Merge branch 'feature/modernize' of sn0w/pleroma-docker into develop
This commit is contained in:
commit
307d6b01d9
70
.env.dist
70
.env.dist
@ -1,18 +1,3 @@
|
||||
#
|
||||
# Note: The values of this file that are passed directly to
|
||||
# pleroma need type hints to be applied correctly.
|
||||
# The implemented types are int, bool, and string.
|
||||
# Typed variables look like this: KEY=type:VALUE.
|
||||
# Not specifying a type implies a string.
|
||||
#
|
||||
# In general: Your instance should work as expected if you leave the types as they are.
|
||||
# That is: don't remove them, don't add them, don't change them.
|
||||
# Always just change the values.
|
||||
#
|
||||
# You don't need to escape colons in your strings.
|
||||
# PLEROMA_NAME=string:std::pleroma::coolinstance will work as expected.
|
||||
#
|
||||
|
||||
#########################
|
||||
# Script settings #
|
||||
#########################
|
||||
@ -62,15 +47,12 @@ DOCKER_GID=1000
|
||||
# Database settings #
|
||||
###########################
|
||||
|
||||
# Leave POSTGRES_IP empty unless you plan to install your own database
|
||||
# Leave the POSTGRES_DB, POSTGRES_USER and POSTGRES_PASSWORD as-is
|
||||
# unless you use your own database.
|
||||
# When you use the managed postgres container
|
||||
# those will be the credentials the container is generated with.
|
||||
|
||||
POSTGRES_IP=
|
||||
POSTGRES_DB=pleroma
|
||||
POSTGRES_USER=pleroma
|
||||
POSTGRES_PASSWORD=pleroma
|
||||
PLEROMA_DB_POOL_SIZE=int:16
|
||||
|
||||
##########################
|
||||
# Pleroma Settings #
|
||||
@ -82,50 +64,6 @@ MIX_ENV=prod
|
||||
# The git tag, revision, or branch to check out on build
|
||||
PLEROMA_VERSION=develop
|
||||
|
||||
# The loglevel to use
|
||||
# (error/warn/info/debug)
|
||||
PLEROMA_LOGLEVEL=error
|
||||
|
||||
# The domain/scheme where pleroma will be hosted
|
||||
# URL is a bare TLD
|
||||
# SCHEME is the protocol without "://"
|
||||
# PORT is the *external* port (ie that of your reverse proxy)
|
||||
# Domain to run at (only relevant for traefik mode)
|
||||
PLEROMA_URL=coolsite.moe
|
||||
PLEROMA_SCHEME=https
|
||||
PLEROMA_PORT=int:443
|
||||
|
||||
# The seed for your secret keys
|
||||
# (Enter something as random as possible)
|
||||
# (On linux you can try something like "dd if=/dev/urandom bs=1 count=64 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev")
|
||||
PLEROMA_SECRET_KEY_BASE=
|
||||
|
||||
# The name of your instance
|
||||
# (This is displayed in the top-left in pleroma-fe)
|
||||
PLEROMA_NAME=string:coolInstance
|
||||
|
||||
# Your contact info
|
||||
PLEROMA_ADMIN_EMAIL=admin@coolsite.moe
|
||||
|
||||
# How many chars a notice may have at max.
|
||||
PLEROMA_MAX_NOTICE_CHARS=int:500
|
||||
|
||||
# Whether your instance accepts new users or not (true/false)
|
||||
PLEROMA_REGISTRATIONS_OPEN=bool:true
|
||||
|
||||
# Enable media proxy (true/false)?
|
||||
PLEROMA_MEDIA_PROXY_ENABLED=bool:false
|
||||
|
||||
# The url of your media proxy (if enabled) [with "http(s)://"]
|
||||
PLEROMA_MEDIA_PROXY_URL=string:https://cdn.coolsite.moe
|
||||
|
||||
# Redirect to source on cache fail?
|
||||
PLEROMA_MEDIA_PROXY_REDIRECT_ON_FAILURE=bool:true
|
||||
|
||||
# Whether to enable the chat feature or not
|
||||
PLEROMA_CHAT_ENABLED=bool:true
|
||||
|
||||
# Where to store uploads.
|
||||
# This is only relevant inside the container.
|
||||
# The host path is always $DOCKER_DATADIR/uploads.
|
||||
# So, you probably don't need to change this.
|
||||
PLEROMA_UPLOADS_PATH=/uploads
|
||||
PLEROMA_MEDIA_PROXY_URL=cdn.coolsite.moe
|
||||
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,5 +1,6 @@
|
||||
data
|
||||
.env
|
||||
config.yml
|
||||
custom.d/
|
||||
!custom.d/.gitkeep
|
||||
docker-compose.yml
|
||||
|
67
Dockerfile
67
Dockerfile
@ -1,29 +1,22 @@
|
||||
FROM debian:9-slim
|
||||
|
||||
VOLUME /custom.d
|
||||
EXPOSE 4000
|
||||
|
||||
# Set up environment
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
ENV LC_ALL=C.UTF-8
|
||||
ENV LANG=C.UTF-8
|
||||
|
||||
# Register pseudo-entrypoint
|
||||
ADD ./entrypoint.sh /
|
||||
RUN chmod a+x /entrypoint.sh
|
||||
CMD ["/entrypoint.sh"]
|
||||
# Prepare mounts
|
||||
VOLUME /custom.d
|
||||
VOLUME /conf
|
||||
|
||||
# Set "real" entrypoint to an init system.
|
||||
# TODO: Replace with --init when docker 18.06 is GA
|
||||
ENV TINI_VERSION v0.18.0
|
||||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
|
||||
RUN chmod +x /tini
|
||||
ENTRYPOINT ["/tini", "--"]
|
||||
# Expose default pleroma port to host
|
||||
EXPOSE 4000
|
||||
|
||||
# Get build dependencies
|
||||
# Get erlang, elixir, and dependencies
|
||||
RUN \
|
||||
apt-get update \
|
||||
&& apt-get install -y --no-install-recommends apt-utils \
|
||||
&& apt-get install -y --no-install-recommends git wget ca-certificates gnupg2 build-essential \
|
||||
&& apt-get install -y --no-install-recommends git wget ca-certificates gnupg2 build-essential ruby \
|
||||
\
|
||||
&& wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb \
|
||||
&& dpkg -i erlang-solutions_1.0_all.deb \
|
||||
@ -32,36 +25,44 @@ RUN \
|
||||
\
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Add entrypoint
|
||||
COPY ./entrypoint.sh /
|
||||
RUN chmod a+x /entrypoint.sh
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
# Limit permissions
|
||||
ARG DOCKER_UID
|
||||
ARG DOCKER_GID
|
||||
ARG PLEROMA_UPLOADS_PATH
|
||||
ARG DOCKER_UID=1000
|
||||
ARG DOCKER_GID=1000
|
||||
ARG PLEROMA_UPLOADS_PATH=/uploads
|
||||
|
||||
RUN \
|
||||
groupadd --gid ${DOCKER_GID} pleroma \
|
||||
&& useradd -m -s /bin/bash --gid ${DOCKER_GID} --uid ${DOCKER_UID} pleroma \
|
||||
&& mkdir -p /custom.d $PLEROMA_UPLOADS_PATH \
|
||||
&& chown -R pleroma:pleroma /custom.d $PLEROMA_UPLOADS_PATH
|
||||
&& chown -R pleroma:pleroma /custom.d /conf $PLEROMA_UPLOADS_PATH
|
||||
|
||||
USER pleroma
|
||||
WORKDIR /home/pleroma
|
||||
|
||||
# Get pleroma
|
||||
# Get pleroma sources
|
||||
RUN git clone --progress https://git.pleroma.social/pleroma/pleroma.git ./pleroma
|
||||
WORKDIR /home/pleroma/pleroma
|
||||
|
||||
# Get rebar/hex
|
||||
# Bust the build cache (if needed)
|
||||
# This works by setting an environment variable with the last
|
||||
# used version/branch/tag/commitish/... which originates in the script.
|
||||
# If the host doesn't have the required tool for "smart version detection"
|
||||
# we'll just use the current timestamp here which forces a rebuild every time.
|
||||
ARG __BUST_CACHE
|
||||
ENV __BUST_CACHE $__BUST_CACHE
|
||||
|
||||
# Get rebar and hex
|
||||
RUN \
|
||||
mix local.hex --force \
|
||||
&& mix local.rebar --force
|
||||
|
||||
# Bust the build cache
|
||||
ARG __BUST_CACHE
|
||||
ENV __BUST_CACHE $__BUST_CACHE
|
||||
|
||||
# Fetch changes, checkout
|
||||
ARG PLEROMA_VERSION
|
||||
|
||||
RUN \
|
||||
git fetch --all \
|
||||
&& git checkout $PLEROMA_VERSION \
|
||||
@ -69,12 +70,12 @@ RUN \
|
||||
|
||||
# Precompile
|
||||
RUN \
|
||||
mix deps.get \
|
||||
&& mix compile
|
||||
NO_CONFIG=1 COMPILE_ONLY=1 /entrypoint.sh
|
||||
|
||||
# Insert overrides and config helper
|
||||
COPY --chown=pleroma:pleroma ./docker-config.exs /docker-config.exs
|
||||
COPY --chown=pleroma:pleroma ./custom.d /home/pleroma/pleroma
|
||||
# Prepare runtime config
|
||||
RUN \
|
||||
ln -s /docker-config.exs config/prod.secret.exs \
|
||||
&& ln -s /docker-config.exs config/dev.secret.exs
|
||||
ln -sf runtime-config.exs config/prod.secret.exs \
|
||||
&& ln -sf runtime-config.exs config/dev.secret.exs
|
||||
|
||||
# Insert overrides
|
||||
COPY --chown=pleroma:pleroma ./custom.d /home/pleroma/pleroma
|
||||
|
22
LICENSE
Normal file
22
LICENSE
Normal file
@ -0,0 +1,22 @@
|
||||
Copyright (c) 2017-2018, sn0w
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright notice, this
|
||||
list of conditions and the following disclaimer.
|
||||
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation
|
||||
and/or other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
|
||||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
||||
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
162
README.md
162
README.md
@ -7,8 +7,7 @@ This repository dockerizes it for easier deployment.
|
||||
<hr>
|
||||
|
||||
```cpp
|
||||
#include <public_domain.h>
|
||||
#include <std_disclaimer.h>
|
||||
#include <LICENSE>
|
||||
|
||||
/*
|
||||
* This repository comes with ABSOLUTELY NO WARRANTY
|
||||
@ -24,14 +23,6 @@ This repository dockerizes it for easier deployment.
|
||||
|
||||
<hr>
|
||||
|
||||
## Features
|
||||
|
||||
- 100% generic
|
||||
- Everything is customizable
|
||||
- Zero special host dependencies
|
||||
- Configuration is not compile-time
|
||||
- "It just works"
|
||||
|
||||
## Alternatives
|
||||
|
||||
If this setup is a bit overwhelming there are a lot of other great dockerfiles
|
||||
@ -41,153 +32,6 @@ or guides from the community. A few are linked below. This list is not exhaustiv
|
||||
- [RX14/iscute.moe](https://github.com/RX14/kurisu.rx14.co.uk/blob/master/services/iscute.moe/pleroma/Dockerfile)
|
||||
- [rysiek/docker-pleroma](https://git.pleroma.social/rysiek/docker-pleroma)
|
||||
|
||||
## Installing Pleroma
|
||||
## Docs
|
||||
|
||||
- Clone this repository
|
||||
- Copy `.env.dist` to `.env`
|
||||
- Edit `.env` (see "Configuring Pleroma" section below)
|
||||
- Run `./pleroma build` and `./pleroma start`
|
||||
- Profit!
|
||||
|
||||
## Updating Pleroma
|
||||
|
||||
Just run `./pleroma build` again and `./pleroma start` afterwards.
|
||||
|
||||
You don't need to shutdown pleroma while compiling the new release.
|
||||
|
||||
Every time you run `./pleroma build` the script will fetch all upstream changes and checkout `PLEROMA_VERSION`.
|
||||
This means that setting `PLEROMA_VERSION` to a branch enables rolling-release updates while setting
|
||||
it to a tag or commit-hash pins the version.
|
||||
|
||||
## Maintaining Pleroma
|
||||
|
||||
Pleroma maintenance is usually done with premade mix tasks.<br>
|
||||
You can run these tasks using `./pleroma mix [task] [arguments...]`.<br>
|
||||
If you need to fix some bigger issues you can also spawn a shell using `./pleroma enter`.
|
||||
|
||||
## Customizing Pleroma
|
||||
|
||||
Just add your customizations (and their folder structure) to `custom.d`.<br>
|
||||
They will be mounted and symlinked into the right place when the container starts.<br>
|
||||
You can even replace/patch pleroma's code with this, because the project is recompiled at startup.<br>
|
||||
|
||||
In general: Prepending `custom.d/` to pleroma's customization guides should work all the time.<br>
|
||||
Check them out in the [official pleroma wiki](https://git.pleroma.social/pleroma/pleroma/wikis/home).
|
||||
|
||||
For example: A custom thumbnail now goes into `custom.d/priv/static/instance/thumbnail.jpeg` instead of `priv/static/instance/thumbnail.jpeg`.
|
||||
|
||||
Note: Since `custom.d` needs to be accessible at runtime by the pleroma process, the container will automatically chown these files to `$UID:$GID` from your `.env` file.
|
||||
|
||||
## Configuring Pleroma
|
||||
|
||||
pleroma-docker tries to stay out of your way as much as possible while providing
|
||||
a good experience for both you and your users. It thus supports multiple
|
||||
"operation modes" and quite some config variables which you can mix and match.
|
||||
|
||||
This guide will explain some of the tricky `.env` file parts as detailed as possible (but you should still read the comments in there).
|
||||
|
||||
Since this setup [injects code](https://glitch.sh/sn0w/pleroma-docker/blob/master/docker-config.exs) into pleroma that moves it's configuration into the environment (ref ["The Twelve-Factor App"](https://12factor.net/)),
|
||||
the built image is 100% reusable and can be shared/replicated across multiple hosts.
|
||||
To do that just run `./pleroma build` as usual and then tag your image to whatever you want.
|
||||
Just make sure to start the replicated container with `env_file:` or all required `-e` pairs.
|
||||
|
||||
#### Storing Data
|
||||
|
||||
Currently all data is stored in subfolders of `DOCKER_DATADIR` which will be bind-mounted into the container by docker.
|
||||
|
||||
We'll evaluate named volumes as an option in the future but they're currently not supported.
|
||||
|
||||
#### Database (`SCRIPT_DEPLOY_POSTGRES`)
|
||||
|
||||
Values: `true` / `false`
|
||||
|
||||
By default pleroma-docker deploys a postgresql container and links it to pleroma's container as a zero-config data store. If you already have a postgres database or want to host postgres on a physically different machine set this value to `false`. Make sure to set the `POSTGRES_*` variables when doing that.
|
||||
|
||||
#### Reverse Proxy (`SCRIPT_USE_PROXY`)
|
||||
|
||||
Values: `traefik` / `nginx` / `manual`
|
||||
|
||||
Pleroma is usually run behind a reverse-proxy.
|
||||
Pleroma-docker gives you multiple options here.
|
||||
|
||||
##### Traefik
|
||||
|
||||
In traefik-mode we will generate a pleroma container with traefik labels.
|
||||
These will be picked up at runtime to dynamically create a reverse-proxy
|
||||
configuration. This should 'just work' if `watch=true` and `exposedByDefault=false` are set in the `[docker]` section of your `traefik.conf`. SSL will also 'just work' once you add a matching `[[acme.domains]]` entry.
|
||||
|
||||
##### NGINX
|
||||
|
||||
In nginx-mode we will generate a bare nginx container that is linked to the
|
||||
pleroma container. The nginx container is absolutely unmodified and expects to
|
||||
be configured by you. The nginx file in [Pleroma's Repository](https://git.pleroma.social/pleroma/pleroma/blob/develop/installation/pleroma.nginx) is a good starting point.
|
||||
|
||||
We will mount your configs like this:
|
||||
```
|
||||
custom.d/server.nginx -> /etc/nginx/nginx.conf
|
||||
custom.d/vhost.nginx -> /etc/nginx/conf.d/pleroma.conf
|
||||
```
|
||||
|
||||
To reach your pleroma container from inside nginx use `proxy_pass http://pleroma:4000;`.
|
||||
|
||||
Set `SCRIPT_PORT_HTTP` and `SCRIPT_PORT_HTTPS` to the ports you want to listen on.
|
||||
Specify the ip to bind to in `SCRIPT_BIND_IP`. These values are required.
|
||||
|
||||
The container only listens on `SCRIPT_PORT_HTTPS` if `SCRIPT_ENABLE_SSL` is `true`.
|
||||
|
||||
##### Apache / httpd
|
||||
|
||||
Just like nginx-mode this starts an unmodified apache server that expects to be
|
||||
configured by you. Again [Pleroma's Config](https://git.pleroma.social/pleroma/pleroma/blob/develop/installation/pleroma-apache.conf) is a good starting point.
|
||||
|
||||
We will mount your configs like this:
|
||||
```
|
||||
custom.d/server.httpd -> /usr/local/apache2/conf/httpd.conf
|
||||
custom.d/vhost.httpd -> /usr/local/apache2/conf/extra/httpd-vhosts.conf
|
||||
```
|
||||
|
||||
To reach your pleroma container from inside apache use `ProxyPass [loc] http://pleroma:4000/`.
|
||||
|
||||
Again setting `SCRIPT_PORT_HTTP`, `SCRIPT_PORT_HTTPS` and `SCRIPT_BIND_IP` is required.
|
||||
|
||||
The container only listens on `SCRIPT_PORT_HTTPS` if `SCRIPT_ENABLE_SSL` is `true`.
|
||||
|
||||
##### Manual
|
||||
|
||||
In manual mode we do not create any reverse proxy for you.
|
||||
You'll have to figure something out on your own.
|
||||
|
||||
This mode also doesn't bind to any IP or port.
|
||||
You'll have to forward something to the container's IP.
|
||||
|
||||
#### SSL (`SCRIPT_ENABLE_SSL`)
|
||||
|
||||
Values: `true` / `false`
|
||||
|
||||
If you want to use SSL with your Apache or NGINX containers you'll need a
|
||||
certificate. Certificates need to be placed into `custom.d` and will be
|
||||
bind-mounted into the server's container at runtime.
|
||||
|
||||
We will mount your certs like this:
|
||||
```
|
||||
custom.d/ssl.crt -> /ssl/ssl.crt
|
||||
custom.d/ssl.key -> /ssl/ssl.key
|
||||
```
|
||||
|
||||
You can reference them in Apache like this:
|
||||
```apache
|
||||
<VirtualHost *:443>
|
||||
SSLEngine on
|
||||
SSLCertificateFile "/ssl/ssl.crt"
|
||||
SSLCertificateKeyFile "/ssl/ssl.key"
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
And in NGINX like this:
|
||||
```nginx
|
||||
listen 443 ssl;
|
||||
ssl_certificate /ssl/ssl.crt;
|
||||
ssl_certificate_key /ssl/ssl.key;
|
||||
```
|
||||
|
||||
In traefik-mode and manual-mode these files and the `SCRIPT_ENABLE_SSL` value are ignored.
|
||||
coming soon tm
|
||||
|
110
config.dist.yml
Normal file
110
config.dist.yml
Normal file
@ -0,0 +1,110 @@
|
||||
version: 1
|
||||
|
||||
#
|
||||
# Pleroma settings
|
||||
#
|
||||
# You can enter any config in here that you want.
|
||||
# Pleroma-Docker will try to translate it into elixir for you.
|
||||
#
|
||||
# <T> is a special member for modifying the YAML->Elixir translation.
|
||||
# When set to `Array` it causes the generation of a "keyed array" literal instead
|
||||
# of multiple named parameters to `config`.
|
||||
#
|
||||
# <D> is a special prefix that causes a string to be passed <D>irectly without quoting.
|
||||
# Useful for referencing modules like Ecto adapters or other symbols that are usually wrapped in yaml.
|
||||
#
|
||||
# Remember to take a look at your config with `./pleroma config`.
|
||||
#
|
||||
|
||||
app:
|
||||
# The loglevel to use in pleroma.
|
||||
:logger:
|
||||
level: <D>:info
|
||||
|
||||
:pleroma:
|
||||
Pleroma.Repo:
|
||||
# Credentials for your database.
|
||||
# You should leave this as-is if you want to use the managed db container.
|
||||
hostname: db
|
||||
username: pleroma
|
||||
password: pleroma
|
||||
database: pleroma
|
||||
pool_size: 16
|
||||
adapter: <D>Ecto.Adapters.Postgres
|
||||
|
||||
Pleroma.Web.Endpoint:
|
||||
# Location where your instance will be reachable.
|
||||
url:
|
||||
<T>: Array
|
||||
scheme: https
|
||||
host: coolsite.moe
|
||||
port: 443
|
||||
|
||||
# Base for your secret keys.
|
||||
# Better make this random.
|
||||
secret_key_base: asdf0815
|
||||
|
||||
Pleroma.Upload:
|
||||
# Where to store your uploads.
|
||||
# You should probably leave this as-is.
|
||||
# /uploads will be mounted into ::docker::datadir.
|
||||
uploads: /uploads
|
||||
|
||||
# Remove metadata from uploads?
|
||||
strip_exif: true
|
||||
|
||||
:chat:
|
||||
# Enable chat functionality?
|
||||
enabled: true
|
||||
|
||||
:media_proxy:
|
||||
# Enable the proxy?
|
||||
enabled: true
|
||||
|
||||
# Emit a 302 to the original resource when uncached?
|
||||
redirect_on_failure: true
|
||||
|
||||
# Where your proxy is reachable
|
||||
base_url: https://media.coolsite.moe
|
||||
|
||||
:instance:
|
||||
# The name of your instance.
|
||||
name: super cool stuff club
|
||||
|
||||
# Short description of your instance
|
||||
description: we do super cool stuff in super cool stuff club
|
||||
|
||||
# The admin's email address.
|
||||
email: admin@coolsite.moe
|
||||
|
||||
# How many chars a notice may have at max.
|
||||
limit: 4096
|
||||
|
||||
# May new members sign up?
|
||||
registrations_open: true
|
||||
|
||||
# Allow connections to other instances?
|
||||
# (Turn this off for testing)
|
||||
federating: true
|
||||
|
||||
# The rewrite policies / quarantines to enable.
|
||||
# This is a powerful feature which should be used with care.
|
||||
# Take a look at https://git.pleroma.social/pleroma/pleroma/wikis/Message%20rewrite%20facility%20configuration%20(how%20to%20block%20instances).
|
||||
# Then uncomment only the things you really need
|
||||
|
||||
# quarantined_instances:
|
||||
# - badguys.moe
|
||||
|
||||
# rewrite_policy:
|
||||
# - Pleroma.Web.ActivityPub.MRF.SimplePolicy
|
||||
|
||||
# :mrf_simple:
|
||||
# media_removal:
|
||||
# - illegalporn.biz
|
||||
# media_nsfw:
|
||||
# - porn.biz
|
||||
# - porn.business
|
||||
# reject:
|
||||
# - spam.com
|
||||
# federated_timeline_removal:
|
||||
# - spam.university
|
59
config_parser/parser.rb
Executable file
59
config_parser/parser.rb
Executable file
@ -0,0 +1,59 @@
|
||||
#!/usr/bin/env ruby
|
||||
|
||||
#
|
||||
# TODO: Write a better translator.
|
||||
# This is just rough text replacement right now
|
||||
# but it's already way better than the exs stuff
|
||||
# we had durin the .env files.
|
||||
#
|
||||
|
||||
require 'yaml'
|
||||
require 'json'
|
||||
|
||||
def getval(val)
|
||||
if val.is_a?(String)
|
||||
val.start_with?('<D>') ? val.delete('<D>') : val.to_json()
|
||||
else
|
||||
val.to_json()
|
||||
end
|
||||
end
|
||||
|
||||
config = YAML.load_file(ARGV[0])
|
||||
|
||||
if config["version"] != 1
|
||||
raise "Incompatible config version (#{config["version"]} != 1)"
|
||||
end
|
||||
|
||||
buf = "use Mix.Config\n\n"
|
||||
|
||||
config["app"].each do |atom, content|
|
||||
content.each do |sub, settings|
|
||||
buf += "config :#{atom}, #{sub.is_a?(Symbol) ? ":#{sub}" : sub}"
|
||||
|
||||
if !settings.is_a?(Hash)
|
||||
buf += ": #{getval(settings)}\n"
|
||||
next
|
||||
end
|
||||
|
||||
settings.each do |name, value|
|
||||
if value.is_a?(Hash) && value["<T>"] == "Array"
|
||||
value.delete("<T>")
|
||||
|
||||
buf += ", #{name}: ["
|
||||
|
||||
value.each do |k, v|
|
||||
buf += "#{k}: #{getval(v)},"
|
||||
end
|
||||
buf.chop!()
|
||||
|
||||
buf += "]"
|
||||
else
|
||||
buf += ", #{name}: #{getval(value)}"
|
||||
end
|
||||
end
|
||||
|
||||
buf += "\n"
|
||||
end
|
||||
end
|
||||
|
||||
puts buf
|
@ -7,7 +7,7 @@ define(<env_inline>, <${upcase($1):?upcase($1)}>)
|
||||
define(<env_inline_fb>, <${upcase($1):-$2}>)
|
||||
|
||||
{
|
||||
"version": "3",
|
||||
"version": "3.7",
|
||||
|
||||
ifdef(<__DOCKER_NETWORK>, <
|
||||
"networks": {
|
||||
@ -88,39 +88,21 @@ define(<env_inline_fb>, <${upcase($1):-$2}>)
|
||||
"env(<pleroma_version>)",
|
||||
"env(<docker_uid>)",
|
||||
"env(<docker_gid>)",
|
||||
"env_fb(<pleroma_uploads_path>, </uploads>)",
|
||||
"env_fb(<pleroma_uploads_path>, </uploads>)"
|
||||
]
|
||||
},
|
||||
"init": true,
|
||||
"restart": "unless-stopped",
|
||||
"links": [
|
||||
ifelse(__SCRIPT_DEPLOY_POSTGRES, true, <"db">)
|
||||
],
|
||||
"environment": [
|
||||
"env_fb(<mix_env>, <prod>)",
|
||||
|
||||
"env_fb(<postgres_ip>, <db>)",
|
||||
"env(<postgres_db>)",
|
||||
"env(<postgres_user>)",
|
||||
"env(<postgres_password>)",
|
||||
|
||||
"env(<pleroma_url>)",
|
||||
"env(<pleroma_loglevel>)",
|
||||
"env(<pleroma_scheme>)",
|
||||
"env(<pleroma_port>)",
|
||||
"env(<pleroma_secret_key_base>)",
|
||||
"env(<pleroma_name>)",
|
||||
"env(<pleroma_admin_email>)",
|
||||
"env(<pleroma_max_notice_chars>)",
|
||||
"env(<pleroma_registrations_open>)",
|
||||
"env(<pleroma_media_proxy_enabled>)",
|
||||
"env(<pleroma_media_proxy_redirect_on_failure>)",
|
||||
"env(<pleroma_media_proxy_url>)",
|
||||
"env(<pleroma_db_pool_size>)",
|
||||
"env(<pleroma_chat_enabled>)",
|
||||
"env_fb(<pleroma_uploads_path>, </uploads>)"
|
||||
"env_fb(<mix_env>, <prod>)"
|
||||
],
|
||||
"volumes": [
|
||||
"./custom.d:/custom.d",
|
||||
"./config.yml:/conf/config.yml:ro",
|
||||
"./config_parser/parser.rb:/conf/parser.rb:ro",
|
||||
"env_inline(<docker_datadir>)/uploads:env_inline_fb(<pleroma_uploads_path>, </uploads>)"
|
||||
],
|
||||
"labels": [
|
||||
|
@ -1,71 +0,0 @@
|
||||
use Mix.Config
|
||||
|
||||
defmodule Docker do
|
||||
def env(shortname, verbatim \\ false) do
|
||||
# Get var
|
||||
name = ((if verbatim, do: "", else: "pleroma_") <> Atom.to_string(shortname)) |> String.upcase()
|
||||
raw_var = System.get_env(name)
|
||||
|
||||
if raw_var == nil do
|
||||
raise "Could not find #{name} in environment. Please define it and try again."
|
||||
end
|
||||
|
||||
# Match type and cast if needed
|
||||
if String.contains?(raw_var, ":") do
|
||||
var_parts = String.split(raw_var, ":", parts: 2)
|
||||
|
||||
type = Enum.at(var_parts, 0)
|
||||
var = Enum.at(var_parts, 1)
|
||||
|
||||
func = case type do
|
||||
"int" -> fn(x) -> Integer.parse(x) |> elem(0) end
|
||||
"bool" -> fn(x) -> x == "true" end
|
||||
"string" -> fn(x) -> x end
|
||||
_ -> if verbatim do
|
||||
fn(x) -> x end
|
||||
else
|
||||
raise "Unknown type #{type} used in variable #{raw_var}."
|
||||
end
|
||||
end
|
||||
|
||||
func.(var)
|
||||
else
|
||||
raw_var
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
config :logger, level: String.to_atom(Docker.env(:loglevel) || "info")
|
||||
|
||||
config :pleroma, Pleroma.Web.Endpoint,
|
||||
url: [
|
||||
host: Docker.env(:url),
|
||||
scheme: Docker.env(:scheme),
|
||||
port: Docker.env(:port)
|
||||
],
|
||||
secret_key_base: Docker.env(:secret_key_base)
|
||||
|
||||
config :pleroma, Pleroma.Upload,
|
||||
uploads: Docker.env(:uploads_path)
|
||||
|
||||
config :pleroma, :chat,
|
||||
enabled: Docker.env(:chat_enabled)
|
||||
|
||||
config :pleroma, :instance,
|
||||
name: Docker.env(:name),
|
||||
email: Docker.env(:admin_email),
|
||||
limit: Docker.env(:max_notice_chars),
|
||||
registrations_open: Docker.env(:registrations_open)
|
||||
|
||||
config :pleroma, :media_proxy,
|
||||
enabled: Docker.env(:media_proxy_enabled),
|
||||
redirect_on_failure: Docker.env(:media_proxy_redirect_on_failure),
|
||||
base_url: Docker.env(:media_proxy_url)
|
||||
|
||||
config :pleroma, Pleroma.Repo,
|
||||
adapter: Ecto.Adapters.Postgres,
|
||||
username: Docker.env(:postgres_user, true),
|
||||
password: Docker.env(:postgres_password, true),
|
||||
database: Docker.env(:postgres_db, true),
|
||||
hostname: Docker.env(:postgres_ip, true),
|
||||
pool_size: Docker.env(:db_pool_size)
|
@ -3,7 +3,23 @@
|
||||
set -e
|
||||
set -x
|
||||
|
||||
mix deps.get
|
||||
if [[ -z "$NO_CONFIG" ]]; then
|
||||
ruby /conf/parser.rb /conf/config.yml > config/runtime-config.exs
|
||||
fi
|
||||
|
||||
if [[ -n "$COMPILE_ONLY" ]]; then
|
||||
mix deps.get
|
||||
mix compile
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Assume that dependencies are compiled and ready to go.
|
||||
# Remove this assumption when https://github.com/erlang/rebar3/issues/1627 is fixed.
|
||||
mix compile
|
||||
|
||||
# Migrate db
|
||||
mix ecto.create
|
||||
mix ecto.migrate
|
||||
|
||||
# Off we go!
|
||||
exec mix phx.server
|
||||
|
337
pleroma
337
pleroma
@ -1,8 +1,241 @@
|
||||
#!/bin/bash
|
||||
|
||||
#########################################################
|
||||
# Options #
|
||||
#########################################################
|
||||
|
||||
set -e
|
||||
set -o pipefail
|
||||
|
||||
#########################################################
|
||||
# Globals #
|
||||
#########################################################
|
||||
|
||||
readonly GITLAB_URI="https://git.pleroma.social"
|
||||
readonly PREFIX_API="api/v4/projects/pleroma%2Fpleroma/repository"
|
||||
readonly ENDPOINT_FILE="pleroma/pleroma/raw"
|
||||
readonly ENDPOINT_LIST="pleroma/pleroma/files"
|
||||
readonly ENDPOINT_TAG="$PREFIX_API/tags"
|
||||
readonly ENDPOINT_BLOB="$PREFIX_API/blobs"
|
||||
readonly ENDPOINT_BRANCH="$PREFIX_API/branches"
|
||||
|
||||
flags=""
|
||||
|
||||
#########################################################
|
||||
# Helpers #
|
||||
#########################################################
|
||||
|
||||
has_command() {
|
||||
if command -v 1>/dev/null 2>&1 "$1"; then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
require_command() {
|
||||
if ! has_command "$1"; then
|
||||
printf "\nError: This action requires the command '%s' in your PATH.\n" "$1"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
render_template() {
|
||||
require_command m4
|
||||
require_command awk
|
||||
|
||||
m4 $flags docker-compose.m4 | awk 'NF'
|
||||
}
|
||||
|
||||
docker_compose() {
|
||||
require_command docker-compose
|
||||
|
||||
docker-compose \
|
||||
-f <(render_template) \
|
||||
--project-directory . \
|
||||
"$@"
|
||||
}
|
||||
|
||||
load_env() {
|
||||
if [[ ! -f .env ]]; then
|
||||
echo "Please create a .env file first"
|
||||
echo "(Copy .env.dist to .env for a template)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
while read -r line; do
|
||||
if [[ "$line" == \#* ]] || [[ -z "$line" ]]; then
|
||||
continue;
|
||||
fi
|
||||
|
||||
export "${line?}"
|
||||
flags="-D__${line?} $flags"
|
||||
done < .env
|
||||
}
|
||||
|
||||
download_file() { # $1: source, $2: target
|
||||
if has_command curl; then
|
||||
curl -sSL "$1" -o "$2"
|
||||
elif has_command wget; then
|
||||
wget "$1" -O "$2"
|
||||
else
|
||||
printf "\nError: This action requires either curl or wget in your PATH.\n"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
request_file_content() { # $1: source
|
||||
if has_command curl; then
|
||||
curl -sSL "$1"
|
||||
elif has_command wget; then
|
||||
wget "$1" -O- 2>/dev/null
|
||||
else
|
||||
printf "\nError: This action requires either curl or wget in your PATH.\n"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
#########################################################
|
||||
# Subcommands #
|
||||
#########################################################
|
||||
|
||||
action__build() {
|
||||
docker_compose build --build-arg __BUST_CACHE="$(date +%s)" server
|
||||
}
|
||||
|
||||
action__config() {
|
||||
require_command docker
|
||||
|
||||
docker run --rm -t -i -v "$(pwd):/mnt" ruby:alpine sh -c "cd /mnt && ruby config_parser/parser.rb ${1:-config.yml}"
|
||||
}
|
||||
|
||||
action__dump() {
|
||||
cat <(render_template)
|
||||
}
|
||||
|
||||
action__enter() {
|
||||
docker_compose exec server sh -c 'cd ~/pleroma && bash'
|
||||
}
|
||||
|
||||
action__logs() {
|
||||
docker_compose logs "$@"
|
||||
}
|
||||
|
||||
action__mix() {
|
||||
docker_compose exec server sh -c "cd ~/pleroma && mix $*"
|
||||
}
|
||||
|
||||
action__passthrough() {
|
||||
docker_compose "$@"
|
||||
}
|
||||
|
||||
action__p() {
|
||||
action__passthrough "$@"
|
||||
}
|
||||
|
||||
action__restart() {
|
||||
action__stop
|
||||
action__start
|
||||
}
|
||||
|
||||
action__start() {
|
||||
docker_compose up --remove-orphans -d
|
||||
}
|
||||
|
||||
action__up() {
|
||||
action__start
|
||||
}
|
||||
|
||||
action__stop() {
|
||||
docker_compose down
|
||||
}
|
||||
|
||||
action__down() {
|
||||
action__stop
|
||||
}
|
||||
|
||||
action__status() {
|
||||
docker_compose ps
|
||||
}
|
||||
|
||||
action__ps() {
|
||||
action__status
|
||||
}
|
||||
|
||||
action__debug() {
|
||||
require_command xhost
|
||||
|
||||
local debug_mounts
|
||||
debug_mounts="
|
||||
-v $(pwd)/custom.d:/custom.d \
|
||||
-v $(pwd)/debug.d/build:/home/pleroma/pleroma/_build \
|
||||
-v $(pwd)/debug.d/deps:/home/pleroma/pleroma/deps \
|
||||
"
|
||||
|
||||
if [[ ! -d ./debug.d ]]; then
|
||||
mkdir -p ./debug.d/{build,deps}
|
||||
fi
|
||||
|
||||
if [[ ! -d ./custom.d/lib ]]; then
|
||||
mkdir -p ./custom.d/lib
|
||||
fi
|
||||
|
||||
action__stop
|
||||
|
||||
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma "$debug_mounts" server bash -c 'cp -rvf /custom.d/* /home/pleroma/pleroma && mix deps.get'
|
||||
|
||||
local x_flags=""
|
||||
if [[ $NO_X_FORWARDING != 1 ]]; then
|
||||
x_flags="-e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix"
|
||||
fi
|
||||
|
||||
[[ $NO_X_FORWARDING == 1 ]] || xhost +local:root
|
||||
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma "$debug_mounts" "$x_flags" server bash -c "cp -rvf /custom.d/* /home/pleroma/pleroma && $*"
|
||||
[[ $NO_X_FORWARDING == 1 ]] || xhost -local:root
|
||||
}
|
||||
|
||||
action__mod() {
|
||||
require_command dialog
|
||||
require_command jq
|
||||
require_command curl
|
||||
|
||||
if [[ ! -d ./debug.d ]]; then
|
||||
mkdir ./debug.d
|
||||
fi
|
||||
|
||||
if [[ ! -f ./debug.d/mod_files.json ]] || [[ -n "$(find ./debug.d/mod_files.json -mmin +5)" ]]; then
|
||||
curl -sSL -# "$GITLAB_URI/$ENDPOINT_LIST/$PLEROMA_VERSION?format=json" > ./debug.d/mod_files.json
|
||||
|
||||
if [[ -f ./debug.d/mod_files.lst ]]; then
|
||||
rm ./debug.d/mod_files.lst
|
||||
fi
|
||||
|
||||
jq -r 'map("\(.)\n") | add' <./debug.d/mod_files.json >./debug.d/mod_files.lst
|
||||
fi
|
||||
|
||||
if [[ -f ./debug.d/mod_files.lst ]] && [[ -r ./debug.d/mod_files.lst ]]; then
|
||||
choices=""
|
||||
|
||||
while read -r candidate; do
|
||||
choices="$choices $candidate $(echo "$candidate" | rev | cut -d/ -f1 | rev)"
|
||||
done <<< "$(grep -E ".*$1.*" <./debug.d/mod_files.lst)"
|
||||
|
||||
res=$(mktemp)
|
||||
dialog --menu "Select the file you want to modify:" 35 80 30 $choices 2>"$res"
|
||||
choice=$(cat "$res")
|
||||
|
||||
install -D <(echo '') "./custom.d/$choice"
|
||||
curl -sSL -# "$GITLAB_URI/$ENDPOINT_FILE/$PLEROMA_VERSION/$choice" > "./custom.d/$choice"
|
||||
else
|
||||
install -D <(echo '') "./custom.d/$1"
|
||||
curl -sSL -# "$GITLAB_URI/$ENDPOINT_FILE/$PLEROMA_VERSION/$1" > "./custom.d/$1"
|
||||
fi
|
||||
}
|
||||
|
||||
#########################################################
|
||||
# Help #
|
||||
#########################################################
|
||||
|
||||
print_help() {
|
||||
echo "
|
||||
Pleroma Maintenance Script
|
||||
@ -13,6 +246,8 @@ Usage:
|
||||
Actions:
|
||||
build Rebuild the pleroma container.
|
||||
|
||||
config [file = config.yml] Print the generated pleroma config to stdout.
|
||||
|
||||
dump Dump the generated docker-compose.yml to stdout.
|
||||
|
||||
debug [bin] [args...] Launches a new pleroma container but uses \$bin instead of phx.server as entrypoint.
|
||||
@ -60,90 +295,9 @@ Contributing:
|
||||
"
|
||||
}
|
||||
|
||||
flags=""
|
||||
|
||||
render_template() {
|
||||
m4 $flags docker-compose.m4 | awk 'NF'
|
||||
}
|
||||
|
||||
docker_compose() {
|
||||
docker-compose \
|
||||
-f <(render_template) \
|
||||
--project-directory . \
|
||||
"$@"
|
||||
}
|
||||
|
||||
load_env() {
|
||||
if [[ ! -f .env ]]; then
|
||||
echo "Please create a .env file first"
|
||||
echo "(Copy .env.dist to .env for a template)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
while read -r line; do
|
||||
if [[ "$line" == \#* ]] || [[ -z "$line" ]]; then
|
||||
continue;
|
||||
fi
|
||||
|
||||
export "${line?}"
|
||||
flags="-D__${line?} $flags"
|
||||
done < .env
|
||||
}
|
||||
|
||||
action__build() { docker_compose build --build-arg __BUST_CACHE="$(date +%s)" server; }
|
||||
action__dump() { cat <(render_template); }
|
||||
action__enter() { docker_compose exec server ash -c 'cd /pleroma && ash'; }
|
||||
action__logs() { docker_compose logs -f; }
|
||||
action__mix() { docker_compose exec server ash -c "cd /pleroma && mix $*"; }
|
||||
action__passthrough() { docker_compose $*; }
|
||||
action__p() { action__passthrough $*; }
|
||||
|
||||
action__restart() { action__stop; action__start; }
|
||||
|
||||
action__start() { docker_compose up --remove-orphans -d; }
|
||||
action__up() { action__start; }
|
||||
|
||||
action__stop() { docker_compose down; }
|
||||
action__down() { action__stop; }
|
||||
|
||||
action__status() { docker_compose ps; }
|
||||
action__ps() { action__status; }
|
||||
|
||||
###
|
||||
# This function rips out the mix caches from the container
|
||||
# in order to speed up rebuilds during debugging/modding sessions.
|
||||
# To persist the changes, the user still needs to rebuild the container.
|
||||
###
|
||||
action__debug() {
|
||||
debug_mounts="-v $(pwd)/custom.d:/custom.d -v $(pwd)/debug.d/build:/home/pleroma/pleroma/_build -v $(pwd)/debug.d/deps:/home/pleroma/pleroma/deps"
|
||||
|
||||
if [[ ! -d ./debug.d ]]; then
|
||||
mkdir -p ./debug.d/{build,deps}
|
||||
fi
|
||||
|
||||
if [[ ! -d ./custom.d/lib ]]; then
|
||||
mkdir -p ./custom.d/lib
|
||||
fi
|
||||
|
||||
action__stop
|
||||
|
||||
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma $debug_mounts server bash -c 'cp -rvf /custom.d/* /home/pleroma/pleroma && mix deps.get'
|
||||
|
||||
x_flags=""
|
||||
if [[ $NO_X_FORWARDING != 1 ]]; then
|
||||
x_flags="-e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix"
|
||||
fi
|
||||
|
||||
[[ $NO_X_FORWARDING == 1 ]] || xhost +local:root
|
||||
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma $debug_mounts $x_flags server bash -c "cp -rvf /custom.d/* /home/pleroma/pleroma && $*"
|
||||
[[ $NO_X_FORWARDING == 1 ]] || xhost -local:root
|
||||
}
|
||||
|
||||
action__mod() {
|
||||
echo "Preparing 'custom.d/$1' for modding..."
|
||||
install -D <(echo '') ./custom.d/$1
|
||||
wget -O ./custom.d/$1 https://git.pleroma.social/pleroma/pleroma/raw/$PLEROMA_VERSION/$1
|
||||
}
|
||||
#########################################################
|
||||
# Main #
|
||||
#########################################################
|
||||
|
||||
# Check if there is any command at all
|
||||
if [[ -z "$1" ]]; then
|
||||
@ -152,18 +306,18 @@ if [[ -z "$1" ]]; then
|
||||
fi
|
||||
|
||||
# Check for SHOPTs
|
||||
if [[ ! -z "$SHOPT" ]]; then
|
||||
if [[ -n "$SHOPT" ]]; then
|
||||
for opt in $SHOPT; do
|
||||
if [[ $opt =~ ":" ]]; then
|
||||
set -o ${opt//-o:/}
|
||||
set -o "${opt//-o:/}"
|
||||
else
|
||||
set $opt
|
||||
set "$opt"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Check for DEBUG
|
||||
if [[ ! -z "$DEBUG" ]]; then
|
||||
if [[ -n "$DEBUG" ]]; then
|
||||
if [[ $DEBUG == 1 ]]; then
|
||||
export DEBUG_COMMANDS=1
|
||||
elif [[ $DEBUG == 2 ]]; then
|
||||
@ -174,14 +328,13 @@ fi
|
||||
# Parse .env
|
||||
load_env
|
||||
|
||||
# Guess function name of current command
|
||||
# and then check for it's existance.
|
||||
# Guess function name of current command and call it if present
|
||||
func="action__${1}"
|
||||
|
||||
if type -t $func 2>&1 1>/dev/null; then
|
||||
if type -t "$func" 1>/dev/null 2>&1; then
|
||||
shift
|
||||
[[ $DEBUG != 1 ]] || set -x
|
||||
$func $@
|
||||
$func "$@"
|
||||
{ [[ $DEBUG != 1 ]] || set +x; } 2>/dev/null
|
||||
else
|
||||
print_help
|
||||
|
Loading…
Reference in New Issue
Block a user