mirror
/
pleroma-docker
mirror of https://memleak.eu/sn0w/pleroma-docker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'feature/modernize' of sn0w/pleroma-docker into develop

This commit is contained in:
sn0w 2018-12-30 13:38:52 +00:00 committed by Gitea
parent 1ec14d0a2f b96154acc8
commit 307d6b01d9
11 changed files with 498 additions and 443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
.env.dist
View File

@ -1,18 +1,3 @@
#
# Note: The values of this file that are passed directly to
# pleroma need type hints to be applied correctly.
# The implemented types are int, bool, and string.
# Typed variables look like this: KEY=type:VALUE.
# Not specifying a type implies a string.
#
# In general: Your instance should work as expected if you leave the types as they are.
# That is: don't remove them, don't add them, don't change them.
# Always just change the values.
#
# You don't need to escape colons in your strings.
# PLEROMA_NAME=string:std::pleroma::coolinstance will work as expected.
#
######################### #########################
# Script settings # # Script settings #
######################### #########################
@ -62,15 +47,12 @@ DOCKER_GID=1000
# Database settings # # Database settings #
########################### ###########################
# Leave POSTGRES_IP empty unless you plan to install your own database # When you use the managed postgres container
# Leave the POSTGRES_DB, POSTGRES_USER and POSTGRES_PASSWORD as-is # those will be the credentials the container is generated with.
# unless you use your own database.
POSTGRES_IP=
POSTGRES_DB=pleroma POSTGRES_DB=pleroma
POSTGRES_USER=pleroma POSTGRES_USER=pleroma
POSTGRES_PASSWORD=pleroma POSTGRES_PASSWORD=pleroma
PLEROMA_DB_POOL_SIZE=int:16
########################## ##########################
# Pleroma Settings # # Pleroma Settings #
@ -82,50 +64,6 @@ MIX_ENV=prod
# The git tag, revision, or branch to check out on build # The git tag, revision, or branch to check out on build
PLEROMA_VERSION=develop PLEROMA_VERSION=develop
# The loglevel to use # Domain to run at (only relevant for traefik mode)
# (error/warn/info/debug)
PLEROMA_LOGLEVEL=error
# The domain/scheme where pleroma will be hosted
# URL is a bare TLD
# SCHEME is the protocol without "://"
# PORT is the *external* port (ie that of your reverse proxy)
PLEROMA_URL=coolsite.moe PLEROMA_URL=coolsite.moe
PLEROMA_SCHEME=https PLEROMA_MEDIA_PROXY_URL=cdn.coolsite.moe
PLEROMA_PORT=int:443
# The seed for your secret keys
# (Enter something as random as possible)
# (On linux you can try something like "dd if=/dev/urandom bs=1 count=64 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev")
PLEROMA_SECRET_KEY_BASE=
# The name of your instance
# (This is displayed in the top-left in pleroma-fe)
PLEROMA_NAME=string:coolInstance
# Your contact info
PLEROMA_ADMIN_EMAIL=admin@coolsite.moe
# How many chars a notice may have at max.
PLEROMA_MAX_NOTICE_CHARS=int:500
# Whether your instance accepts new users or not (true/false)
PLEROMA_REGISTRATIONS_OPEN=bool:true
# Enable media proxy (true/false)?
PLEROMA_MEDIA_PROXY_ENABLED=bool:false
# The url of your media proxy (if enabled) [with "http(s)://"]
PLEROMA_MEDIA_PROXY_URL=string:https://cdn.coolsite.moe
# Redirect to source on cache fail?
PLEROMA_MEDIA_PROXY_REDIRECT_ON_FAILURE=bool:true
# Whether to enable the chat feature or not
PLEROMA_CHAT_ENABLED=bool:true
# Where to store uploads.
# This is only relevant inside the container.
# The host path is always $DOCKER_DATADIR/uploads.
# So, you probably don't need to change this.
PLEROMA_UPLOADS_PATH=/uploads

1
.gitignore vendored
View File

@ -1,5 +1,6 @@
data data
.env .env
config.yml
custom.d/ custom.d/
!custom.d/.gitkeep !custom.d/.gitkeep
docker-compose.yml docker-compose.yml

67
Dockerfile
View File

@ -1,29 +1,22 @@
FROM debian:9-slim FROM debian:9-slim
VOLUME /custom.d # Set up environment
EXPOSE 4000
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
ENV LC_ALL=C.UTF-8 ENV LC_ALL=C.UTF-8
ENV LANG=C.UTF-8 ENV LANG=C.UTF-8
# Register pseudo-entrypoint # Prepare mounts
ADD ./entrypoint.sh / VOLUME /custom.d
RUN chmod a+x /entrypoint.sh VOLUME /conf
CMD ["/entrypoint.sh"]
# Set "real" entrypoint to an init system. # Expose default pleroma port to host
# TODO: Replace with --init when docker 18.06 is GA EXPOSE 4000
ENV TINI_VERSION v0.18.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
RUN chmod +x /tini
ENTRYPOINT ["/tini", "--"]
# Get build dependencies # Get erlang, elixir, and dependencies
RUN \ RUN \
apt-get update \ apt-get update \
&& apt-get install -y --no-install-recommends apt-utils \ && apt-get install -y --no-install-recommends apt-utils \
&& apt-get install -y --no-install-recommends git wget ca-certificates gnupg2 build-essential \ && apt-get install -y --no-install-recommends git wget ca-certificates gnupg2 build-essential ruby \
\ \
&& wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb \ && wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb \
&& dpkg -i erlang-solutions_1.0_all.deb \ && dpkg -i erlang-solutions_1.0_all.deb \
@ -32,36 +25,44 @@ RUN \
\ \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Add entrypoint
COPY ./entrypoint.sh /
RUN chmod a+x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
# Limit permissions # Limit permissions
ARG DOCKER_UID ARG DOCKER_UID=1000
ARG DOCKER_GID ARG DOCKER_GID=1000
ARG PLEROMA_UPLOADS_PATH ARG PLEROMA_UPLOADS_PATH=/uploads
RUN \ RUN \
groupadd --gid ${DOCKER_GID} pleroma \ groupadd --gid ${DOCKER_GID} pleroma \
&& useradd -m -s /bin/bash --gid ${DOCKER_GID} --uid ${DOCKER_UID} pleroma \ && useradd -m -s /bin/bash --gid ${DOCKER_GID} --uid ${DOCKER_UID} pleroma \
&& mkdir -p /custom.d $PLEROMA_UPLOADS_PATH \ && mkdir -p /custom.d $PLEROMA_UPLOADS_PATH \
&& chown -R pleroma:pleroma /custom.d $PLEROMA_UPLOADS_PATH && chown -R pleroma:pleroma /custom.d /conf $PLEROMA_UPLOADS_PATH
USER pleroma USER pleroma
WORKDIR /home/pleroma WORKDIR /home/pleroma
# Get pleroma # Get pleroma sources
RUN git clone --progress https://git.pleroma.social/pleroma/pleroma.git ./pleroma RUN git clone --progress https://git.pleroma.social/pleroma/pleroma.git ./pleroma
WORKDIR /home/pleroma/pleroma WORKDIR /home/pleroma/pleroma
# Get rebar/hex # Bust the build cache (if needed)
# This works by setting an environment variable with the last
# used version/branch/tag/commitish/... which originates in the script.
# If the host doesn't have the required tool for "smart version detection"
# we'll just use the current timestamp here which forces a rebuild every time.
ARG __BUST_CACHE
ENV __BUST_CACHE $__BUST_CACHE
# Get rebar and hex
RUN \ RUN \
mix local.hex --force \ mix local.hex --force \
&& mix local.rebar --force && mix local.rebar --force
# Bust the build cache
ARG __BUST_CACHE
ENV __BUST_CACHE $__BUST_CACHE
# Fetch changes, checkout # Fetch changes, checkout
ARG PLEROMA_VERSION ARG PLEROMA_VERSION
RUN \ RUN \
git fetch --all \ git fetch --all \
&& git checkout $PLEROMA_VERSION \ && git checkout $PLEROMA_VERSION \
@ -69,12 +70,12 @@ RUN \
# Precompile # Precompile
RUN \ RUN \
mix deps.get \ NO_CONFIG=1 COMPILE_ONLY=1 /entrypoint.sh
&& mix compile
# Insert overrides and config helper # Prepare runtime config
COPY --chown=pleroma:pleroma ./docker-config.exs /docker-config.exs
COPY --chown=pleroma:pleroma ./custom.d /home/pleroma/pleroma
RUN \ RUN \
ln -s /docker-config.exs config/prod.secret.exs \ ln -sf runtime-config.exs config/prod.secret.exs \
&& ln -s /docker-config.exs config/dev.secret.exs && ln -sf runtime-config.exs config/dev.secret.exs
# Insert overrides
COPY --chown=pleroma:pleroma ./custom.d /home/pleroma/pleroma

22
LICENSE Normal file
View File

@ -0,0 +1,22 @@
Copyright (c) 2017-2018, sn0w
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

162
README.md
View File

@ -7,8 +7,7 @@ This repository dockerizes it for easier deployment.
<hr> <hr>
```cpp ```cpp
#include <public_domain.h> #include <LICENSE>
#include <std_disclaimer.h>
/* /*
* This repository comes with ABSOLUTELY NO WARRANTY * This repository comes with ABSOLUTELY NO WARRANTY
@ -24,14 +23,6 @@ This repository dockerizes it for easier deployment.
<hr> <hr>
## Features
- 100% generic
- Everything is customizable
- Zero special host dependencies
- Configuration is not compile-time
- "It just works"
## Alternatives ## Alternatives
If this setup is a bit overwhelming there are a lot of other great dockerfiles If this setup is a bit overwhelming there are a lot of other great dockerfiles
@ -41,153 +32,6 @@ or guides from the community. A few are linked below. This list is not exhaustiv
- [RX14/iscute.moe](https://github.com/RX14/kurisu.rx14.co.uk/blob/master/services/iscute.moe/pleroma/Dockerfile) - [RX14/iscute.moe](https://github.com/RX14/kurisu.rx14.co.uk/blob/master/services/iscute.moe/pleroma/Dockerfile)
- [rysiek/docker-pleroma](https://git.pleroma.social/rysiek/docker-pleroma) - [rysiek/docker-pleroma](https://git.pleroma.social/rysiek/docker-pleroma)
## Installing Pleroma ## Docs
- Clone this repository coming soon tm
- Copy `.env.dist` to `.env`
- Edit `.env` (see "Configuring Pleroma" section below)
- Run `./pleroma build` and `./pleroma start`
- Profit!
## Updating Pleroma
Just run `./pleroma build` again and `./pleroma start` afterwards.
You don't need to shutdown pleroma while compiling the new release.
Every time you run `./pleroma build` the script will fetch all upstream changes and checkout `PLEROMA_VERSION`.
This means that setting `PLEROMA_VERSION` to a branch enables rolling-release updates while setting
it to a tag or commit-hash pins the version.
## Maintaining Pleroma
Pleroma maintenance is usually done with premade mix tasks.<br>
You can run these tasks using `./pleroma mix [task] [arguments...]`.<br>
If you need to fix some bigger issues you can also spawn a shell using `./pleroma enter`.
## Customizing Pleroma
Just add your customizations (and their folder structure) to `custom.d`.<br>
They will be mounted and symlinked into the right place when the container starts.<br>
You can even replace/patch pleroma's code with this, because the project is recompiled at startup.<br>
In general: Prepending `custom.d/` to pleroma's customization guides should work all the time.<br>
Check them out in the [official pleroma wiki](https://git.pleroma.social/pleroma/pleroma/wikis/home).
For example: A custom thumbnail now goes into `custom.d/priv/static/instance/thumbnail.jpeg` instead of `priv/static/instance/thumbnail.jpeg`.
Note: Since `custom.d` needs to be accessible at runtime by the pleroma process, the container will automatically chown these files to `$UID:$GID` from your `.env` file.
## Configuring Pleroma
pleroma-docker tries to stay out of your way as much as possible while providing
a good experience for both you and your users. It thus supports multiple
"operation modes" and quite some config variables which you can mix and match.
This guide will explain some of the tricky `.env` file parts as detailed as possible (but you should still read the comments in there).
Since this setup [injects code](https://glitch.sh/sn0w/pleroma-docker/blob/master/docker-config.exs) into pleroma that moves it's configuration into the environment (ref ["The Twelve-Factor App"](https://12factor.net/)),
the built image is 100% reusable and can be shared/replicated across multiple hosts.
To do that just run `./pleroma build` as usual and then tag your image to whatever you want.
Just make sure to start the replicated container with `env_file:` or all required `-e` pairs.
#### Storing Data
Currently all data is stored in subfolders of `DOCKER_DATADIR` which will be bind-mounted into the container by docker.
We'll evaluate named volumes as an option in the future but they're currently not supported.
#### Database (`SCRIPT_DEPLOY_POSTGRES`)
Values: `true` / `false`
By default pleroma-docker deploys a postgresql container and links it to pleroma's container as a zero-config data store. If you already have a postgres database or want to host postgres on a physically different machine set this value to `false`. Make sure to set the `POSTGRES_*` variables when doing that.
#### Reverse Proxy (`SCRIPT_USE_PROXY`)
Values: `traefik` / `nginx` / `manual`
Pleroma is usually run behind a reverse-proxy.
Pleroma-docker gives you multiple options here.
##### Traefik
In traefik-mode we will generate a pleroma container with traefik labels.
These will be picked up at runtime to dynamically create a reverse-proxy
configuration. This should 'just work' if `watch=true` and `exposedByDefault=false` are set in the `[docker]` section of your `traefik.conf`. SSL will also 'just work' once you add a matching `[[acme.domains]]` entry.
##### NGINX
In nginx-mode we will generate a bare nginx container that is linked to the
pleroma container. The nginx container is absolutely unmodified and expects to
be configured by you. The nginx file in [Pleroma's Repository](https://git.pleroma.social/pleroma/pleroma/blob/develop/installation/pleroma.nginx) is a good starting point.
We will mount your configs like this:
```
custom.d/server.nginx -> /etc/nginx/nginx.conf
custom.d/vhost.nginx -> /etc/nginx/conf.d/pleroma.conf
```
To reach your pleroma container from inside nginx use `proxy_pass http://pleroma:4000;`.
Set `SCRIPT_PORT_HTTP` and `SCRIPT_PORT_HTTPS` to the ports you want to listen on.
Specify the ip to bind to in `SCRIPT_BIND_IP`. These values are required.
The container only listens on `SCRIPT_PORT_HTTPS` if `SCRIPT_ENABLE_SSL` is `true`.
##### Apache / httpd
Just like nginx-mode this starts an unmodified apache server that expects to be
configured by you. Again [Pleroma's Config](https://git.pleroma.social/pleroma/pleroma/blob/develop/installation/pleroma-apache.conf) is a good starting point.
We will mount your configs like this:
```
custom.d/server.httpd -> /usr/local/apache2/conf/httpd.conf
custom.d/vhost.httpd -> /usr/local/apache2/conf/extra/httpd-vhosts.conf
```
To reach your pleroma container from inside apache use `ProxyPass [loc] http://pleroma:4000/`.
Again setting `SCRIPT_PORT_HTTP`, `SCRIPT_PORT_HTTPS` and `SCRIPT_BIND_IP` is required.
The container only listens on `SCRIPT_PORT_HTTPS` if `SCRIPT_ENABLE_SSL` is `true`.
##### Manual
In manual mode we do not create any reverse proxy for you.
You'll have to figure something out on your own.
This mode also doesn't bind to any IP or port.
You'll have to forward something to the container's IP.
#### SSL (`SCRIPT_ENABLE_SSL`)
Values: `true` / `false`
If you want to use SSL with your Apache or NGINX containers you'll need a
certificate. Certificates need to be placed into `custom.d` and will be
bind-mounted into the server's container at runtime.
We will mount your certs like this:
```
custom.d/ssl.crt -> /ssl/ssl.crt
custom.d/ssl.key -> /ssl/ssl.key
```
You can reference them in Apache like this:
```apache
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile "/ssl/ssl.crt"
SSLCertificateKeyFile "/ssl/ssl.key"
</VirtualHost>
```
And in NGINX like this:
```nginx
listen 443 ssl;
ssl_certificate /ssl/ssl.crt;
ssl_certificate_key /ssl/ssl.key;
```
In traefik-mode and manual-mode these files and the `SCRIPT_ENABLE_SSL` value are ignored.

110
config.dist.yml Normal file
View File

@ -0,0 +1,110 @@
version: 1
#
# Pleroma settings
#
# You can enter any config in here that you want.
# Pleroma-Docker will try to translate it into elixir for you.
#
# <T> is a special member for modifying the YAML->Elixir translation.
# When set to `Array` it causes the generation of a "keyed array" literal instead
# of multiple named parameters to `config`.
#
# <D> is a special prefix that causes a string to be passed <D>irectly without quoting.
# Useful for referencing modules like Ecto adapters or other symbols that are usually wrapped in yaml.
#
# Remember to take a look at your config with `./pleroma config`.
#
app:
# The loglevel to use in pleroma.
:logger:
level: <D>:info
:pleroma:
Pleroma.Repo:
# Credentials for your database.
# You should leave this as-is if you want to use the managed db container.
hostname: db
username: pleroma
password: pleroma
database: pleroma
pool_size: 16
adapter: <D>Ecto.Adapters.Postgres
Pleroma.Web.Endpoint:
# Location where your instance will be reachable.
url:
<T>: Array
scheme: https
host: coolsite.moe
port: 443
# Base for your secret keys.
# Better make this random.
secret_key_base: asdf0815
Pleroma.Upload:
# Where to store your uploads.
# You should probably leave this as-is.
# /uploads will be mounted into ::docker::datadir.
uploads: /uploads
# Remove metadata from uploads?
strip_exif: true
:chat:
# Enable chat functionality?
enabled: true
:media_proxy:
# Enable the proxy?
enabled: true
# Emit a 302 to the original resource when uncached?
redirect_on_failure: true
# Where your proxy is reachable
base_url: https://media.coolsite.moe
:instance:
# The name of your instance.
name: super cool stuff club
# Short description of your instance
description: we do super cool stuff in super cool stuff club
# The admin's email address.
email: admin@coolsite.moe
# How many chars a notice may have at max.
limit: 4096
# May new members sign up?
registrations_open: true
# Allow connections to other instances?
# (Turn this off for testing)
federating: true
# The rewrite policies / quarantines to enable.
# This is a powerful feature which should be used with care.
# Take a look at https://git.pleroma.social/pleroma/pleroma/wikis/Message%20rewrite%20facility%20configuration%20(how%20to%20block%20instances).
# Then uncomment only the things you really need
# quarantined_instances:
# - badguys.moe
# rewrite_policy:
# - Pleroma.Web.ActivityPub.MRF.SimplePolicy
# :mrf_simple:
# media_removal:
# - illegalporn.biz
# media_nsfw:
# - porn.biz
# - porn.business
# reject:
# - spam.com
# federated_timeline_removal:
# - spam.university

59
config_parser/parser.rb Executable file
View File

@ -0,0 +1,59 @@
#!/usr/bin/env ruby
#
# TODO: Write a better translator.
# This is just rough text replacement right now
# but it's already way better than the exs stuff
# we had durin the .env files.
#
require 'yaml'
require 'json'
def getval(val)
if val.is_a?(String)
val.start_with?('<D>') ? val.delete('<D>') : val.to_json()
else
val.to_json()
end
end
config = YAML.load_file(ARGV[0])
if config["version"] != 1
raise "Incompatible config version (#{config["version"]} != 1)"
end
buf = "use Mix.Config\n\n"
config["app"].each do |atom, content|
content.each do |sub, settings|
buf += "config :#{atom}, #{sub.is_a?(Symbol) ? ":#{sub}" : sub}"
if !settings.is_a?(Hash)
buf += ": #{getval(settings)}\n"
next
end
settings.each do |name, value|
if value.is_a?(Hash) && value["<T>"] == "Array"
value.delete("<T>")
buf += ", #{name}: ["
value.each do |k, v|
buf += "#{k}: #{getval(v)},"
end
buf.chop!()
buf += "]"
else
buf += ", #{name}: #{getval(value)}"
end
end
buf += "\n"
end
end
puts buf

30
docker-compose.m4
View File

@ -7,7 +7,7 @@ define(<env_inline>, <${upcase($1):?upcase($1)}>)
define(<env_inline_fb>, <${upcase($1):-$2}>) define(<env_inline_fb>, <${upcase($1):-$2}>)
{ {
"version": "3", "version": "3.7",
ifdef(<__DOCKER_NETWORK>, < ifdef(<__DOCKER_NETWORK>, <
"networks": { "networks": {
@ -88,39 +88,21 @@ define(<env_inline_fb>, <${upcase($1):-$2}>)
"env(<pleroma_version>)", "env(<pleroma_version>)",
"env(<docker_uid>)", "env(<docker_uid>)",
"env(<docker_gid>)", "env(<docker_gid>)",
"env_fb(<pleroma_uploads_path>, </uploads>)", "env_fb(<pleroma_uploads_path>, </uploads>)"
] ]
}, },
"init": true,
"restart": "unless-stopped", "restart": "unless-stopped",
"links": [ "links": [
ifelse(__SCRIPT_DEPLOY_POSTGRES, true, <"db">) ifelse(__SCRIPT_DEPLOY_POSTGRES, true, <"db">)
], ],
"environment": [ "environment": [
"env_fb(<mix_env>, <prod>)", "env_fb(<mix_env>, <prod>)"
"env_fb(<postgres_ip>, <db>)",
"env(<postgres_db>)",
"env(<postgres_user>)",
"env(<postgres_password>)",
"env(<pleroma_url>)",
"env(<pleroma_loglevel>)",
"env(<pleroma_scheme>)",
"env(<pleroma_port>)",
"env(<pleroma_secret_key_base>)",
"env(<pleroma_name>)",
"env(<pleroma_admin_email>)",
"env(<pleroma_max_notice_chars>)",
"env(<pleroma_registrations_open>)",
"env(<pleroma_media_proxy_enabled>)",
"env(<pleroma_media_proxy_redirect_on_failure>)",
"env(<pleroma_media_proxy_url>)",
"env(<pleroma_db_pool_size>)",
"env(<pleroma_chat_enabled>)",
"env_fb(<pleroma_uploads_path>, </uploads>)"
], ],
"volumes": [ "volumes": [
"./custom.d:/custom.d", "./custom.d:/custom.d",
"./config.yml:/conf/config.yml:ro",
"./config_parser/parser.rb:/conf/parser.rb:ro",
"env_inline(<docker_datadir>)/uploads:env_inline_fb(<pleroma_uploads_path>, </uploads>)" "env_inline(<docker_datadir>)/uploads:env_inline_fb(<pleroma_uploads_path>, </uploads>)"
], ],
"labels": [ "labels": [

71
docker-config.exs
View File

@ -1,71 +0,0 @@
use Mix.Config
defmodule Docker do
def env(shortname, verbatim \\ false) do
# Get var
name = ((if verbatim, do: "", else: "pleroma_") <> Atom.to_string(shortname)) |> String.upcase()
raw_var = System.get_env(name)
if raw_var == nil do
raise "Could not find #{name} in environment. Please define it and try again."
end
# Match type and cast if needed
if String.contains?(raw_var, ":") do
var_parts = String.split(raw_var, ":", parts: 2)
type = Enum.at(var_parts, 0)
var = Enum.at(var_parts, 1)
func = case type do
"int" -> fn(x) -> Integer.parse(x) |> elem(0) end
"bool" -> fn(x) -> x == "true" end
"string" -> fn(x) -> x end
_ -> if verbatim do
fn(x) -> x end
else
raise "Unknown type #{type} used in variable #{raw_var}."
end
end
func.(var)
else
raw_var
end
end
end
config :logger, level: String.to_atom(Docker.env(:loglevel) || "info")
config :pleroma, Pleroma.Web.Endpoint,
url: [
host: Docker.env(:url),
scheme: Docker.env(:scheme),
port: Docker.env(:port)
],
secret_key_base: Docker.env(:secret_key_base)
config :pleroma, Pleroma.Upload,
uploads: Docker.env(:uploads_path)
config :pleroma, :chat,
enabled: Docker.env(:chat_enabled)
config :pleroma, :instance,
name: Docker.env(:name),
email: Docker.env(:admin_email),
limit: Docker.env(:max_notice_chars),
registrations_open: Docker.env(:registrations_open)
config :pleroma, :media_proxy,
enabled: Docker.env(:media_proxy_enabled),
redirect_on_failure: Docker.env(:media_proxy_redirect_on_failure),
base_url: Docker.env(:media_proxy_url)
config :pleroma, Pleroma.Repo,
adapter: Ecto.Adapters.Postgres,
username: Docker.env(:postgres_user, true),
password: Docker.env(:postgres_password, true),
database: Docker.env(:postgres_db, true),
hostname: Docker.env(:postgres_ip, true),
pool_size: Docker.env(:db_pool_size)

18
entrypoint.sh
View File

@ -3,7 +3,23 @@
set -e set -e
set -x set -x
mix deps.get if [[ -z "$NO_CONFIG" ]]; then
ruby /conf/parser.rb /conf/config.yml > config/runtime-config.exs
fi
if [[ -n "$COMPILE_ONLY" ]]; then
mix deps.get
mix compile
exit 0
fi
# Assume that dependencies are compiled and ready to go.
# Remove this assumption when https://github.com/erlang/rebar3/issues/1627 is fixed.
mix compile
# Migrate db
mix ecto.create mix ecto.create
mix ecto.migrate mix ecto.migrate
# Off we go!
exec mix phx.server exec mix phx.server

331
pleroma
View File

@ -1,72 +1,55 @@
#!/bin/bash #!/bin/bash
#########################################################
# Options #
#########################################################
set -e set -e
set -o pipefail set -o pipefail
print_help() { #########################################################
echo " # Globals #
Pleroma Maintenance Script #########################################################
Usage: readonly GITLAB_URI="https://git.pleroma.social"
$0 [action] readonly PREFIX_API="api/v4/projects/pleroma%2Fpleroma/repository"
readonly ENDPOINT_FILE="pleroma/pleroma/raw"
Actions: readonly ENDPOINT_LIST="pleroma/pleroma/files"
build Rebuild the pleroma container. readonly ENDPOINT_TAG="$PREFIX_API/tags"
readonly ENDPOINT_BLOB="$PREFIX_API/blobs"
dump Dump the generated docker-compose.yml to stdout. readonly ENDPOINT_BRANCH="$PREFIX_API/branches"
debug [bin] [args...] Launches a new pleroma container but uses \$bin instead of phx.server as entrypoint.
**Warning**: This is intended for debugging pleroma with tools like :debugger and :observer.
It thus forwards your X-Server into docker and temporarily fiddles with your xhost
access controls. If this is a security concern for you, please export NO_X_FORWARDING=1
before launching a debugger session.
enter Spawn a shell inside the container for debugging/maintenance.
This command does not link to the postgres container.
If you need that use #debug instead.
logs Show the current container logs.
mix [task] [args...] Run a mix task without entering the container.
mod [file] Creates the file in custom.d and downloads the content from pleroma.social.
The download respects your \$PLEROMA_VERSION from .env.
passthrough / p [...] Pass any custom command to docker-compose.
restart Executes #stop and #start respectively.
start / up Start pleroma and sibling services.
stop / down Stop pleroma and sibling services.
status / ps Show the current container status.
Environment:
DEBUG can be used to modify the loglevel.
DEBUG=1 prints all commands before they are executed.
DEBUG=2 prints all bash statements before they are executed (a lot).
SHOPT can be used to modify shell options.
Pass a list of options to this variable like SHOPT='-x -e'.
-e is always on unless you set it to +e.
For setting long options with -o use a colon (:) instead of a space
to seperate the option from -o. For example: SHOPT='-x -e -o:pipefail'.
Contributing:
You can report bugs or contribute to this project at:
https://glitch.sh/sn0w/pleroma-docker
"
}
flags="" flags=""
#########################################################
# Helpers #
#########################################################
has_command() {
if command -v 1>/dev/null 2>&1 "$1"; then
return 0
else
return 1
fi
}
require_command() {
if ! has_command "$1"; then
printf "\nError: This action requires the command '%s' in your PATH.\n" "$1"
exit 1
fi
}
render_template() { render_template() {
require_command m4
require_command awk
m4 $flags docker-compose.m4 | awk 'NF' m4 $flags docker-compose.m4 | awk 'NF'
} }
docker_compose() { docker_compose() {
require_command docker-compose
docker-compose \ docker-compose \
-f <(render_template) \ -f <(render_template) \
--project-directory . \ --project-directory . \
@ -90,32 +73,104 @@ load_env() {
done < .env done < .env
} }
action__build() { docker_compose build --build-arg __BUST_CACHE="$(date +%s)" server; } download_file() { # $1: source, $2: target
action__dump() { cat <(render_template); } if has_command curl; then
action__enter() { docker_compose exec server ash -c 'cd /pleroma && ash'; } curl -sSL "$1" -o "$2"
action__logs() { docker_compose logs -f; } elif has_command wget; then
action__mix() { docker_compose exec server ash -c "cd /pleroma && mix $*"; } wget "$1" -O "$2"
action__passthrough() { docker_compose $*; } else
action__p() { action__passthrough $*; } printf "\nError: This action requires either curl or wget in your PATH.\n"
exit 1
fi
}
action__restart() { action__stop; action__start; } request_file_content() { # $1: source
if has_command curl; then
curl -sSL "$1"
elif has_command wget; then
wget "$1" -O- 2>/dev/null
else
printf "\nError: This action requires either curl or wget in your PATH.\n"
exit 1
fi
}
action__start() { docker_compose up --remove-orphans -d; } #########################################################
action__up() { action__start; } # Subcommands #
#########################################################
action__stop() { docker_compose down; } action__build() {
action__down() { action__stop; } docker_compose build --build-arg __BUST_CACHE="$(date +%s)" server
}
action__status() { docker_compose ps; } action__config() {
action__ps() { action__status; } require_command docker
docker run --rm -t -i -v "$(pwd):/mnt" ruby:alpine sh -c "cd /mnt && ruby config_parser/parser.rb ${1:-config.yml}"
}
action__dump() {
cat <(render_template)
}
action__enter() {
docker_compose exec server sh -c 'cd ~/pleroma && bash'
}
action__logs() {
docker_compose logs "$@"
}
action__mix() {
docker_compose exec server sh -c "cd ~/pleroma && mix $*"
}
action__passthrough() {
docker_compose "$@"
}
action__p() {
action__passthrough "$@"
}
action__restart() {
action__stop
action__start
}
action__start() {
docker_compose up --remove-orphans -d
}
action__up() {
action__start
}
action__stop() {
docker_compose down
}
action__down() {
action__stop
}
action__status() {
docker_compose ps
}
action__ps() {
action__status
}
###
# This function rips out the mix caches from the container
# in order to speed up rebuilds during debugging/modding sessions.
# To persist the changes, the user still needs to rebuild the container.
###
action__debug() { action__debug() {
debug_mounts="-v $(pwd)/custom.d:/custom.d -v $(pwd)/debug.d/build:/home/pleroma/pleroma/_build -v $(pwd)/debug.d/deps:/home/pleroma/pleroma/deps" require_command xhost
local debug_mounts
debug_mounts="
-v $(pwd)/custom.d:/custom.d \
-v $(pwd)/debug.d/build:/home/pleroma/pleroma/_build \
-v $(pwd)/debug.d/deps:/home/pleroma/pleroma/deps \
"
if [[ ! -d ./debug.d ]]; then if [[ ! -d ./debug.d ]]; then
mkdir -p ./debug.d/{build,deps} mkdir -p ./debug.d/{build,deps}
@ -127,24 +182,123 @@ action__debug() {
action__stop action__stop
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma $debug_mounts server bash -c 'cp -rvf /custom.d/* /home/pleroma/pleroma && mix deps.get' docker_compose run --rm -u pleroma -w /home/pleroma/pleroma "$debug_mounts" server bash -c 'cp -rvf /custom.d/* /home/pleroma/pleroma && mix deps.get'
x_flags="" local x_flags=""
if [[ $NO_X_FORWARDING != 1 ]]; then if [[ $NO_X_FORWARDING != 1 ]]; then
x_flags="-e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix" x_flags="-e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix"
fi fi
[[ $NO_X_FORWARDING == 1 ]] || xhost +local:root [[ $NO_X_FORWARDING == 1 ]] || xhost +local:root
docker_compose run --rm -u pleroma -w /home/pleroma/pleroma $debug_mounts $x_flags server bash -c "cp -rvf /custom.d/* /home/pleroma/pleroma && $*" docker_compose run --rm -u pleroma -w /home/pleroma/pleroma "$debug_mounts" "$x_flags" server bash -c "cp -rvf /custom.d/* /home/pleroma/pleroma && $*"
[[ $NO_X_FORWARDING == 1 ]] || xhost -local:root [[ $NO_X_FORWARDING == 1 ]] || xhost -local:root
} }
action__mod() { action__mod() {
echo "Preparing 'custom.d/$1' for modding..." require_command dialog
install -D <(echo '') ./custom.d/$1 require_command jq
wget -O ./custom.d/$1 https://git.pleroma.social/pleroma/pleroma/raw/$PLEROMA_VERSION/$1 require_command curl
if [[ ! -d ./debug.d ]]; then
mkdir ./debug.d
fi
if [[ ! -f ./debug.d/mod_files.json ]] || [[ -n "$(find ./debug.d/mod_files.json -mmin +5)" ]]; then
curl -sSL -# "$GITLAB_URI/$ENDPOINT_LIST/$PLEROMA_VERSION?format=json" > ./debug.d/mod_files.json
if [[ -f ./debug.d/mod_files.lst ]]; then
rm ./debug.d/mod_files.lst
fi
jq -r 'map("\(.)\n") | add' <./debug.d/mod_files.json >./debug.d/mod_files.lst
fi
if [[ -f ./debug.d/mod_files.lst ]] && [[ -r ./debug.d/mod_files.lst ]]; then
choices=""
while read -r candidate; do
choices="$choices $candidate $(echo "$candidate" | rev | cut -d/ -f1 | rev)"
done <<< "$(grep -E ".*$1.*" <./debug.d/mod_files.lst)"
res=$(mktemp)
dialog --menu "Select the file you want to modify:" 35 80 30 $choices 2>"$res"
choice=$(cat "$res")
install -D <(echo '') "./custom.d/$choice"
curl -sSL -# "$GITLAB_URI/$ENDPOINT_FILE/$PLEROMA_VERSION/$choice" > "./custom.d/$choice"
else
install -D <(echo '') "./custom.d/$1"
curl -sSL -# "$GITLAB_URI/$ENDPOINT_FILE/$PLEROMA_VERSION/$1" > "./custom.d/$1"
fi
} }
#########################################################
# Help #
#########################################################
print_help() {
echo "
Pleroma Maintenance Script
Usage:
$0 [action]
Actions:
build Rebuild the pleroma container.
config [file = config.yml] Print the generated pleroma config to stdout.
dump Dump the generated docker-compose.yml to stdout.
debug [bin] [args...] Launches a new pleroma container but uses \$bin instead of phx.server as entrypoint.
**Warning**: This is intended for debugging pleroma with tools like :debugger and :observer.
It thus forwards your X-Server into docker and temporarily fiddles with your xhost
access controls. If this is a security concern for you, please export NO_X_FORWARDING=1
before launching a debugger session.
enter Spawn a shell inside the container for debugging/maintenance.
This command does not link to the postgres container.
If you need that use #debug instead.
logs Show the current container logs.
mix [task] [args...] Run a mix task without entering the container.
mod [file] Creates the file in custom.d and downloads the content from pleroma.social.
The download respects your \$PLEROMA_VERSION from .env.
passthrough / p [...] Pass any custom command to docker-compose.
restart Executes #stop and #start respectively.
start / up Start pleroma and sibling services.
stop / down Stop pleroma and sibling services.
status / ps Show the current container status.
Environment:
DEBUG can be used to modify the loglevel.
DEBUG=1 prints all commands before they are executed.
DEBUG=2 prints all bash statements before they are executed (a lot).
SHOPT can be used to modify shell options.
Pass a list of options to this variable like SHOPT='-x -e'.
-e is always on unless you set it to +e.
For setting long options with -o use a colon (:) instead of a space
to seperate the option from -o. For example: SHOPT='-x -e -o:pipefail'.
Contributing:
You can report bugs or contribute to this project at:
https://glitch.sh/sn0w/pleroma-docker
"
}
#########################################################
# Main #
#########################################################
# Check if there is any command at all # Check if there is any command at all
if [[ -z "$1" ]]; then if [[ -z "$1" ]]; then
print_help print_help
@ -152,18 +306,18 @@ if [[ -z "$1" ]]; then
fi fi
# Check for SHOPTs # Check for SHOPTs
if [[ ! -z "$SHOPT" ]]; then if [[ -n "$SHOPT" ]]; then
for opt in $SHOPT; do for opt in $SHOPT; do
if [[ $opt =~ ":" ]]; then if [[ $opt =~ ":" ]]; then
set -o ${opt//-o:/} set -o "${opt//-o:/}"
else else
set $opt set "$opt"
fi fi
done done
fi fi
# Check for DEBUG # Check for DEBUG
if [[ ! -z "$DEBUG" ]]; then if [[ -n "$DEBUG" ]]; then
if [[ $DEBUG == 1 ]]; then if [[ $DEBUG == 1 ]]; then
export DEBUG_COMMANDS=1 export DEBUG_COMMANDS=1
elif [[ $DEBUG == 2 ]]; then elif [[ $DEBUG == 2 ]]; then
@ -174,14 +328,13 @@ fi
# Parse .env # Parse .env
load_env load_env
# Guess function name of current command # Guess function name of current command and call it if present
# and then check for it's existance.
func="action__${1}" func="action__${1}"
if type -t $func 2>&1 1>/dev/null; then if type -t "$func" 1>/dev/null 2>&1; then
shift shift
[[ $DEBUG != 1 ]] || set -x [[ $DEBUG != 1 ]] || set -x
$func $@ $func "$@"
{ [[ $DEBUG != 1 ]] || set +x; } 2>/dev/null { [[ $DEBUG != 1 ]] || set +x; } 2>/dev/null
else else
print_help print_help