docker-compose.advanced.yml at virtualscroll

jbc.lol / wafrn
fork atom
unoffical wafrn mirror wafrn.net
atproto social-network activitypub
fork atom
wafrn / docker-compose.advanced.yml
at virtualscroll 220 lines 6.5 kB view raw
wrap content
plc.jbc.lol add registration minimum age to docker compose 3mo ago
c6270edc
  1services:
  2  backend: &default_backend
  3    build: &default_backend_build
  4      context: .
  5      dockerfile: packages/backend/Dockerfile
  6      # these args configure private env vars for the backend and public env vars for the frontend
  7    depends_on:
  8      db:
  9        condition: service_started
 10      redis:
 11        condition: service_started
 12      frontend:
 13        condition: service_started
 14      migration:
 15        condition: service_completed_successfully
 16    restart: unless-stopped
 17    environment: &default_backend_env_vars
 18      NODE_ENV: production
 19      ADMIN_USER: ${ADMIN_USER}
 20      ADMIN_EMAIL: ${ADMIN_EMAIL}
 21      ADMIN_PASSWORD: ${ADMIN_PASSWORD}
 22      JWT_SECRET: ${JWT_SECRET}
 23      DOMAIN_NAME: ${DOMAIN_NAME}
 24
 25      CACHE_DOMAIN: ${CACHE_DOMAIN}
 26      MEDIA_DOMAIN: ${MEDIA_DOMAIN}
 27
 28      DONATION_URL: ${DONATION_URL}
 29
 30      SMTP_HOST: ${SMTP_HOST}
 31      SMTP_USER: ${SMTP_USER}
 32      SMTP_PORT: ${SMTP_PORT}
 33      SMTP_PASSWORD: ${SMTP_PASSWORD}
 34      SMTP_FROM: ${SMTP_FROM}
 35
 36      POSTGRES_USER: ${POSTGRES_USER}
 37      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
 38      POSTGRES_DBNAME: ${POSTGRES_DBNAME}
 39
 40      WEBPUSH_EMAIL: ${WEBPUSH_EMAIL}
 41      WEBPUSH_PRIVATE: ${WEBPUSH_PRIVATE}
 42      WEBPUSH_PUBLIC: ${WEBPUSH_PUBLIC}
 43
 44      ENABLE_BSKY: ${ENABLE_BSKY}
 45      PDS_DOMAIN_NAME: ${PDS_DOMAIN_NAME}
 46      PDS_JWT_SECRET: ${PDS_JWT_SECRET}
 47      PDS_ADMIN_PASSWORD: ${PDS_ADMIN_PASSWORD}
 48
 49      USE_WORKERS: false
 50      LOG_SQL_QUERIES: ${LOG_SQL_QUERIES:-}
 51      UPLOAD_LIMIT: ${UPLOAD_LIMIT:-}
 52      POSTS_PER_PAGE: ${POSTS_PER_PAGE:-}
 53      LOG_LEVEL: ${LOG_LEVEL:-}
 54      BLOCKLIST_URI: ${BLOCKLIST_URI:-}
 55      FRONTEND_PATH: ${FRONTEND_PATH:-}
 56      DISABLE_REQUIRE_SEND_EMAIL: ${DISABLE_REQUIRE_SEND_EMAIL:-}
 57      BLOCKED_IPS: ${BLOCKED_IPS:-}
 58      REVIEW_REGISTRATIONS: ${REVIEW_REGISTRATIONS:-}
 59      IGNORE_BLOCK_HOSTS: ${IGNORE_BLOCK_HOSTS:-}
 60
 61      FRONTEND_LOGO: ${FRONTEND_LOGO:-}
 62      FRONTEND_API_URL: ${FRONTEND_API_URL:-}
 63      FRONTEND_MEDIA_URL: ${FRONTEND_MEDIA_URL:-}
 64      FRONTEND_CACHE_URL: ${FRONTEND_CACHE_URL:-}
 65      FRONTEND_CACHE_BACKUP_URLS: ${FRONTEND_CACHE_BACKUP_URLS:-}
 66      FRONTEND_SHORTEN_POSTS: ${FRONTEND_SHORTEN_POSTS:-}
 67      FRONTEND_DISABLE_PWA: ${FRONTEND_DISABLE_PWA:-}
 68      FRONTEND_MAINTENANCE: ${FRONTEND_MAINTENANCE:-}
 69      FRONTEND_SHORT_TITLE: ${FRONTEND_SHORT_TITLE:-}
 70      FRONTEND_LONG_TITLE: ${FRONTEND_LONG_TITLE:-}
 71      FRONTEND_DESCRIPTION: ${FRONTEND_DESCRIPTION:-}
 72
 73      REGISTRATION_LEVEL: ${REGISTRATION_LEVEL:-}
 74      REGISTRATIONS_DISABLED_TEXT: ${REGISTRATIONS_DISABLED_TEXT:-}
 75      HIDE_BLOCKED_SERVERS: ${HIDE_BLOCKED_SERVERS:-}
 76      REGISTRATION_MINIMUM_AGE: ${REGISTRATION_MINIMUM_AGE:-}
 77
 78      FRONTEND_FQDN_URL: https://${DOMAIN_NAME}
 79
 80      ENABLE_RAW_OUTPUT: ${ENABLE_RAW_OUTPUT:-}
 81    deploy:
 82      mode: replicated
 83      replicas: 3
 84    volumes:
 85      - ./packages/backend/uploads:/app/packages/backend/uploads
 86      - ./packages/backend/cache:/app/packages/backend/cache
 87      - frontend:/app/packages/frontend:ro
 88
 89  migration:
 90    <<: *default_backend
 91    depends_on:
 92      db:
 93        condition: service_started
 94      redis:
 95        condition: service_started
 96      frontend:
 97        condition: service_started
 98    restart: no
 99    deploy:
100      mode: replicated
101      replicas: 1
102    command: "npm exec tsx migrate.ts init-container"
103
104  frontend:
105    restart: unless-stopped
106    build:
107      context: .
108      dockerfile: packages/frontend/Dockerfile
109    ports:
110      - 80:80
111      - 443:443
112    environment:
113      DOMAIN_NAME: ${DOMAIN_NAME}
114      PDS_DOMAIN_NAME: ${PDS_DOMAIN_NAME}
115      CACHE_DOMAIN: ${CACHE_DOMAIN}
116      MEDIA_DOMAIN: ${MEDIA_DOMAIN}
117
118      DONATION_URL: ${DONATION_URL}
119      ACME_EMAIL: ${ACME_EMAIL}
120      FRONTEND_SHORT_TITLE: ${FRONTEND_SHORT_TITLE:-}
121      FRONTEND_LONG_TITLE: ${FRONTEND_LONG_TITLE:-}
122      FRONTEND_DESCRIPTION: ${FRONTEND_DESCRIPTION:-}
123      REGISTRATION_LEVEL: ${REGISTRATION_LEVEL:-}
124      REGISTRATIONS_DISABLED_TEXT: ${REGISTRATIONS_DISABLED_TEXT:-}
125      HIDE_BLOCKED_SERVERS: ${HIDE_BLOCKED_SERVERS:-}
126      REGISTRATION_MINIMUM_AGE: ${REGISTRATION_MINIMUM_AGE:-}
127      CACHE_HOST: "cache:9000"
128      BACKEND_HOST: "wafrn-backend-1:9000 wafrn-backend-2:9000 wafrn-backend-3:9000"
129      WEBSOCKET_HOST: "wafrn-websocket-1:9000"
130    volumes:
131      - "caddy:/data"
132      - "frontend:/var/www/html/frontend"
133      - ./packages/backend/uploads:/var/www/html/uploads
134      - ./packages/caddy:/etc/caddy/config
135
136  db:
137    image: postgres:17
138    restart: unless-stopped
139    shm_size: '2gb'
140    environment:
141      POSTGRES_USER: ${POSTGRES_USER}
142      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
143      POSTGRES_DB: ${POSTGRES_DBNAME}
144    volumes:
145      - dbpg:/var/lib/postgresql/data
146
147  adminer:
148    image: adminer
149    restart: unless-stopped
150
151  redis:
152    image: redis:7.2.4
153    restart: unless-stopped
154    volumes:
155      - redis:/data
156
157  pds:
158    image: ghcr.io/bluesky-social/pds:0.4
159    restart: unless-stopped
160    profiles:
161      - bluesky
162    environment:
163      PDS_HOSTNAME: ${PDS_DOMAIN_NAME}
164      PDS_JWT_SECRET: ${PDS_JWT_SECRET}
165      PDS_ADMIN_PASSWORD: ${PDS_ADMIN_PASSWORD}
166      PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}
167      PDS_DATA_DIRECTORY: /pds
168      PDS_BLOBSTORE_DISK_LOCATION: /pds/blocks
169      PDS_BLOB_UPLOAD_LIMIT: 157286400
170      PDS_DID_PLC_URL: "https://plc.directory"
171      PDS_BSKY_APP_VIEW_URL: "https://api.bsky.app"
172      PDS_BSKY_APP_VIEW_DID: "did:web:api.bsky.app"
173      PDS_REPORT_SERVICE_URL: "https://mod.bsky.app"
174      PDS_REPORT_SERVICE_DID: "did:plc:ar7c4by46qjdydhdevvrndac"
175      PDS_CRAWLERS: "https://bsky.network, https://atproto.africa"
176      PDS_EMAIL_SMTP_URL: "smtps://${SMTP_USER}:${SMTP_PASSWORD}@${SMTP_HOST}:${SMTP_PORT}"
177      PDS_EMAIL_FROM_ADDRESS: "${SMTP_FROM}"
178      LOG_ENABLED: true
179    volumes:
180      - pds:/pds
181
182  pds_worker:
183    <<: *default_backend
184    profiles:
185      - bluesky
186    deploy:
187      mode: replicated
188      replicas: 1
189    command: "npm exec tsx atproto.ts"
190
191  cache:
192    <<: *default_backend
193    deploy:
194      mode: replicated
195      replicas: 1
196
197  websocket:
198    <<: *default_backend
199    deploy:
200      mode: replicated
201      replicas: 1
202    command: "npm exec tsx websocket.ts"
203
204  workers:
205    <<: *default_backend
206    build:
207      <<: *default_backend_build
208    environment:
209      <<: *default_backend_env_vars
210      USE_WORKERS: true
211    deploy:
212      mode: replicated
213      replicas: 3
214
215volumes:
216  dbpg:
217  caddy:
218  pds:
219  frontend:
220  redis: