Compare commits

...

3 commits

8 changed files with 146 additions and 19 deletions

46
Dockerfile.pleroma-source Normal file
View file

@ -0,0 +1,46 @@
FROM elixir:1.11.4-alpine
ARG PLEROMA_VER=develop
ARG UID=911
ARG GID=911
ENV MIX_ENV=prod
RUN echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories \
&& apk update \
&& apk add git gcc g++ musl-dev make cmake file-dev \
exiftool imagemagick libmagic ncurses postgresql-client ffmpeg
RUN addgroup -g ${GID} pleroma \
&& adduser -h /pleroma -s /bin/false -D -G pleroma -u ${UID} pleroma
ARG DATA=/var/lib/pleroma
RUN mkdir -p /etc/pleroma \
&& chown -R pleroma /etc/pleroma \
&& mkdir -p ${DATA}/uploads \
&& mkdir -p ${DATA}/static \
&& chown -R pleroma ${DATA}
USER pleroma
WORKDIR /pleroma
RUN git clone -b develop https://git.pleroma.social/pleroma/pleroma.git /pleroma \
&& git checkout ${PLEROMA_VER}
USER root
COPY ./minica.pem /usr/local/share/ca-certificates/minica.crt
RUN update-ca-certificates
USER pleroma
RUN mix local.hex --force \
&& mix local.rebar --force \
&& mix deps.get --only prod \
&& mix deps.compile --only prod \
&& mix compile --only prod
COPY ./files/pleroma.exs config/prod.secret.exs
COPY ./files/pleroma_source_entrypoint.sh docker-entrypoint.sh
EXPOSE 4000
ENTRYPOINT ["/pleroma/docker-entrypoint.sh"]

View file

@ -10,8 +10,8 @@ mastodon is TODO.
add the following to your `/etc/hosts`
```
127.0.0.1 pleroma.pubtester.local localhost
127.0.0.1 pleroma2.pubtester.local localhost
127.0.0.1 pleroma.pubtester.example.net localhost
127.0.0.1 pleroma2.pubtester.example.net localhost
```
run
@ -20,3 +20,20 @@ git clone ... && cd pubtester
./pleroma_setup.sh
docker-compose up -d pleroma_web pleroma2_web nginx
```
then go to `https://pleroma.pubtester.example.net:20000/main/friends`
and also `https://pleroma2.pubtester.example.net:20000/main/friends`
## emit new minica certs
this is generally for myself: https://github.com/jsha/minica
`minica -domains 'pubtester.example.net,*.pubtester.example.net'`
## wipe everything
```
sudo rm -rfv ./data
./pleroma_setup.sh
```

View file

@ -6,14 +6,12 @@ services:
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
volumes:
- ./data/pleroma/postgres14:/var/lib/postgresql/data
- ./data/pleroma/postgres15:/var/lib/postgresql/data
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
- 'POSTGRES_USER=pleroma'
- 'POSTGRES_PASSWORD=very_secure_pleroma_password'
- 'POSTGRES_DB=pleroma'
#pleroma:
# image: git.pleroma.social:5050/pleroma/pleroma:release-2-4-1
pleroma_web:
image: pleroma_selfbuilt
@ -39,7 +37,7 @@ services:
- ./data/pleroma/static:/var/lib/pleroma/static
- ./files/pleroma.exs:/etc/pleroma/config.exs:ro
environment:
DOMAIN: pleroma.pubtester.local
DOMAIN: pleroma.pubtester.example.net
INSTANCE_NAME: Pleroma/pubtester
ADMIN_EMAIL: admin@example.com
NOTIFY_EMAIL: notify@example.com
@ -55,13 +53,14 @@ services:
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
volumes:
- ./data/pleroma2/postgres14:/var/lib/postgresql/data
- ./data/pleroma2/postgres15:/var/lib/postgresql/data
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
- 'POSTGRES_USER=pleroma'
- 'POSTGRES_PASSWORD=very_secure_pleroma_password'
- 'POSTGRES_DB=pleroma'
pleroma2_web:
# use pleroma_source_selfbuilt if patching pleroma
image: pleroma_selfbuilt
healthcheck:
test:
@ -74,8 +73,6 @@ services:
- '127.0.0.1:20710:4000'
build:
context: .
# Feel free to remove or override this section
# See 'Build-time variables' in README.md
args:
- "UID=1000"
- "GID=1000"
@ -83,9 +80,12 @@ services:
volumes:
- ./data/pleroma2/uploads:/var/lib/pleroma/uploads
- ./data/pleroma2/static:/var/lib/pleroma/static
- ./files/pleroma.exs:/etc/pleroma/config.exs:ro
- ./files/pleroma.exs:/pleroma/config/prod.secret.exs:ro
# dev patches
#- /home/luna/git/pleroma/lib/pleroma/formatter.ex:/pleroma/lib/pleroma/formatter.ex:ro
#- /home/luna/git/pleroma/deps/linkify/lib/linkify/parser.ex:/pleroma/deps/linkify/lib/linkify/parser.ex:ro
environment:
DOMAIN: pleroma2.pubtester.local
DOMAIN: pleroma2.pubtester.example.net
INSTANCE_NAME: Pleroma/pubtester2
ADMIN_EMAIL: admin@example.com
NOTIFY_EMAIL: notify@example.com
@ -163,12 +163,12 @@ services:
networks:
default:
aliases:
- pleroma.pubtester.local
- pleroma2.pubtester.local
- pleroma.pubtester.example.net
- pleroma2.pubtester.example.net
volumes:
- ./files/nginx.conf:/etc/nginx/nginx.conf:ro
- ./pubtester.local/cert.pem:/etc/nginx/cert.pem:ro
- ./pubtester.local/key.pem:/etc/nginx/key.pem:ro
- ./pubtester.example.net/cert.pem:/etc/nginx/cert.pem:ro
- ./pubtester.example.net/key.pem:/etc/nginx/key.pem:ro
ports:
- '127.0.0.1:20000:443'
depends_on:

View file

@ -36,7 +36,7 @@ http {
# root /mnt/none;
# index index.html index.htm;
# server_name mastodon.pubtester.local;
# server_name mastodon.pubtester.example.net;
# absolute_redirect off;
# server_name_in_redirect off;
@ -73,7 +73,7 @@ http {
root /mnt/none;
index index.html index.htm;
server_name pleroma.pubtester.local;
server_name pleroma.pubtester.example.net;
absolute_redirect off;
server_name_in_redirect off;
@ -98,7 +98,7 @@ http {
root /mnt/none;
index index.html index.htm;
server_name pleroma2.pubtester.local;
server_name pleroma2.pubtester.example.net;
absolute_redirect off;
server_name_in_redirect off;

View file

@ -0,0 +1,14 @@
#!/bin/ash
set -eux
echo "-- Waiting for database..."
while ! pg_isready -U ${DB_USER:-pleroma} -d postgres://${DB_HOST:-db}:${DB_PORT:-5432}/${DB_NAME:-pleroma} -t 1; do
sleep 1s
done
echo "-- Running migrations..."
mix ecto.migrate
echo "-- Starting!"
mix phx.server

View file

@ -2,9 +2,10 @@
#
# setup pleroma db
set -eux
docker-compose up -d pleroma_db
docker-compose up -d pleroma2_db
sleep 10
sleep 10 # waiting for databases to warm up
docker-compose exec -i pleroma_db psql -U pleroma -c "CREATE EXTENSION IF NOT EXISTS citext;"
docker-compose exec -i pleroma_db psql -U pleroma -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
docker-compose exec -i pleroma_db psql -U pleroma -c 'CREATE EXTENSION IF NOT EXISTS "uuid-ossp";'
@ -14,3 +15,4 @@ docker-compose exec -i pleroma2_db psql -U pleroma -c 'CREATE EXTENSION IF NOT E
docker-compose down
docker buildx build -t pleroma_selfbuilt -f ./Dockerfile.pleroma .
docker buildx build -t pleroma_source_selfbuilt -f ./Dockerfile.pleroma-source .

View file

@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDXzCCAkegAwIBAgIIBFIfZ3oH+twwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgMmY2YmZlMB4XDTIzMDEyMjIxMTEwMVoXDTI1MDIy
MTIxMTEwMVowIDEeMBwGA1UEAxMVcHVidGVzdGVyLmV4YW1wbGUubmV0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRVaBdqT1/VamwA7pAA37bOG9GAW
zPXtB6WFg7GdGIhzXuq/qdjoO0HLHNoHP3uqRGrJvA0nJdnTs1gaNBUiNP6303LG
OHlIaa5B7tByAW/xtji6DuEhVnibiK3jSP4b6m5A6FDgr8qbjJMzHkrHYa3cN4Im
m7fJmHFyKpa6L2CXp+I+DqJt8FJtKfr1sYXkMr9QJdT6IqJ2ZGpH8GFYMoa2m9yz
uvBb7+LOm4v2CLLxl8ZJpwB7M/n+Ahf53s0gu0jjhkhSLig2EUsl/XFa0yYu7h9z
ZNz4wb/Lrgq5Dcc6JkVMNBR9GBx9VaxITcbNcL9r0vF+s3GkRHDNjddvAwIDAQAB
o4GcMIGZMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQ2y5zeB44/l7zuosGq/xzW
cnHuhzA5BgNVHREEMjAwghVwdWJ0ZXN0ZXIuZXhhbXBsZS5uZXSCFyoucHVidGVz
dGVyLmV4YW1wbGUubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQCci4kcoW7o6lQxEGKD
qganrBdTEVjH95x/EOBhRwscXcPrxocTkUgPSrN1vOvZU144UmcDBIPZtsyyOkBt
cy7RQYTYb+/1c2Jn8o6j4Low+B0nnXQE2SUeY61Vw/PmcQ2cM13a7dujBK9XZ2CM
5ARFTgPtva34fJC9SZsBbBmCS39VcExysNxpjet9QWN6A+XK/TcaJAFWEiiVckXA
AbxKVCxY0DQ103BTz75RkyasE9ocY0hwEyHqhPbg1Z/tyquk6Iskk7YAh0Qk5dTl
xUL+o9lOeIUpSraWweyWH8+bjvSiNCYJ5KG3dV9zwEeKmi4sfi9+6EpQ47FoLx9v
tiGQ
-----END CERTIFICATE-----

View file

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAwRVaBdqT1/VamwA7pAA37bOG9GAWzPXtB6WFg7GdGIhzXuq/
qdjoO0HLHNoHP3uqRGrJvA0nJdnTs1gaNBUiNP6303LGOHlIaa5B7tByAW/xtji6
DuEhVnibiK3jSP4b6m5A6FDgr8qbjJMzHkrHYa3cN4Imm7fJmHFyKpa6L2CXp+I+
DqJt8FJtKfr1sYXkMr9QJdT6IqJ2ZGpH8GFYMoa2m9yzuvBb7+LOm4v2CLLxl8ZJ
pwB7M/n+Ahf53s0gu0jjhkhSLig2EUsl/XFa0yYu7h9zZNz4wb/Lrgq5Dcc6JkVM
NBR9GBx9VaxITcbNcL9r0vF+s3GkRHDNjddvAwIDAQABAoIBAD4ZdeioEiDFAq0T
eBsZDuPed6slNHAbMG7jJ3vhphr7189RRO+FmbtlP8Q5w1cBmROEHPnkaRDdbB8k
WNkjausMeWcCZQpIx6dlqkL6u5AGxwDKYdzjP2umQq/E7XLOd4AAkdOmH32qdjjS
JwC5IEMkPc2EiJJQm//xjLxx2dPed9gz9DMH7Ym7MW4LGNMYP3lCc6fpFKa/LQme
FX1+FBi07ZhP7yF93/QXK7s6/kxfvgI/VHWfOQQG6cAXr4MnzW/sC+F5PmFX6W19
cdC2bklKbyYdXoRlTQUeA9dGehxUTFm0EDO+MTs0dNn28Ss1YXiuAJvf6iu8SvVq
11AUbZECgYEA7TlrmZsmHqqj8gaJekXZSWkGxsJJmWC0w5UVbhUAchROKOZ0bu1O
BrfMGy90EfLYjLAnK+Dw4E9kDqwiGit98ZUo5YgVZ5b8tnccVRY6VYO4jm/seyYt
qpz4S7WKzJrlbX66bAGyRHIGZdlHTewDf/CITFjANGLiiN9NDtp6tuUCgYEA0F2P
Pnd3vHBZ+9cK5E4+wUt1Ys+ObohQIIu3e3GrpX7DnUOP93G65cYN6OfSTcH6ClMj
7e8E3F2UI91Ke7WmSJWsnRQrGLYjFaEL6y8QXK/5oiNYcVAOC9MslhV5hLF5afYR
w2omgLoIZB44x4ognpUi0xWfYBVbW/zWcWV3B8cCgYAoAjAohucl8ueVkQ6spY0g
+WqgKPJawNmbxtAHcdlSZCROd5eZgcJQFb2BtD4iLM/i4m6o0tYtLpaUdumFemJS
VTLBi3L4tplGeM45d3c9JusActXyaxz2kmS5+BNBsLoS/nWYc6zKKGT11nBVLwHk
GQATyEAaVbcZGHgZkjVyFQKBgCs9PxyXbiGMrx+z4G7ATgWOwy1eJRCK+RXH6KuV
SylsxOs9ugJ/d2l3UCuk799zAZBi8HHPyBJy2OsYYPyLFZa6eLegF9Fo+p7ibLbB
bYPOgN9EtnXNRxztFbOPgUgoDCoRBl6nCJZuBI/CNcYyw9Ik4LUtJ4Wo6OyN63Jc
u/bBAoGAAZ2KYVM4gXUVibCKAzJ7teq4gEPoVbRHvTw25woyIuJtBjRgqv0rstX0
pqKsoZcA6nZwLeSnNRpxj2kRt0TAcDIjV45f4iblveRPufuMYYMQveglDVGOf4yh
7W97mLdMvtz3UR1OUlywKOB/1KNU9BrtEkYceC1MYS/9BQVkDyo=
-----END RSA PRIVATE KEY-----