jbc.lol
unoffical wafrn mirror
wafrn.net
atproto
social-network
activitypub
1services:
2 backend: &default_backend
3 build: &default_backend_build
4 context: .
5 dockerfile: packages/backend/Dockerfile
6 # these args configure private env vars for the backend and public env vars for the frontend
7 args: &default_backend_build_args
8 ADMIN_USER: ${ADMIN_USER}
9 ADMIN_EMAIL: ${ADMIN_EMAIL}
10 ADMIN_PASSWORD: ${ADMIN_PASSWORD}
11 JWT_SECRET: ${JWT_SECRET}
12 DOMAIN_NAME: ${DOMAIN_NAME}
13
14 CACHE_DOMAIN: ${CACHE_DOMAIN}
15 MEDIA_DOMAIN: ${MEDIA_DOMAIN}
16
17 SMTP_HOST: ${SMTP_HOST}
18 SMTP_USER: ${SMTP_USER}
19 SMTP_PORT: ${SMTP_PORT}
20 SMTP_PASSWORD: ${SMTP_PASSWORD}
21 SMTP_FROM: ${SMTP_FROM}
22
23 POSTGRES_USER: ${POSTGRES_USER}
24 POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
25 POSTGRES_DBNAME: ${POSTGRES_DBNAME}
26
27 WEBPUSH_EMAIL: ${WEBPUSH_EMAIL}
28 WEBPUSH_PRIVATE: ${WEBPUSH_PRIVATE}
29 WEBPUSH_PUBLIC: ${WEBPUSH_PUBLIC}
30
31 ENABLE_BSKY: ${ENABLE_BSKY}
32 PDS_DOMAIN_NAME: ${PDS_DOMAIN_NAME}
33 PDS_JWT_SECRET: ${PDS_JWT_SECRET}
34 PDS_ADMIN_PASSWORD: ${PDS_ADMIN_PASSWORD}
35
36 USE_WORKERS: false
37 LOG_SQL_QUERIES: ${LOG_SQL_QUERIES:-}
38 UPLOAD_LIMIT: ${UPLOAD_LIMIT:-}
39 POSTS_PER_PAGE: ${POSTS_PER_PAGE:-}
40 LOG_LEVEL: ${LOG_LEVEL:-}
41 BLOCKLIST_URI: ${BLOCKLIST_URI:-}
42 FRONTEND_PATH: ${FRONTEND_PATH:-}
43 DISABLE_REQUIRE_SEND_EMAIL: ${DISABLE_REQUIRE_SEND_EMAIL:-}
44 BLOCKED_IPS: ${BLOCKED_IPS:-}
45 REVIEW_REGISTRATIONS: ${REVIEW_REGISTRATIONS:-}
46 IGNORE_BLOCK_HOSTS: ${IGNORE_BLOCK_HOSTS:-}
47
48 FRONTEND_LOGO: ${FRONTEND_LOGO:-}
49 FRONTEND_API_URL: ${FRONTEND_API_URL:-}
50 FRONTEND_MEDIA_URL: ${FRONTEND_MEDIA_URL:-}
51 FRONTEND_CACHE_URL: ${FRONTEND_CACHE_URL:-}
52 FRONTEND_CACHE_BACKUP_URLS: ${FRONTEND_CACHE_BACKUP_URLS:-}
53 FRONTEND_SHORTEN_POSTS: ${FRONTEND_SHORTEN_POSTS:-}
54 FRONTEND_DISABLE_PWA: ${FRONTEND_DISABLE_PWA:-}
55 FRONTEND_MAINTENANCE: ${FRONTEND_MAINTENANCE:-}
56 FRONTEND_SHORT_TITLE: ${FRONTEND_SHORT_TITLE:-}
57 FRONTEND_LONG_TITLE: ${FRONTEND_LONG_TITLE:-}
58 FRONTEND_DESCRIPTION: ${FRONTEND_DESCRIPTION:-}
59 depends_on:
60 db:
61 condition: service_healthy
62 redis:
63 condition: service_started
64 frontend:
65 condition: service_started
66 migration:
67 condition: service_completed_successfully
68 restart: unless-stopped
69 environment:
70 - NODE_ENV=production
71 volumes:
72 - ./packages/backend/uploads:/app/packages/backend/uploads
73 - ./packages/backend/cache:/app/packages/backend/cache
74 - frontend:/app/packages/frontend:ro
75
76 migration:
77 <<: *default_backend
78 depends_on:
79 db:
80 condition: service_healthy
81 redis:
82 condition: service_started
83 frontend:
84 condition: service_started
85 restart: no
86 command: "npm exec tsx migrate.ts init-container"
87
88 frontend:
89 restart: unless-stopped
90 build:
91 context: .
92 dockerfile: packages/frontend/Dockerfile
93 args:
94 DOMAIN_NAME: ${DOMAIN_NAME}
95 PDS_DOMAIN_NAME: ${PDS_DOMAIN_NAME}
96 CACHE_DOMAIN: ${CACHE_DOMAIN}
97 MEDIA_DOMAIN: ${MEDIA_DOMAIN}
98 ACME_EMAIL: ${ACME_EMAIL}
99 FRONTEND_SHORT_TITLE: ${FRONTEND_SHORT_TITLE:-}
100 FRONTEND_LONG_TITLE: ${FRONTEND_LONG_TITLE:-}
101 FRONTEND_DESCRIPTION: ${FRONTEND_DESCRIPTION:-}
102 CACHE_HOST: "cache:9000"
103 ports:
104 - 80:80
105 - 443:443
106 volumes:
107 - "caddy:/data"
108 - "frontend:/var/www/html/frontend"
109 - ./packages/backend/uploads:/var/www/html/uploads
110 - ./packages/caddy:/etc/caddy/config
111
112 db:
113 build:
114 context: monitoring/database
115 dockerfile: Dockerfile
116 restart: unless-stopped
117 shm_size: '2gb'
118 environment:
119 POSTGRES_USER: ${POSTGRES_USER}
120 POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
121 POSTGRES_DB: ${POSTGRES_DBNAME}
122 POSTGRES_METRICS_USER: ${POSTGRES_METRICS_USER}
123 POSTGRES_METRICS_PASSWORD: ${POSTGRES_METRICS_PASSWORD}
124 POSTGRES_METRICS_DBNAME: ${POSTGRES_METRICS_DBNAME}
125 volumes:
126 - dbpg:/var/lib/postgresql/data
127
128 adminer:
129 image: adminer
130 restart: unless-stopped
131
132 redis:
133 image: redis:7.2.4
134 restart: unless-stopped
135 volumes:
136 - redis:/data
137
138 pds:
139 image: ghcr.io/bluesky-social/pds:0.4
140 restart: unless-stopped
141 profiles:
142 - bluesky
143 environment:
144 PDS_HOSTNAME: ${PDS_DOMAIN_NAME}
145 PDS_JWT_SECRET: ${PDS_JWT_SECRET}
146 PDS_ADMIN_PASSWORD: ${PDS_ADMIN_PASSWORD}
147 PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}
148 PDS_DATA_DIRECTORY: /pds
149 PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks
150 PDS_BLOB_UPLOAD_LIMIT: 52428800
151 PDS_DID_PLC_URL: "https://plc.directory"
152 PDS_BSKY_APP_VIEW_URL: "https://api.bsky.app"
153 PDS_BSKY_APP_VIEW_DID: "did:web:api.bsky.app"
154 PDS_REPORT_SERVICE_URL: "https://mod.bsky.app"
155 PDS_REPORT_SERVICE_DID: "did:plc:ar7c4by46qjdydhdevvrndac"
156 PDS_CRAWLERS: "https://bsky.network, https://atproto.africa"
157 PDS_EMAIL_SMTP_URL: "smtps://${SMTP_USER}:${SMTP_PASSWORD}@${SMTP_HOST}:${SMTP_PORT}"
158 PDS_EMAIL_FROM_ADDRESS: "${SMTP_USER}"
159 LOG_ENABLED: true
160 volumes:
161 - pds:/pds
162
163 pds_worker:
164 <<: *default_backend
165 profiles:
166 - bluesky
167 command: "npm exec tsx atproto.ts"
168
169 cache:
170 <<: *default_backend
171
172 workers:
173 <<: *default_backend
174 build:
175 <<: *default_backend_build
176 args:
177 <<: *default_backend_build_args
178 USE_WORKERS: true
179 deploy:
180 mode: replicated
181 replicas: 3
182
183 prometheus:
184 restart: unless-stopped
185 image: prom/prometheus:latest
186 volumes:
187 - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
188 - prometheus_data:/prometheus
189 command:
190 - '--config.file=/etc/prometheus/prometheus.yml'
191 - '--storage.tsdb.path=/prometheus'
192 - '--web.console.libraries=/usr/share/prometheus/console_libraries'
193 - '--web.console.templates=/usr/share/prometheus/consoles'
194
195 cadvisor:
196 restart: unless-stopped
197 image: gcr.io/cadvisor/cadvisor:latest
198 command:
199 - '-port=8081'
200 environment:
201 CADVISOR_HEALTHCHECK_URL: http://localhost:8081/healthz
202 volumes:
203 - /:/rootfs:ro
204 - /var/run:/var/run:rw
205 - /sys:/sys:ro
206 - /var/lib/docker/:/var/lib/docker:ro
207
208 node-exporter:
209 restart: unless-stopped
210 image: prom/node-exporter:latest
211 volumes:
212 - /proc:/host/proc:ro
213 - /sys:/host/sys:ro
214 - /:/rootfs:ro
215 command:
216 - '--path.procfs=/host/proc'
217 - '--path.sysfs=/host/sys'
218 - '--collector.filesystem.ignored-mount-points="^/(sys|proc|dev|host|etc)($$|/)"'
219
220 grafana:
221 build:
222 context: monitoring/grafana
223 dockerfile: Dockerfile
224 volumes:
225 - grafana_data:/var/lib/grafana
226 restart: unless-stopped
227 environment:
228 GF_SERVER_HTTP_PORT: 2345
229 GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD}
230 GF_USERS_ALLOW_SIGN_UP: false
231
232 GF_SMTP_ENABLED: true
233 GF_SMTP_HOST: ${SMTP_HOST}:${SMTP_PORT}
234 GF_SMTP_FROM_ADDRESS: ${SMTP_FROM}
235 GF_SERVER_DOMAIN: ${DOMAIN_NAME}
236 GF_SMTP_FROM_NAME: ${SMTP_FROM}
237 GF_SMTP_USER: "${SMTP_USER}"
238 GF_SMTP_PASSWORD: "${SMTP_PASSWORD}"
239
240 POSTGRES_METRICS_USER: ${POSTGRES_METRICS_USER}
241 POSTGRES_METRICS_PASSWORD: ${POSTGRES_METRICS_PASSWORD}
242 POSTGRES_METRICS_DBNAME: ${POSTGRES_METRICS_DBNAME}
243
244 pgwatch:
245 build:
246 context: monitoring/pgwatch
247 dockerfile: Dockerfile
248 args:
249 POSTGRES_USER: ${POSTGRES_USER}
250 POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
251 POSTGRES_DB: ${POSTGRES_DBNAME}
252 restart: unless-stopped
253 environment:
254 POSTGRES_METRICS_USER: ${POSTGRES_METRICS_USER}
255 POSTGRES_METRICS_PASSWORD: ${POSTGRES_METRICS_PASSWORD}
256 POSTGRES_METRICS_DBNAME: ${POSTGRES_METRICS_DBNAME}
257 command:
258 - "--web-disable=all"
259 - "--sources=/sources.yaml"
260 - "--sink=postgresql://${POSTGRES_METRICS_USER}:${POSTGRES_METRICS_PASSWORD}@db:5432/${POSTGRES_METRICS_DBNAME}"
261 depends_on:
262 db:
263 condition: service_healthy
264
265volumes:
266 dbpg:
267 caddy:
268 pds:
269 frontend:
270 redis:
271 prometheus_data:
272 grafana_data: