New Service Espocrm

README.md

@@ -130,6 +130,7 @@ ScaleTail provides ready-to-run [Docker Compose](https://docs.docker.com/compose
 | 📚 **Docmost**       | A self-hosted, real-time collaborative wiki with rich editing, diagrams, permissions, and full-text search.                                                                | [Details](services/docmost)       |
 | ✅ **DumbDo**        | A self-hosted, minimalistic task manager for simple to-do lists.                                                                                                           | [Details](services/dumbdo)        |
 | ✅ **Eigenfocus**    | A self-hosted task and project management tool for productivity.                                                                                                           | [Details](services/eigenfocus)    |
+| 🗂️ **EspoCRM**    | A CRM for Sales, support and marketing.                                                                                                           | [Details](services/espocrm)    |
 | 📝 **Excalidraw**    | A virtual collaborative whiteboard tool.                                                                                                                                   | [Details](services/excalidraw)    |
 | 📝 **Flatnotes**     | A simple, self-hosted note-taking app using Markdown files.                                                                                                                | [Details](services/flatnotes)     |
 | 👨🏼‍💻 **Forgejo**       | A community-driven, self-hosted Git service.                                                                                                                               | [Details](services/forgejo)       |

services/espocrm/.env

@@ -0,0 +1,39 @@
+#version=1.1
+#URL=https://github.com/tailscale-dev/ScaleTail
+#COMPOSE_PROJECT_NAME= # Optional: only use when running multiple deployments on the same infrastructure.
+
+# Service Configuration
+SERVICE=espocrm # Service name (e.g., adguard). Used as hostname in Tailscale and for container naming (app-${SERVICE}).
+IMAGE_URL=espocrm/espocrm # Docker image URL from container registry (e.g., adguard/adguard-home).
+
+# Network Configuration
+SERVICEPORT= # Port to expose to local network. Uncomment the "ports:" section in compose.yaml to enable.
+DNS_SERVER=9.9.9.9 # Preferred DNS server for Tailscale. Uncomment the "dns:" section in compose.yaml to enable.
+
+# Tailscale Configuration
+TS_AUTHKEY= # Auth key from https://tailscale.com/admin/authkeys. See: https://tailscale.com/kb/1085/auth-keys#generate-an-auth-key for instructions.
+
+# Optional Service variables
+# PUID=1000
+
+#Time Zone setting for containers
+TZ=Europe/Amsterdam # See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+
+# Any Container environment variables are declared below. See https://docs.docker.com/compose/how-tos/environment-variables/
+
+#EXAMPLE_VAR="Environment varibale"
+
+TS_DOMAIN=<MY_TS_DOMAIN>.ts.net
+
+MARIADB_ROOT_PASSWORD=password
+MARIADB_DATABASE=espocrm
+MARIADB_USER=espocrm
+MARIADB_PASSWORD=password
+ESPOCRM_DEFAULT_CURRENCY=EUR
+ESPOCRM_DATABASE_PLATFORM=Mysql
+ESPOCRM_DATABASE_HOST=espocrm-db
+ESPOCRM_DATABASE_USER=espocrm
+ESPOCRM_DATABASE_PASSWORD=password
+ESPOCRM_ADMIN_USERNAME=admin
+ESPOCRM_ADMIN_PASSWORD=password
+ESPOCRM_SITE_URL=https://${SERVICE}.${TS_DOMAIN}

services/espocrm/README.md

@@ -0,0 +1,22 @@
+# EspoCRM with Tailscale Sidecar Configuration
+
+This Docker Compose configuration sets up [EspoCRM](https://www.espocrm.com/) with Tailscale as a sidecar container to keep the app reachable over your Tailnet.
+
+## EspoCRM
+
+[EspoCRM](https://www.espocrm.com/) is a web application that allows users to see, enter and evaluate all your company relationships regardless of the type. People, companies, projects or opportunities — all in an easy and intuitive interface.
+
+## Configuration Overview
+
+In this setup, the `tailscale-EspoCRM` service runs Tailscale, which manages secure networking for EspoCRM. The `EspoCRM` service utilizes the Tailscale network stack via Docker's `network_mode: service:` configuration. This keeps the app Tailnet-only unless you intentionally expose ports.
+
+## What to document for users
+
+- Links: [EspoCRM Features](https://www.espocrm.com/features/) [Environment Details](https://docs.espocrm.com/administration/docker/installation/#installation-environments)
+
+## Files to check
+
+Please check the following contents for validity as some variables need to be defined upfront.
+
+- `.env` // Main variable `TS_AUTHKEY`
+- `.env` // Required for normal operation. `TS_DOMAIN`

services/espocrm/compose.yml

@@ -0,0 +1,88 @@
+configs:
+  ts-serve:
+    content: |
+      {"TCP":{"443":{"HTTPS":true}},
+      "Web":{"$${TS_CERT_DOMAIN}:443":
+          {"Handlers":{"/":
+          {"Proxy":"http://127.0.0.1:80"}}}},
+      "AllowFunnel":{"$${TS_CERT_DOMAIN}:443":false}}
+
+services:
+# Make sure you have updated/checked the .env file with the correct variables.
+# All the ${ xx } need to be defined there.
+  # Tailscale Sidecar Configuration
+  tailscale:
+    image: tailscale/tailscale:latest # Image to be used
+    container_name: tailscale-${SERVICE} # Name for local container management
+    hostname: ${SERVICE} # Name used within your Tailscale environment
+    environment:
+      - TS_AUTHKEY=${TS_AUTHKEY}
+      - TS_STATE_DIR=/var/lib/tailscale
+      - TS_SERVE_CONFIG=/config/serve.json # Tailscale Serve configuration to expose the web interface on your local Tailnet - remove this line if not required
+      - TS_USERSPACE=false
+      - TS_ENABLE_HEALTH_CHECK=true              # Enable healthcheck endpoint: "/healthz"
+      - TS_LOCAL_ADDR_PORT=127.0.0.1:41234       # The <addr>:<port> for the healthz endpoint
+      #- TS_ACCEPT_DNS=true # Uncomment when using MagicDNS
+      - TS_AUTH_ONCE=true
+    configs:
+      - source: ts-serve
+        target: /config/serve.json
+    volumes:
+      - ./config:/config # Config folder used to store Tailscale files - you may need to change the path
+      - ./ts/state:/var/lib/tailscale # Tailscale requirement - you may need to change the path
+    devices:
+      - /dev/net/tun:/dev/net/tun # Network configuration for Tailscale to work
+    cap_add:
+      - net_admin # Tailscale requirement
+    #ports:
+    #  - 0.0.0.0:${SERVICEPORT}:${SERVICEPORT} # Binding port ${SERVICE}PORT to the local network - may be removed if only exposure to your Tailnet is required
+    # If any DNS issues arise, use your preferred DNS provider by uncommenting the config below
+    #dns:
+    #  - ${DNS_SERVER}
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "http://127.0.0.1:41234/healthz"] # Check Tailscale has a Tailnet IP and is operational
+      interval: 1m # How often to perform the check
+      timeout: 10s # Time to wait for the check to succeed
+      retries: 3 # Number of retries before marking as unhealthy
+      start_period: 10s # Time to wait before starting health checks
+    restart: always
+
+  # ${SERVICE}
+  espocrm-db:
+    image: mariadb:latest
+    container_name: app-${SERVICE}-db
+    environment:
+      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
+      - MARIADB_DATABASE=${MARIADB_DATABASE}
+      - MARIADB_USER=${MARIADB_USER}
+      - MARIADB_PASSWORD=${MARIADB_PASSWORD}
+    volumes:
+      - ./${SERVICE}-db:/var/lib/mysql
+    restart: always
+    healthcheck:
+      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
+      interval: 20s
+      start_period: 10s
+      timeout: 10s
+      retries: 3
+  espocrm:
+    image: ${IMAGE_URL}
+    network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale
+    container_name: app-${SERVICE}
+    environment:
+      - ESPOCRM_DATABASE_PLATFORM=${ESPOCRM_DATABASE_PLATFORM}
+      - ESPOCRM_DATABASE_HOST=${ESPOCRM_DATABASE_HOST}
+      - ESPOCRM_DATABASE_USER=${ESPOCRM_DATABASE_USER}
+      - ESPOCRM_DATABASE_PASSWORD=${ESPOCRM_DATABASE_PASSWORD}
+      - ESPOCRM_ADMIN_USERNAME=${ESPOCRM_ADMIN_USERNAME}
+      - ESPOCRM_ADMIN_PASSWORD=${ESPOCRM_ADMIN_PASSWORD}
+      - ESPOCRM_SITE_URL=${ESPOCRM_SITE_URL}
+      - ESPOCRM_DEFAULT_CURRENCY=${ESPOCRM_DEFAULT_CURRENCY}
+    volumes:
+      - ./${SERVICE}-data:/var/www/html
+    restart: always
+    depends_on:
+      tailscale:
+        condition: service_healthy
+      espocrm-db:
+        condition: service_started