Compare commits
11 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
394e452558 | ||
|
7648f28ae9 | ||
|
bb6a574a14 | ||
|
6360a48ac7 | ||
|
2dd85888d4 | ||
|
a83b50f190 | ||
|
787d1a57e4 | ||
|
b065a59af1 | ||
|
c5b6994598 | ||
|
218a4903f7 | ||
|
641633d2be |
21
Dockerfile
Executable file
21
Dockerfile
Executable file
@ -0,0 +1,21 @@
|
|||||||
|
FROM ubuntu:20.04
|
||||||
|
ENV DEBIAN_FRONTEND=noninteractive
|
||||||
|
RUN apt update;apt upgrade -y;apt install -y curl sudo git build-essential postgresql postgresql-contrib cmake libmagic-dev imagemagick ffmpeg libimage-exiftool-perl nginx certbot unzip libssl-dev automake autoconf libncurses5-dev
|
||||||
|
RUN useradd -r -s /bin/false -m -d /var/lib/pleroma -U pleroma;mkdir /opt/pleroma;chown -R pleroma:pleroma /opt/pleroma;chown -R pleroma:pleroma /var/lib/pleroma
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'git clone -b soapbox-v1.1.1 https://gitlab.com/soapbox-pub/soapbox-be /opt/pleroma'
|
||||||
|
|
||||||
|
WORKDIR /var/lib/pleroma
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'git clone https://github.com/asdf-vm/asdf.git /var/lib/pleroma/.asdf'
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'echo ". /var/lib/pleroma/.asdf/asdf.sh" >> /var/lib/pleroma/.bashrc;echo ". /var/lib/pleroma/.asdf/completions/asdf.bash" >> /var/lib/pleroma/.bashrc'
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'PATH=$PATH:/var/lib/pleroma/.asdf/bin;asdf plugin-add erlang;asdf plugin-add elixir'
|
||||||
|
RUN chown -R pleroma:pleroma /opt/pleroma;chown -R pleroma:pleroma /var/lib/pleroma
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'PATH=$PATH:/var/lib/pleroma/.asdf/bin;asdf install erlang 24.0'
|
||||||
|
RUN su pleroma -s /bin/bash -lc 'cd /opt/pleroma;mix local.hex --force;mix local.rebar --force;mix deps.get;MIX_ENV=prod mix compile'
|
||||||
|
|
||||||
|
COPY setup.sh /opt/
|
||||||
|
COPY start.sh /opt/
|
||||||
|
COPY crontab /opt/
|
||||||
|
COPY backup.sh /opt/
|
||||||
|
ADD default.conf /etc/nginx/conf.d/
|
||||||
|
CMD bash /opt/start.sh
|
||||||
|
|
3
backup.sh
Executable file
3
backup.sh
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
su postgres -s /bin/bash -lc "/usr/lib/postgresql/14/bin/pg_dumpall -d pleroma --format=custom > /saves/pleroma-`date +%Y-%m-%d-%H-%M`.pgdump"
|
||||||
|
|
@ -1,67 +0,0 @@
|
|||||||
# Pleroma instance configuration
|
|
||||||
|
|
||||||
# NOTE: This file should not be committed to a repo or otherwise made public
|
|
||||||
# without removing sensitive information.
|
|
||||||
|
|
||||||
import Config
|
|
||||||
|
|
||||||
config :pleroma, Pleroma.Web.Endpoint,
|
|
||||||
url: [host: "replaceME", scheme: "https", port: 443],
|
|
||||||
http: [ip: {0, 0, 0, 0}, port: 4000],
|
|
||||||
secret_key_base: "0jKveRU44GNncPeKLgcdGVm+7rJb2hNxCpCWd2g0A8Lw2cVJmDCypNqa3ljMZcwJ",
|
|
||||||
signing_salt: "C+0dBzoS"
|
|
||||||
|
|
||||||
config :pleroma, :instance,
|
|
||||||
name: "admin",
|
|
||||||
email: "admin@localhost",
|
|
||||||
notify_email: "admin@localhost",
|
|
||||||
limit: 5000,
|
|
||||||
registrations_open: true
|
|
||||||
|
|
||||||
config :pleroma, :media_proxy,
|
|
||||||
enabled: false,
|
|
||||||
redirect_on_failure: true
|
|
||||||
#base_url: "https://cache.pleroma.social"
|
|
||||||
|
|
||||||
config :pleroma, :dangerzone, override_repo_pool_size: true
|
|
||||||
config :pleroma, Pleroma.Repo,
|
|
||||||
adapter: Ecto.Adapters.Postgres,
|
|
||||||
username: "root",
|
|
||||||
password: "sql",
|
|
||||||
database: "pleroma",
|
|
||||||
hostname: "postgresql",
|
|
||||||
pool_size: 20,
|
|
||||||
queue_target: 4000,
|
|
||||||
queue_interval: 8000,
|
|
||||||
timeout: 120_000,
|
|
||||||
prepare: :named,
|
|
||||||
parameters: [
|
|
||||||
plan_cache_mode: "force_custom_plan"
|
|
||||||
]
|
|
||||||
|
|
||||||
# Configure web push notifications
|
|
||||||
config :web_push_encryption, :vapid_details,
|
|
||||||
subject: "mailto:admin@admin@localhost",
|
|
||||||
public_key: "BFXyq2frSPpiMgueoxcmvoMzp6Bm-vXI-dasDM4fAA-zjP7JgILG06LKpQuU4eLdbjGnYsmurUeubD8l7b103zg",
|
|
||||||
private_key: "Ths8KtdsPNEXl2EazZj7MQRY3xxIb0FOCjEvai4eI8Y"
|
|
||||||
|
|
||||||
config :pleroma, :database, rum_enabled: false
|
|
||||||
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
|
|
||||||
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
|
|
||||||
|
|
||||||
# Enable Strict-Transport-Security once SSL is working:
|
|
||||||
# config :pleroma, :http_security,
|
|
||||||
# sts: true
|
|
||||||
|
|
||||||
# Configure S3 support if desired.
|
|
||||||
# The public S3 endpoint is different depending on region and provider,
|
|
||||||
# consult your S3 provider's documentation for details on what to use.
|
|
||||||
#
|
|
||||||
# config :pleroma, Pleroma.Uploaders.S3,
|
|
||||||
# bucket: "some-bucket",
|
|
||||||
# public_endpoint: "https://s3.amazonaws.com"
|
|
||||||
#
|
|
||||||
#
|
|
||||||
config :joken, default_signer: "6EasmUX4lCJSlAnGScL0rXBhIeoaWjarH7TGhdbe9VLXO/MnSkMY2LaZixW7kgaT"
|
|
||||||
|
|
||||||
config :pleroma, configurable_from_database: true
|
|
6
crontab
Executable file
6
crontab
Executable file
@ -0,0 +1,6 @@
|
|||||||
|
00 04 * * * cd /opt/pleroma;su pleroma -s /bin/bash -lc 'MIX_ENV=prod mix pleroma.database prune_objects'
|
||||||
|
30 04 * * * cd /opt/pleroma;su pleroma -s /bin/bash -lc 'MIX_ENV=prod mix pleroma.database ensure_expiration'
|
||||||
|
00 01 * * * bash /backup.sh
|
||||||
|
00 04 * * 7 cd /opt/pleroma;su pleroma -s /bin/bash -lc 'MIX_ENV=prod mix pleroma.database vacuum full'
|
||||||
|
|
||||||
|
|
0
pleroma/default.conf → default.conf
Normal file → Executable file
0
pleroma/default.conf → default.conf
Normal file → Executable file
@ -1,23 +1,16 @@
|
|||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
postgresql:
|
pleroma:
|
||||||
build: ./postgresql
|
build: .
|
||||||
restart: "always"
|
restart: "always"
|
||||||
volumes:
|
volumes:
|
||||||
- postgresql:/var/lib/postgresql/data
|
- postgresql:/var/lib/postgresql/data
|
||||||
networks:
|
- ./config:/config
|
||||||
- pleroma
|
|
||||||
privileged: true
|
|
||||||
|
|
||||||
pleroma:
|
|
||||||
build: ./pleroma
|
|
||||||
restart: "always"
|
|
||||||
volumes:
|
|
||||||
- ./config:/etc/pleroma
|
|
||||||
- ./var:/var/lib/pleroma
|
- ./var:/var/lib/pleroma
|
||||||
- ./saves:/saves
|
- ./saves:/saves
|
||||||
ports:
|
ports:
|
||||||
- "443:443"
|
- "443:443"
|
||||||
|
- "4000:4000"
|
||||||
networks:
|
networks:
|
||||||
- pleroma
|
- pleroma
|
||||||
environment:
|
environment:
|
||||||
|
@ -1,31 +0,0 @@
|
|||||||
FROM alpine
|
|
||||||
RUN apk update;apk add bash exiftool libmagic ncurses-libs musl sudo bash curl nginx unzip postgresql postgresql-contrib certbot busybox imagemagick ffmpeg certbot tzdata openssl ncurses
|
|
||||||
|
|
||||||
WORKDIR /tmp
|
|
||||||
ENV SHELL="/bin/bash"
|
|
||||||
ENV FLAVOUR="amd64-musl"
|
|
||||||
|
|
||||||
RUN adduser --system --shell /bin/false --home /opt/pleroma pleroma
|
|
||||||
|
|
||||||
WORKDIR /tmp
|
|
||||||
#RUN su pleroma -s $SHELL -lc "curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip;unzip /tmp/pleroma.zip -d /tmp/"
|
|
||||||
#RUN su pleroma -s $SHELL -lc "mv /tmp/release/* /opt/pleroma;rmdir /tmp/release;rm /tmp/pleroma.zip"
|
|
||||||
|
|
||||||
WORKDIR /opt
|
|
||||||
COPY pleroma.zip /opt/
|
|
||||||
|
|
||||||
WORKDIR /tmp
|
|
||||||
COPY soapbox-fe.zip /tmp/
|
|
||||||
|
|
||||||
RUN mkdir -p /etc/pleroma;chown -R pleroma /etc/pleroma
|
|
||||||
|
|
||||||
ADD default.conf /etc/nginx/conf.d/
|
|
||||||
ADD start.sh /
|
|
||||||
ADD setup.sh /
|
|
||||||
|
|
||||||
ADD crontab /
|
|
||||||
RUN crontab /crontab
|
|
||||||
|
|
||||||
ADD terms-of-service.html /tmp/
|
|
||||||
|
|
||||||
CMD bash /start.sh
|
|
@ -1,3 +0,0 @@
|
|||||||
00 04 * * * su pleroma -s /bin/bash -lc "/opt/pleroma/bin/pleroma_ctl database prune_objects"
|
|
||||||
30 04 * * * su pleroma -s /bin/bash -lc "/opt/pleroma/bin/pleroma_ctl database ensure_expiration"
|
|
||||||
00 05 * * * su pleroma -s $SHELL -lc "/opt/pleroma/bin/pleroma restart"
|
|
@ -1,49 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
export SHELL="/bin/bash"
|
|
||||||
|
|
||||||
cd /opt
|
|
||||||
ls
|
|
||||||
unzip pleroma.zip
|
|
||||||
mv release/* pleroma/
|
|
||||||
chown -R pleroma /opt/pleroma
|
|
||||||
mkdir -p /var/lib/pleroma/uploads
|
|
||||||
mkdir -p /var/lib/pleroma/static
|
|
||||||
chown -R pleroma /var/lib/pleroma
|
|
||||||
|
|
||||||
sed -i "s/replaceME/${ENDPOINT}/g" /etc/pleroma/config.exs
|
|
||||||
|
|
||||||
#Nginx and SSL
|
|
||||||
sed -i "s/replaceME/${ENDPOINT}/g" /etc/nginx/conf.d/default.conf
|
|
||||||
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=CO/L=Denver/O=$ENDPOINT/CN=$ENDPOINT" -keyout /etc/ssl/certs/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
|
|
||||||
mkdir /var/run/nginx
|
|
||||||
|
|
||||||
#Database Setup
|
|
||||||
sleep 10
|
|
||||||
export PGPASSWORD="sql"
|
|
||||||
echo "CREATE EXTENSION IF NOT EXISTS citext;"| PGPASSWORD=sql psql -h postgresql -U pleroma
|
|
||||||
echo "CREATE EXTENSION IF NOT EXISTS pg_trgm;" | PGPASSWORD=sql psql -h postgresql -U pleroma
|
|
||||||
echo "CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";" | PGPASSWORD=sql psql -h postgresql -U pleroma
|
|
||||||
su pleroma -s $SHELL -lc "/opt/pleroma/bin/pleroma_ctl migrate"
|
|
||||||
|
|
||||||
#su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql --force"
|
|
||||||
#su postgres -s $SHELL -lc "/usr/lib/postgresql/12/bin/psql -f /tmp/setup_db.psql"
|
|
||||||
|
|
||||||
#Start Pleroma
|
|
||||||
su pleroma -s $SHELL -lc "/opt/pleroma/bin/pleroma daemon"
|
|
||||||
|
|
||||||
#Install Soapbox
|
|
||||||
#curl https://gitlab.com/`curl https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs | grep 'build-production' | cut -d "\"" -f4 | head -1`/artifacts/download -o soapbox-fe.zip
|
|
||||||
#curl -L https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs/1734223607/artifacts/download -o soapbox-fe.zip
|
|
||||||
busybox unzip /tmp/soapbox-fe.zip -o -d /var/lib/pleroma/
|
|
||||||
mv /var/lib/pleroma/static/instance/about.example /var/lib/pleroma/static/instance/about
|
|
||||||
cp -f /tmp//terms-of-service.html /var/lib/pleroma/static/instance/about/tos.html
|
|
||||||
cp -f /tmp/terms-of-service.html /var/lib/pleroma/static/instance/about/index.html
|
|
||||||
|
|
||||||
|
|
||||||
#Create an Admin User
|
|
||||||
echo;echo;echo "Sleeping for 40 seconds so Pleroma starts.........."
|
|
||||||
sleep 40
|
|
||||||
echo;echo;echo "Create and Admin User:"
|
|
||||||
su pleroma -s $SHELL -lc "echo y | ./bin/pleroma_ctl user new admin admin@$ENDPOINT --admin"
|
|
||||||
|
|
||||||
touch /configured.txt
|
|
60
setup.sh
Executable file
60
setup.sh
Executable file
@ -0,0 +1,60 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
export SHELL="/bin/bash"
|
||||||
|
FILE='/tmp/config/prod.secret.exs'
|
||||||
|
BACKUP_CONFIG='/config/prod.secret.exs'
|
||||||
|
PG_CHECK='/var/lib/postgresql/data/pg_hba.conf'
|
||||||
|
|
||||||
|
crontab /opt/crontab
|
||||||
|
|
||||||
|
#Postgres Setup
|
||||||
|
chown -R postgres:postgres /run/postgresql/
|
||||||
|
chown -R postgres:postgres /var/lib/postgresql
|
||||||
|
chown -R postgres:postgres /var/log/postgresql
|
||||||
|
|
||||||
|
chmod -R 777 /config
|
||||||
|
|
||||||
|
if [ -f "$BACKUP_CONFIG" ]
|
||||||
|
then
|
||||||
|
echo;echo "Copying old config....";echo
|
||||||
|
cp -f /config/* /opt/pleroma/config/
|
||||||
|
fi
|
||||||
|
|
||||||
|
chown -R pleroma:pleroma /opt/pleroma;
|
||||||
|
|
||||||
|
if [ ! -f "$PG_CHECK" ]
|
||||||
|
then
|
||||||
|
su postgres -s $SHELL -lc "/usr/lib/postgresql/14/bin/initdb --auth-host=trust -D /var/lib/postgresql/data"
|
||||||
|
echo "host all all 0.0.0.0/0 md5" >> /var/lib/postgresql/data/pg_hba.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
su postgres -s $SHELL -lc "/usr/lib/postgresql/14/bin/pg_ctl start -D /var/lib/postgresql/data"&
|
||||||
|
|
||||||
|
sleep 5
|
||||||
|
echo "create user root with encrypted password 'sql';"| su postgres -s /bin/bash -lc psql
|
||||||
|
echo "ALTER ROLE root SUPERUSER;" | su postgres -s /bin/bash -lc psql
|
||||||
|
|
||||||
|
#Pleroma Configuration
|
||||||
|
if [ ! -f "$FILE" ]
|
||||||
|
then
|
||||||
|
su pleroma -s /bin/bash -lc 'cd /opt/pleroma;MIX_ENV=prod mix pleroma.instance gen'
|
||||||
|
su pleroma -s /bin/bash -lc 'cd /opt/pleroma;mv config/generated_config.exs config/prod.secret.exs'
|
||||||
|
su pleroma -s /bin/bash -lc 'cd /opt/pleroma;cp -f config/* /config/'
|
||||||
|
su postgres -s /bin/bash -lc 'psql -f /config/setup_db.psql'
|
||||||
|
fi
|
||||||
|
|
||||||
|
su pleroma -s /bin/bash -lc 'mkdir -p /var/lib/pleroma/uploads;mkdir -p /var/lib/pleroma/static'
|
||||||
|
|
||||||
|
#Nginx and SSL
|
||||||
|
sed -i "s/replaceME/${ENDPOINT}/g" /etc/nginx/conf.d/default.conf
|
||||||
|
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=CO/L=Denver/O=$ENDPOINT/CN=$ENDPOINT" -keyout /etc/ssl/certs/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
|
||||||
|
mkdir /var/run/nginx
|
||||||
|
|
||||||
|
#Database Migrations
|
||||||
|
su pleroma -s /bin/bash -lc 'cd /opt/pleroma;MIX_ENV=prod mix ecto.migrate'
|
||||||
|
|
||||||
|
touch /configured.txt
|
||||||
|
|
||||||
|
#Start Pleroma
|
||||||
|
su pleroma -s /bin/bash -lc 'cd /opt/pleroma;MIX_ENV=prod mix phx.server'
|
||||||
|
|
||||||
|
|
18
pleroma/start.sh → start.sh
Normal file → Executable file
18
pleroma/start.sh → start.sh
Normal file → Executable file
@ -5,7 +5,7 @@ FILE='/configured.txt'
|
|||||||
# Start the instance to verify that everything is working as expected
|
# Start the instance to verify that everything is working as expected
|
||||||
|
|
||||||
#Set Permissions
|
#Set Permissions
|
||||||
chown -R pleroma /var/lib/pleroma
|
chown -R pleroma:pleroma /var/lib/pleroma
|
||||||
chmod -R 777 /saves
|
chmod -R 777 /saves
|
||||||
|
|
||||||
#Configure Local Time
|
#Configure Local Time
|
||||||
@ -14,19 +14,17 @@ cp -f /usr/share/zoneinfo/US/Mountain /etc/localtime
|
|||||||
#Start Cron and Postgresql
|
#Start Cron and Postgresql
|
||||||
crond
|
crond
|
||||||
|
|
||||||
#Restore latest Database if container is new
|
|
||||||
if [ ! -f "$FILE" ]
|
|
||||||
then
|
|
||||||
#bash /restore.sh
|
|
||||||
bash /setup.sh
|
|
||||||
touch /configured.txt
|
|
||||||
fi
|
|
||||||
|
|
||||||
#Configure and start Nginx
|
#Configure and start Nginx
|
||||||
mkdir -p /run/nginx
|
mkdir -p /run/nginx
|
||||||
nginx
|
nginx
|
||||||
|
|
||||||
#Start Pleroma
|
#Start Pleroma
|
||||||
su pleroma -s $SHELL -lc "/opt/pleroma/bin/pleroma daemon"&
|
if [ ! -f "$FILE" ]
|
||||||
|
then
|
||||||
|
su postgres -s $SHELL -lc "/usr/lib/postgresql/14/bin/pg_ctl start -D /var/lib/postgresql/data"
|
||||||
|
cd /opt/pleroma
|
||||||
|
su pleroma -s /bin/bash -lc 'MIX_ENV=prod mix phx.server'
|
||||||
|
fi
|
||||||
|
|
||||||
tail -f /dev/null
|
tail -f /dev/null
|
||||||
|
|
0
pleroma/terms-of-service.html → terms-of-service.html
Normal file → Executable file
0
pleroma/terms-of-service.html → terms-of-service.html
Normal file → Executable file
16
test.sh
16
test.sh
@ -1,8 +1,12 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
docker-compose kill
|
podman-compose down
|
||||||
docker-compose rm -f
|
podman-compose rm -f pleroma_postgresql pleroma_pleroma_1
|
||||||
docker volume rm pleroma_postgresql
|
podman volume rm pleroma_postgresql
|
||||||
docker-compose build
|
podman-compose build
|
||||||
rm -rf var/uploads
|
rm -rf var/uploads
|
||||||
docker-compose up -d
|
rm -f config/*.exs
|
||||||
docker-compose logs -f
|
rm -f config/*.sql
|
||||||
|
rm -f config/emoji.txt
|
||||||
|
podman-compose up -d
|
||||||
|
podman exec -it pleroma_pleroma_1 bash /opt/setup.sh
|
||||||
|
#podman-compose logs -f
|
||||||
|
Loading…
Reference in New Issue
Block a user