Since there were a few people asking how to setup Temporal on Fly.io, I'd thought this would be useful.
Disclaimer: I'm not a Fly nor Temporal expert (in fact I'm a big noob) so you'll have to forgive me. Any suggestions are welcome to improve these configs for others and myself.
Don't forget to add a private ip6 address:
fly ips allocate-v6 --private
This is required for the ui app to connect to the server via .flycast
| ARG GOPROXY | |
| ##### Temporal server with Auto-Setup ##### | |
| FROM temporalio/ui:2.27.2 as ui | |
| FROM temporalio/server:1.24.1.0 as server | |
| WORKDIR /etc/temporal | |
| FROM temporalio/auto-setup:1.24.1.0 as final | |
| COPY --from=ui --chown=temporal:temporal /home/ui-server /home/ui-server | |
| RUN rm -rf /home/ui-server/config/* | |
| EXPOSE 7233 8080 | |
| # Use Mysql, ES, or something else | |
| ENV DB=postgres12 | |
| ENV DB_PORT=5432 | |
| # Move these to `fly secrets` | |
| ENV POSTGRES_SEEDS=db.xxx.supabase.co (or w/e your db domain is) | |
| ENV POSTGRES_USER=postgres | |
| ENV POSTGRES_PWD=P@ssw0rd (use a better password) | |
| ENV DBNAME=postgres | |
| # Change Visibility to a different table. I'm using the same one at the moment b/c supabase's free tier only allows | |
| # for 1 free table. This requires manual migration. | |
| ENV VISIBILITY_DBNAME=postgres | |
| ENV BIND_ON_IP=0.0.0.0 | |
| ENV TEMPORAL_BROADCAST_ADDRESS=0.0.0.0 | |
| ENV DEFAULT_NAMESPACE=default | |
| ENV DYNAMIC_CONFIG_FILE_PATH=/etc/temporal/config/dynamicconfig/docker.yaml | |
| # These two .sh files are defined below | |
| COPY ./start.sh /etc/temporal/start.sh | |
| COPY ./start-ui.sh /etc/temporal/start-ui.sh | |
| CMD ["autosetup"] | |
| ENTRYPOINT ["/etc/temporal/start.sh"] |
| app = 'my-temporal-app' | |
| primary_region = 'sea' | |
| [processes] | |
| server = '/etc/temporal/entrypoint.sh autosetup' | |
| ui = '/etc/temporal/start-ui.sh' | |
| [[services]] | |
| protocol = 'tcp' | |
| internal_port = 7233 | |
| auto_stop_machines = true | |
| auto_start_machines = true | |
| min_machines_running = 1 | |
| processes = ['server'] | |
| [[services.ports]] | |
| port = 7233 | |
| # handlers = ['http'] # Do not expose to public, public ipv4/6 should be removed already | |
| # alpn h2 is needed for the grpc protocol | |
| [services.ports.tls_options] | |
| alpn = ['h2'] | |
| [[services.tcp_checks]] | |
| interval = '10s' | |
| timeout = '2s' | |
| grace_period = '5s' | |
| [[services]] | |
| protocol = 'tcp' | |
| internal_port = 8080 | |
| auto_stop_machines = true | |
| auto_start_machines = true | |
| min_machines_running = 0 | |
| processes = ['ui'] | |
| # Ideally, don't expose the UI to the public, keep it behind a CDN (eg Cloudflare) and whitelist the IP | |
| # or make it public but set up SSO | |
| [[services.ports]] | |
| port = 8080 | |
| # handlers = ['http'] | |
| # [[services.ports]] | |
| # port = 443 | |
| # handlers = ['tls', 'http'] | |
| [[vm]] | |
| size = 'shared-cpu-1x' |
| #!/bin/sh | |
| # The Temporal UI Server expects the script to be executed at the `/home/ui-server` | |
| cd /home/ui-server | |
| # Assuming your server/ui is running in the same Fly app (but different process) | |
| # Change this to another fly app or IP if running elsewhere. | |
| export TEMPORAL_ADDRESS="${FLY_APP_NAME}.flycast:7233" | |
| ./start-ui-server.sh |
| #!/bin/sh | |
| # This is called via the fly.toml: | |
| # [processes] | |
| # server = "/etc/temporal/entrypoint.sh autosetup" | |
| # ui = "/etc/temporal/start-ui.sh" | |
| # | |
| # This script itself is called in the Dockerfile: | |
| # ENTRYPOINT ["/etc/temporal/start.sh"] | |
| exec "$@" |
👍 Yup that's the simplest way if you don't need remote access.