Add basic docker setup
This commit is contained in:
parent
60b3c8d17b
commit
ec3206331b
8 changed files with 183 additions and 46 deletions
|
@ -6,12 +6,10 @@ COPYING
|
|||
*file
|
||||
elixir_buildpack.config
|
||||
test/
|
||||
instance/
|
||||
_build
|
||||
deps
|
||||
test
|
||||
benchmarks
|
||||
docs/site
|
||||
docker-db
|
||||
|
||||
# Required to get version
|
||||
!.git
|
||||
|
|
7
.gitignore
vendored
7
.gitignore
vendored
|
@ -17,6 +17,10 @@ secret
|
|||
/instance
|
||||
/priv/ssh_keys
|
||||
vm.args
|
||||
.cache/
|
||||
.hex/
|
||||
.mix/
|
||||
.psql_history
|
||||
|
||||
# Prevent committing custom emojis
|
||||
/priv/static/emoji/custom/*
|
||||
|
@ -65,3 +69,6 @@ pleroma.iml
|
|||
|
||||
# Generated documentation
|
||||
docs/site
|
||||
|
||||
# docker stuff
|
||||
docker-db
|
||||
|
|
51
Dockerfile
51
Dockerfile
|
@ -1,21 +1,10 @@
|
|||
FROM elixir:1.13.4-alpine as build
|
||||
FROM hexpm/elixir:1.13.4-erlang-24.3.4.5-alpine-3.15.6 as build
|
||||
|
||||
COPY . .
|
||||
|
||||
ENV MIX_ENV=prod
|
||||
|
||||
RUN apk add git gcc g++ musl-dev make cmake file-dev &&\
|
||||
echo "import Config" > config/prod.secret.exs &&\
|
||||
mix local.hex --force &&\
|
||||
mix local.rebar --force &&\
|
||||
mix deps.get --only prod &&\
|
||||
mkdir release &&\
|
||||
mix release --path release
|
||||
|
||||
FROM alpine:3.16
|
||||
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
ARG HOME=/opt/akkoma
|
||||
ARG DATA=/var/lib/akkoma
|
||||
|
||||
LABEL org.opencontainers.image.title="akkoma" \
|
||||
org.opencontainers.image.description="Akkoma for Docker" \
|
||||
|
@ -26,25 +15,21 @@ LABEL org.opencontainers.image.title="akkoma" \
|
|||
org.opencontainers.image.revision=$VCS_REF \
|
||||
org.opencontainers.image.created=$BUILD_DATE
|
||||
|
||||
ARG HOME=/opt/akkoma
|
||||
ARG DATA=/var/lib/akkoma
|
||||
|
||||
RUN apk update &&\
|
||||
apk add exiftool ffmpeg imagemagick libmagic ncurses postgresql-client &&\
|
||||
adduser --system --shell /bin/false --home ${HOME} akkoma &&\
|
||||
mkdir -p ${DATA}/uploads &&\
|
||||
mkdir -p ${DATA}/static &&\
|
||||
chown -R akkoma ${DATA} &&\
|
||||
mkdir -p /etc/akkoma &&\
|
||||
chown -R akkoma /etc/akkoma
|
||||
|
||||
USER akkoma
|
||||
|
||||
COPY --from=build --chown=akkoma:0 /release ${HOME}
|
||||
|
||||
COPY ./config/docker.exs /etc/akkoma/config.exs
|
||||
COPY ./docker-entrypoint.sh ${HOME}
|
||||
RUN apk add git gcc g++ musl-dev make cmake file-dev exiftool ffmpeg imagemagick libmagic ncurses postgresql-client
|
||||
|
||||
EXPOSE 4000
|
||||
|
||||
ENTRYPOINT ["/opt/akkoma/docker-entrypoint.sh"]
|
||||
ARG UID=1000
|
||||
ARG GID=1000
|
||||
ARG UNAME=akkoma
|
||||
|
||||
RUN addgroup -g $GID $UNAME
|
||||
RUN adduser -u $UID -G $UNAME -D -h $HOME $UNAME
|
||||
|
||||
WORKDIR /opt/akkoma
|
||||
|
||||
USER $UNAME
|
||||
RUN mix local.hex --force &&\
|
||||
mix local.rebar --force
|
||||
|
||||
CMD ["/opt/akkoma/docker-entrypoint.sh"]
|
||||
|
|
|
@ -24,11 +24,11 @@
|
|||
config :web_push_encryption, :vapid_details, subject: "mailto:#{System.get_env("NOTIFY_EMAIL")}"
|
||||
|
||||
config :pleroma, :database, rum_enabled: false
|
||||
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
|
||||
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
|
||||
config :pleroma, :instance, static_dir: "/var/lib/akkoma/static"
|
||||
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/akkoma/uploads"
|
||||
|
||||
# We can't store the secrets in this file, since this is baked into the docker image
|
||||
if not File.exists?("/var/lib/pleroma/secret.exs") do
|
||||
if not File.exists?("/var/lib/akkoma/secret.exs") do
|
||||
secret = :crypto.strong_rand_bytes(64) |> Base.encode64() |> binary_part(0, 64)
|
||||
signing_salt = :crypto.strong_rand_bytes(8) |> Base.encode64() |> binary_part(0, 8)
|
||||
{web_push_public_key, web_push_private_key} = :crypto.generate_key(:ecdh, :prime256v1)
|
||||
|
@ -52,16 +52,16 @@
|
|||
web_push_private_key: Base.url_encode64(web_push_private_key, padding: false)
|
||||
)
|
||||
|
||||
File.write("/var/lib/pleroma/secret.exs", secret_file)
|
||||
File.write("/var/lib/akkoma/secret.exs", secret_file)
|
||||
end
|
||||
|
||||
import_config("/var/lib/pleroma/secret.exs")
|
||||
import_config("/var/lib/akkoma/secret.exs")
|
||||
|
||||
# For additional user config
|
||||
if File.exists?("/var/lib/pleroma/config.exs"),
|
||||
do: import_config("/var/lib/pleroma/config.exs"),
|
||||
if File.exists?("/var/lib/akkoma/config.exs"),
|
||||
do: import_config("/var/lib/akkoma/config.exs"),
|
||||
else:
|
||||
File.write("/var/lib/pleroma/config.exs", """
|
||||
File.write("/var/lib/akkoma/config.exs", """
|
||||
import Config
|
||||
|
||||
# For additional configuration outside of environmental variables
|
||||
|
|
43
docker-compose.yml
Normal file
43
docker-compose.yml
Normal file
|
@ -0,0 +1,43 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
db:
|
||||
image: postgres:14
|
||||
restart: unless-stopped
|
||||
user: ${DOCKER_USER}
|
||||
environment: {
|
||||
# This might seem insecure but is usually not a problem.
|
||||
# You should leave this at the "akkoma" default.
|
||||
# The DB is only reachable by containers in the same docker network,
|
||||
# and is not exposed to the open internet.
|
||||
#
|
||||
# If you do change this, remember to update "config.exs".
|
||||
POSTGRES_DB: akkoma,
|
||||
POSTGRES_USER: akkoma,
|
||||
POSTGRES_PASSWORD: akkoma,
|
||||
}
|
||||
env_file:
|
||||
- .env
|
||||
volumes:
|
||||
- ./docker-db:/var/lib/postgresql/data
|
||||
|
||||
akkoma:
|
||||
image: akkoma:latest
|
||||
build: .
|
||||
restart: unless-stopped
|
||||
env_file:
|
||||
- .env
|
||||
links:
|
||||
- db
|
||||
ports: [
|
||||
# Uncomment/Change port mappings below as needed.
|
||||
# The left side is your host machine, the right one is the akkoma container.
|
||||
# You can prefix the left side with an ip.
|
||||
|
||||
# Webserver (for reverse-proxies outside of docker)
|
||||
# If you use a dockerized proxy (see README), you can leave this commented
|
||||
# and use a container link instead.
|
||||
"127.0.0.1:4000:4000",
|
||||
]
|
||||
volumes:
|
||||
- .:/opt/akkoma
|
|
@ -8,7 +8,7 @@ while ! pg_isready -U ${DB_USER:-pleroma} -d postgres://${DB_HOST:-db}:5432/${DB
|
|||
done
|
||||
|
||||
echo "-- Running migrations..."
|
||||
$HOME/bin/pleroma_ctl migrate
|
||||
mix ecto.migrate
|
||||
|
||||
echo "-- Starting!"
|
||||
exec $HOME/bin/pleroma start
|
||||
mix phx.server
|
||||
|
|
4
docker-resources/build.sh
Executable file
4
docker-resources/build.sh
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
|
||||
docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) akkoma
|
||||
docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) db
|
100
docs/docs/installation/docker_en.md
Normal file
100
docs/docs/installation/docker_en.md
Normal file
|
@ -0,0 +1,100 @@
|
|||
# Installing in docker
|
||||
|
||||
{! installation/otp_vs_from_source_source.include !}
|
||||
|
||||
## Installation
|
||||
|
||||
This guide will show you how to get akkoma working in a docker container,
|
||||
if you want isolation, or if you run a distribution not supported by the OTP
|
||||
releases.
|
||||
|
||||
### Prepare the system
|
||||
|
||||
* Install docker and docker-compose
|
||||
* [Docker](https://docs.docker.com/engine/install/)
|
||||
* [Docker-compose](https://docs.docker.com/compose/install/)
|
||||
* This will usually just be a repository installation and a package manager invocation.
|
||||
* Clone the akkoma repository
|
||||
* `git clone https://akkoma.dev/AkkomaGang/akkoma.git -b stable`
|
||||
* `cd akkoma`
|
||||
|
||||
### Set up basic configuration
|
||||
|
||||
```bash
|
||||
cp docker-resources/env.example .env
|
||||
```
|
||||
|
||||
This probably won't need to be changed, it's only there to set basic environment
|
||||
variables for the docker-compose file.
|
||||
|
||||
### Building the container
|
||||
|
||||
The container provided is a thin wrapper around akkoma's dependencies,
|
||||
it does not contain the code itself. This is to allow for easy updates
|
||||
and debugging if required.
|
||||
|
||||
```bash
|
||||
./docker-resources/build.sh
|
||||
```
|
||||
|
||||
This will generate a container called `akkoma` which we can use
|
||||
in our compose environment.
|
||||
|
||||
### Generating your instance
|
||||
|
||||
```bash
|
||||
./docker-resources/manage.sh mix deps.get
|
||||
./docker-resources/manage.sh mix compile
|
||||
./docker-resources/manage.sh mix pleroma.instance gen
|
||||
```
|
||||
|
||||
This will ask you a few questions - the defaults are fine for most things,
|
||||
the database hostname is `db`.
|
||||
|
||||
Now we'll want to copy over the config it just created
|
||||
|
||||
```bash
|
||||
cp config/generated_config.exs config/prod.secret.exs
|
||||
```
|
||||
|
||||
### Setting up the database
|
||||
|
||||
We need to run a few commands on the database container, this isn't too bad
|
||||
|
||||
```bash
|
||||
docker-compose run --rm -d db
|
||||
# Note down the name it gives here, it will be something like akkoma_db_run
|
||||
docker-compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
|
||||
docker stop akkoma_db_run # Replace with the name you noted down
|
||||
```
|
||||
|
||||
Now we can actually run our migrations
|
||||
|
||||
```bash
|
||||
./docker-resources/manage.sh mix ecto.migrate
|
||||
# this will recompile your files at the same time, since we changed the config
|
||||
```
|
||||
|
||||
### Start the server
|
||||
|
||||
We're going to run it in the foreground on the first run, just to make sure
|
||||
everything start up.
|
||||
|
||||
```bash
|
||||
docker-compose up
|
||||
```
|
||||
#### Create your first user
|
||||
|
||||
If your instance is up and running, you can create your first user with administrative rights with the following task:
|
||||
|
||||
```shell
|
||||
doas -u akkoma env MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin
|
||||
```
|
||||
|
||||
{! installation/frontends.include !}
|
||||
|
||||
#### Further reading
|
||||
|
||||
{! installation/further_reading.include !}
|
||||
|
||||
{! support.include !}
|
Loading…
Reference in a new issue