caparazondigital/docker-compose
2
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

Some fixes and updates

Browse Source
This commit is contained in:
A 2025-01-13 14:24:16 -08:00
parent 8420d67968
commit 3beb597593
8 changed files with 57 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -1,6 +1,6 @@
# dcomms
Decentralized communications that work with or without the Internet
Decentralized communications that work with or without the Internet
# Prerequisites
* `docker` using the docker guide (https://docs.docker.com/engine/install/)
@ -67,7 +67,7 @@ In the future, if you need to start the dcomms containers again simply run the `
# Tor
If you wish to provide users with a Tor hidden service address by which they can access your services, you must first install and [configure Tor](https://community.torproject.org/onion-services/setup/).
If you wish to provide users with a Tor hidden service address by which they can access your services, you must first install and [configure Tor](https://community.torproject.org/onion-services/setup/).
The script will detect if you have Tor installed and prompt you for a hidden service address. You can find this in the `hostname` file in your `HiddenServiceDir`.
Example:

2
conf/caddy/Caddyfile.tmpl
View File

@ -41,7 +41,7 @@ matrix.{$DWEB_DOMAIN}:8448 {
reverse_proxy http://synapse:8008
}
social.{$DWEB_DOMAIN}, http://social.{$DWEB_ONION} {
social.{$DWEB_DOMAIN}, http://social.{$DWEB_ONION} {
root * /srv/mastodon/public
encode gzip

8
conf/compose/delta.docker-compose.yml
View File

@ -12,7 +12,7 @@ services:
entrypoint:
- sh
- -c
- "postconf -M submission/inet=\"submission inet n - n - - smtpd\" && postconf -P submission/inet/syslog_name=postfix/submission && postconf -P submission/inet/smtpd_tls_security_level=encrypt && postconf -P submission/inet/smtpd_sasl_type=dovecot && postconf -P submission/inet/smtpd_sasl_path=inet:localhost:12345 && postconf -P submission/inet/smtpd_sasl_auth_enable=yes && postconf \"myhostname=${DWEB_DOMAIN}\" && postconf \"mydestination=\" && postconf \"virtual_mailbox_domains=${DWEB_DOMAIN}\" && postconf \"virtual_transport=lmtp:localhost:24\" && postconf \"virtual_mailbox_base=/home/vmail\" && postconf \"virtual_mailbox_maps=texthash:/var/lib/mailadm/virtual_mailboxes\" && postconf \"maillog_file=/dev/stdout\" && postconf \"smtpd_tls_cert_file=/certs/fullchain.pem\" && postconf \"smtpd_tls_key_file=/certs/privkey.pem\" && postfix start-fg"
- "postconf -M submission/inet=\"submission inet n - n - - smtpd\" && postconf -P submission/inet/syslog_name=postfix/submission && postconf -P submission/inet/smtpd_tls_security_level=encrypt && postconf -P submission/inet/smtpd_sasl_type=dovecot && postconf -P submission/inet/smtpd_sasl_path=inet:localhost:12345 && postconf -P submission/inet/smtpd_sasl_auth_enable=yes && postconf \"myhostname=${DWEB_DOMAIN}\" && postconf \"mydestination=\" && postconf \"virtual_mailbox_domains=${DWEB_DOMAIN}\" && postconf \"virtual_transport=lmtp:localhost:24\" && postconf \"virtual_mailbox_base=/home/vmail\" && postconf \"virtual_mailbox_maps=texthash:/var/lib/mailadm/virtual_mailboxes\" && postconf \"maillog_file=/dev/stdout\" && postconf \"smtpd_tls_cert_file=/certs/fullchain.pem\" && postconf \"smtpd_tls_key_file=/certs/privkey.pem\" && postfix start-fg"
volumes:
- mailadm_db:/var/lib/mailadm/
- ../caddy/certs/${DWEB_DOMAIN}.crt:/certs/fullchain.pem
@ -20,7 +20,7 @@ services:
environment:
MAIL_DOMAIN: "${DWEB_DOMAIN}"
networks:
- back
- back
depends_on:
- caddy
restart: always
@ -36,7 +36,7 @@ services:
VMAIL_UID: "${VMAIL_UID}"
VMAIL_GID: "${VMAIL_GID}"
networks:
- back
- back
depends_on:
- caddy
restart: always
@ -56,7 +56,7 @@ services:
VMAIL_GID: "${VMAIL_GID}"
WEB_ENDPOINT: "https://${DWEB_DOMAIN}/new_email"
networks:
- back
- back
depends_on:
- caddy
restart: always

6
conf/compose/docker-compose.yml
View File

@ -13,21 +13,21 @@ services:
volumes:
- caddy_data:/data
- caddy_config:/config
- type: bind
- type: bind
source: /var/www
target: /www
- type: bind
source: ../caddy/certs
target: /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${DWEB_DOMAIN}
networks:
- back
- back
ports:
- target: 80
published: 80
protocol: tcp
mode: host
- target: 443
published: 443
published: 443
protocol: tcp
mode: host
environment:

22
conf/compose/element.docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
### ELEMENT
# synapse is a matrix homeserver running as a service
synapse:
image: matrixdotorg/synapse:v1.110.0
image: matrixdotorg/synapse:v1.121.1
entrypoint:
- sh
- -c
@ -44,17 +44,17 @@ services:
mode: 0644
restart: always
synapse-pg:
restart: always
image: postgres:14-alpine
healthcheck:
synapse-pg:
restart: always
image: postgres:14-alpine
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
- 'POSTGRES_INITDB_ARGS=--encoding="UTF8" --lc-collate="C" --lc-ctype="C"'
volumes:
- synapse_db:/var/lib/postgresql/data
depends_on:
volumes:
- synapse_db:/var/lib/postgresql/data
depends_on:
- caddy
networks:
- back
@ -71,7 +71,7 @@ services:
# element is a matrix web GUI running as a service
element:
image: vectorim/element-web:v1.11.69
image: vectorim/element-web:v1.11.88
networks:
- back
ports:

40
conf/compose/mastodon.docker-compose.yml
View File

@ -10,10 +10,6 @@ volumes:
mastodon_db:
services:
### MASTODON
caddy:
image: caddy:2.6.4
volumes:
- mastodon_public:/srv/mastodon/public:ro
mastodon-redis:
restart: always
@ -32,11 +28,10 @@ services:
image: tootsuite/mastodon:v4.3.0
#healthcheck:
#test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
#entrypoint:
# - bash
# - -c
# #- "bundle exec rake db:prepare && cd /opt/mastodon && /usr/bin/tini -- bundle exec rails server"
# - "[[ -e /mastodon/public/db.lock ]] && touch /mastodon/public/db.lock || touch /mastodon/public/db.lock && bundle exec rake db:prepare; /usr/bin/tini -- bundle exec rails server"
entrypoint:
- bash
- -c
- "cd /opt/mastodon && /usr/bin/tini -- bundle exec rails server"
env_file: ../mastodon/env.production
ports:
- "127.0.0.1:3000:3000"
@ -49,16 +44,19 @@ services:
- mastodon-redis
- mastodon-streaming
volumes:
# https://www.digitalocean.com/community/tutorials/how-to-share-data-between-docker-containers
- mastodon_public:/mastodon/public/ # map static files in volume for caddy
- type: volume
source: mastodon_public
target: /mastodon/public/system
volume:
subpath: system
networks:
- mast-int
- back
- back
restart: always
mastodon-streaming:
restart: always
image: tootsuite/mastodon:v4.3.0
image: tootsuite/mastodon-streaming:v4.3.2
healthcheck:
test: wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1
]
@ -79,11 +77,11 @@ services:
mastodon-sidekiq:
restart: always
image: tootsuite/mastodon:v4.3.0
#entrypoint:
# - sh
# - -c
# - "service sendmail start && /usr/bin/tini -- bundle exec sidekiq"
image: tootsuite/mastodon:v4.3.2
entrypoint:
- sh
- -c
- "service sendmail start && /usr/bin/tini -- bundle exec sidekiq"
healthcheck:
test: ps aux | grep '[s]idekiq\ 6' || false
env_file: ../mastodon/env.production
@ -95,7 +93,11 @@ services:
- mastodon-db
- mastodon-redis
volumes:
- mastodon_public:/mastodon/public/
- type: volume
source: mastodon_public
target: /mastodon/public/system
volume:
subpath: system
networks:
- mast-int
restart: always

4
conf/compose/mau.docker-compose.yml
View File

@ -4,7 +4,7 @@ volumes:
mau_data:
services:
### MAU
# mau is a synapse bot we run for news and other things
# mau is a synapse bot we run for news and other things
mau:
image: dock.mau.dev/maubot/maubot:v0.3.1
configs:
@ -15,7 +15,7 @@ services:
volumes:
- mau_data:/data/
networks:
- back
- back
depends_on:
- caddy
- synapse

19
install.sh
View File

@ -179,7 +179,7 @@ matrix_config () {
-e SYNAPSE_SERVER_NAME=matrix.$DWEB_DOMAIN \
-e SYNAPSE_REPORT_STATS=no \
-e SYNAPSE_DATA_DIR=/data \
matrixdotorg/synapse:v1.80.0 generate 2>/dev/null
matrixdotorg/synapse:v1.121.1 generate 2>/dev/null
sudo chown -R $USER:$USER $DCOMMS_DIR/conf/synapse/
sed -i -z "s/database.*homeserver.db//" $DCOMMS_DIR/conf/element/config.json
@ -205,26 +205,33 @@ mastodon_config () {
sudo cp -a $DCOMMS_DIR/conf/mastodon/example.env.production $DCOMMS_DIR/conf/mastodon/env.production
SECRET_KEY_BASE=`sudo docker run -it --rm \
--mount type=volume,src=masto_data_tmp,dst=/opt/mastodon \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.2.9 \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.3.2 \
bundle exec rake secret` >/dev/null
OTP_SECRET=$(sudo docker run -it --rm \
--mount type=volume,src=masto_data_tmp,dst=/opt/mastodon \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.2.9 \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.3.2 \
bundle exec rake secret) >/dev/null
VAPID_KEYS=$(sudo docker run -it --rm \
--mount type=volume,src=masto_data_tmp,dst=/opt/mastodon \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.2.9 \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.3.2 \
bundle exec rake mastodon:webpush:generate_vapid_key)>/dev/null
VAPID_FRIENDLY_KEYS=${VAPID_KEYS//$'\n'/\\$'\n'}
ACTIVE_RECORD_ENCRYPTION=$(sudo docker run -it --rm \
--mount type=volume,src=masto_data_tmp,dst=/opt/mastodon \
-e RUBYOPT=-W0 tootsuite/mastodon:v4.3.2 \
bundle exec rake db:encryption:init)>/dev/null
ACTIVE_RECORD_ENCRYPTION_FRIENDLY_KEYS=${ACTIVE_RECORD_ENCRYPTION//$'\n'/\\$'\n'}
#REDIS_PW=$(openssl rand -base64 12)
sed -i "s/REPLACEME/$DWEB_DOMAIN/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/SECRET_KEY_BASE=/&$SECRET_KEY_BASE/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/OTP_SECRET=/&$OTP_SECRET/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/VAPID_KEYS=/$VAPID_FRIENDLY_KEYS/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/ACTIVE_RECORD=/$ACTIVE_RECORD_ENCRYPTION_FRIENDLY_KEYS/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i 's/\r$//g' $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/ALTERNATE_DOMAINS=social./&$DWEB_ONION/" $DCOMMS_DIR/conf/mastodon/env.production
sed -i "s/SMTP_SERVER=/&$DWEB_DOMAIN/" $DCOMMS_DIR/conf/mastodon/env.production
@ -333,7 +340,7 @@ main() {
DELTA=true
;;
"2")
D_IMAGES+=("vectorim/element-web:v1.11.40" "matrixdotorg/synapse:v1.110.0")
D_IMAGES+=("vectorim/element-web:v1.11.88" "matrixdotorg/synapse:v1.121.1")
FILES+=("synapse_v1.80.0.tar" "element-web_v1.11.26.tar")
FILE_MAGNETS+=("${MAGNET_LINKS[11]}$MAG_TRACKERS" "${MAGNET_LINKS[6]}$MAG_TRACKERS")
COMPOSE_FILES+="-f ./conf/compose/element.docker-compose.yml "
@ -354,7 +361,7 @@ main() {
MAU=true
;;
"5")
D_IMAGES+=("tootsuite/mastodon:v4.2.9" "redis:7.0-alpine" "postgres:14-alpine")
D_IMAGES+=("tootsuite/mastodon:v4.3.2" "redis:7.0-alpine" "postgres:14-alpine")
FILES+=("mastodon_4.1.2.tar" "postgres_14.tar" "redis_7.0.tar")
FILE_MAGNETS+=("${MAGNET_LINKS[7]}$MAG_TRACKERS" "${MAGNET_LINKS[9]}$MAG_TRACKERS" "${MAGNET_LINKS[10]}$MAG_TRACKERS")
COMPOSE_FILES+="-f ./conf/compose/mastodon.docker-compose.yml "