dependencies and healthchecks.	Configure GoTrue auth service with extensive environment-based settings for admin user, JWT, SMTP, OAuth providers, and database connection; gate startup on Postgres health. Define appflowy_cloud backend service with production-oriented environment variables for database, Redis, S3, mailer, AI integration, and search service, plus healthcheck and dependency on GoTrue. Introduce admin_frontend service wired to GoTrue and the core backend and dependent on their healthchecks.	dep.yaml
Add worker, search, and web frontend services wired to the backend stack.	Configure appflowy_worker with Redis, database, S3, and mailer settings and dependencies on Postgres and appflowy_cloud. Add appflowy_search service with database/Redis connections, OpenAI/Azure AI configuration, keyword index settings, JWT secret, persistent keyword index volume, and dependency on Postgres. Define appflowy_web frontend with base URLs and WebSocket endpoint env vars and dependency on appflowy_cloud health.	dep.yaml
Declare named volumes to support persistence for core data stores.	Declare named volumes for Postgres, MinIO, and keyword index data to ensure data persistence across container restarts. Align named volumes with host bind paths used by the respective services to support the targeted deployment environment.	dep.yaml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The named volumes declared at the bottom (postgres_data, minio_data, keyword_index_data) are not actually used by the services, which instead mount host paths under /volume1; consider switching to the named volumes or removing the unused declarations to avoid confusion.
• In the postgres healthcheck, ${POSTGRES_USER} and ${POSTGRES_DB} are interpolated at compose-parse time and may end up empty if not set in the shell; consider inlining the same default values used in the service environment (e.g. ${POSTGRES_USER:-postgres}) to keep the healthcheck consistent and robust.
• The configuration file inlines a large number of sensitive environment variables (SMTP credentials, JWT secrets, API keys); consider moving these into an external env_file and referencing them from the services to make secret handling and rotation safer and less error-prone.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The named volumes declared at the bottom (postgres_data, minio_data, keyword_index_data) are not actually used by the services, which instead mount host paths under /volume1; consider switching to the named volumes or removing the unused declarations to avoid confusion.
- In the postgres healthcheck, ${POSTGRES_USER} and ${POSTGRES_DB} are interpolated at compose-parse time and may end up empty if not set in the shell; consider inlining the same default values used in the service environment (e.g. ${POSTGRES_USER:-postgres}) to keep the healthcheck consistent and robust.
- The configuration file inlines a large number of sensitive environment variables (SMTP credentials, JWT secrets, API keys); consider moving these into an external env_file and referencing them from the services to make secret handling and rotation safer and less error-prone.

## Individual Comments

### Comment 1
<location path="dep.yaml" line_range="39" />
<code_context>
+      - PGPORT=${POSTGRES_PORT:-5432}
+    command: [ "postgres", "-c", "port=${POSTGRES_PORT:-5432}" ]
+    healthcheck:
+      test: [ "CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "${POSTGRES_DB}", "-p", "${POSTGRES_PORT:-5432}" ]
+      interval: 5s
+      timeout: 5s
</code_context>
<issue_to_address>
**issue:** Align healthcheck variable defaults with the postgres environment configuration.

In the healthcheck, `${POSTGRES_USER}` and `${POSTGRES_DB}` lack the `:-postgres` fallback used in the environment config. If these vars aren’t set, `pg_isready` will be called with empty `-U`/`-d` values. Please update to `${POSTGRES_USER:-postgres}` and `${POSTGRES_DB:-postgres}` to keep behavior consistent and avoid failures when env vars are missing.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue: Align healthcheck variable defaults with the postgres environment configuration.

In the healthcheck, ${POSTGRES_USER} and ${POSTGRES_DB} lack the :-postgres fallback used in the environment config. If these vars aren’t set, pg_isready will be called with empty -U/-d values. Please update to ${POSTGRES_USER:-postgres} and ${POSTGRES_DB:-postgres} to keep behavior consistent and avoid failures when env vars are missing.