Add basic docker setup

2022-10-16 19:03:34 +01:00 · 2022-10-16 19:03:34 +01:00 · ec3206331b
parent 60b3c8d17b
commit ec3206331b
8 changed files with 183 additions and 46 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -6,12 +6,10 @@ COPYING
 *file
 elixir_buildpack.config
 test/
-instance/
-_build
-deps
 test
 benchmarks
 docs/site
+docker-db

 # Required to get version
 !.git
--- a/.gitignore
+++ b/.gitignore
@ -17,6 +17,10 @@ secret
 /instance
 /priv/ssh_keys
 vm.args
+.cache/
+.hex/
+.mix/
+.psql_history

 # Prevent committing custom emojis
 /priv/static/emoji/custom/*
@ -65,3 +69,6 @@ pleroma.iml

 # Generated documentation
 docs/site
+
+# docker stuff
+docker-db
--- a/51
+++ b/51
@ -1,21 +1,10 @@
-FROM elixir:1.13.4-alpine as build
+FROM hexpm/elixir:1.13.4-erlang-24.3.4.5-alpine-3.15.6 as build

-COPY . .

 ENV MIX_ENV=prod

-RUN apk add git gcc g++ musl-dev make cmake file-dev &&\
-	echo "import Config" > config/prod.secret.exs &&\
-	mix local.hex --force &&\
-	mix local.rebar --force &&\
-	mix deps.get --only prod &&\
-	mkdir release &&\
-	mix release --path release
-
-FROM alpine:3.16
-
-ARG BUILD_DATE
-ARG VCS_REF
+ARG HOME=/opt/akkoma
+ARG DATA=/var/lib/akkoma

 LABEL org.opencontainers.image.title="akkoma" \
    org.opencontainers.image.description="Akkoma for Docker" \
@ -26,25 +15,21 @@ LABEL org.opencontainers.image.title="akkoma" \
    org.opencontainers.image.revision=$VCS_REF \
    org.opencontainers.image.created=$BUILD_DATE

-ARG HOME=/opt/akkoma
-ARG DATA=/var/lib/akkoma
-
-RUN apk update &&\
-	apk add exiftool ffmpeg imagemagick libmagic ncurses postgresql-client &&\
-	adduser --system --shell /bin/false --home ${HOME} akkoma &&\
-	mkdir -p ${DATA}/uploads &&\
-	mkdir -p ${DATA}/static &&\
-	chown -R akkoma ${DATA} &&\
-	mkdir -p /etc/akkoma &&\
-	chown -R akkoma /etc/akkoma
-
-USER akkoma
-
-COPY --from=build --chown=akkoma:0 /release ${HOME}
-
-COPY ./config/docker.exs /etc/akkoma/config.exs
-COPY ./docker-entrypoint.sh ${HOME}
+RUN apk add git gcc g++ musl-dev make cmake file-dev exiftool ffmpeg imagemagick libmagic ncurses postgresql-client

 EXPOSE 4000

-ENTRYPOINT ["/opt/akkoma/docker-entrypoint.sh"]
+ARG UID=1000
+ARG GID=1000
+ARG UNAME=akkoma
+
+RUN addgroup -g $GID $UNAME
+RUN adduser -u $UID -G $UNAME -D -h $HOME $UNAME
+
+WORKDIR /opt/akkoma
+
+USER $UNAME
+RUN mix local.hex --force &&\
+    mix local.rebar --force
+
+CMD ["/opt/akkoma/docker-entrypoint.sh"]
--- a/config/docker.exs
+++ b/config/docker.exs
@ -24,11 +24,11 @@ config :pleroma, Pleroma.Repo,
 config :web_push_encryption, :vapid_details, subject: "mailto:#{System.get_env("NOTIFY_EMAIL")}"

 config :pleroma, :database, rum_enabled: false
-config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
-config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
+config :pleroma, :instance, static_dir: "/var/lib/akkoma/static"
+config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/akkoma/uploads"

 # We can't store the secrets in this file, since this is baked into the docker image
-if not File.exists?("/var/lib/pleroma/secret.exs") do
+if not File.exists?("/var/lib/akkoma/secret.exs") do
  secret = :crypto.strong_rand_bytes(64) |> Base.encode64() |> binary_part(0, 64)
  signing_salt = :crypto.strong_rand_bytes(8) |> Base.encode64() |> binary_part(0, 8)
  {web_push_public_key, web_push_private_key} = :crypto.generate_key(:ecdh, :prime256v1)
@ -52,16 +52,16 @@ if not File.exists?("/var/lib/pleroma/secret.exs") do
      web_push_private_key: Base.url_encode64(web_push_private_key, padding: false)
    )

-  File.write("/var/lib/pleroma/secret.exs", secret_file)
+  File.write("/var/lib/akkoma/secret.exs", secret_file)
 end

-import_config("/var/lib/pleroma/secret.exs")
+import_config("/var/lib/akkoma/secret.exs")

 # For additional user config
-if File.exists?("/var/lib/pleroma/config.exs"),
-  do: import_config("/var/lib/pleroma/config.exs"),
+if File.exists?("/var/lib/akkoma/config.exs"),
+  do: import_config("/var/lib/akkoma/config.exs"),
  else:
-    File.write("/var/lib/pleroma/config.exs", """
+    File.write("/var/lib/akkoma/config.exs", """
    import Config

    # For additional configuration outside of environmental variables
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,43 @@
+version: "3.7"
+
+services:
+  db:
+    image: postgres:14
+    restart: unless-stopped
+    user: ${DOCKER_USER}
+    environment: {
+      # This might seem insecure but is usually not a problem.
+      # You should leave this at the "akkoma" default.
+      # The DB is only reachable by containers in the same docker network,
+      # and is not exposed to the open internet.
+      #
+      # If you do change this, remember to update "config.exs".
+      POSTGRES_DB: akkoma,
+      POSTGRES_USER: akkoma,
+      POSTGRES_PASSWORD: akkoma,
+    }
+    env_file:
+      - .env 
+    volumes:
+      - ./docker-db:/var/lib/postgresql/data
+
+  akkoma:
+    image: akkoma:latest
+    build: .
+    restart: unless-stopped
+    env_file:
+      - .env
+    links:
+      - db
+    ports: [
+      # Uncomment/Change port mappings below as needed.
+      # The left side is your host machine, the right one is the akkoma container.
+      # You can prefix the left side with an ip.
+
+      # Webserver (for reverse-proxies outside of docker)
+      # If you use a dockerized proxy (see README), you can leave this commented
+      # and use a container link instead.
+      "127.0.0.1:4000:4000",
+    ]
+    volumes:
+      - .:/opt/akkoma
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -8,7 +8,7 @@ while ! pg_isready -U ${DB_USER:-pleroma} -d postgres://${DB_HOST:-db}:5432/${DB
 done

 echo "-- Running migrations..."
-$HOME/bin/pleroma_ctl migrate
+mix ecto.migrate

 echo "-- Starting!"
-exec $HOME/bin/pleroma start
+mix phx.server
--- a/docker-resources/build.sh
+++ b/docker-resources/build.sh
@ -0,0 +1,4 @@
+#!/bin/sh
+
+docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) akkoma
+docker-compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) db
--- a/docs/docs/installation/docker_en.md
+++ b/docs/docs/installation/docker_en.md
@ -0,0 +1,100 @@
+# Installing in docker
+
+{! installation/otp_vs_from_source_source.include !}
+
+## Installation
+
+This guide will show you how to get akkoma working in a docker container,
+if you want isolation, or if you run a distribution not supported by the OTP
+releases.
+
+### Prepare the system
+
+* Install docker and docker-compose
+  * [Docker](https://docs.docker.com/engine/install/) 
+  * [Docker-compose](https://docs.docker.com/compose/install/)
+  * This will usually just be a repository installation and a package manager invocation.
+* Clone the akkoma repository
+  * `git clone https://akkoma.dev/AkkomaGang/akkoma.git -b stable`
+  * `cd akkoma`
+
+### Set up basic configuration
+
+```bash
+cp docker-resources/env.example .env
+```
+
+This probably won't need to be changed, it's only there to set basic environment
+variables for the docker-compose file.
+
+### Building the container
+
+The container provided is a thin wrapper around akkoma's dependencies, 
+it does not contain the code itself. This is to allow for easy updates
+and debugging if required.
+
+```bash
+./docker-resources/build.sh
+```
+
+This will generate a container called `akkoma` which we can use
+in our compose environment.
+
+### Generating your instance
+
+```bash
+./docker-resources/manage.sh mix deps.get
+./docker-resources/manage.sh mix compile
+./docker-resources/manage.sh mix pleroma.instance gen
+```
+
+This will ask you a few questions - the defaults are fine for most things,
+the database hostname is `db`. 
+
+Now we'll want to copy over the config it just created
+
+```bash
+cp config/generated_config.exs config/prod.secret.exs
+```
+
+### Setting up the database 
+
+We need to run a few commands on the database container, this isn't too bad
+
+```bash
+docker-compose run --rm -d db 
+# Note down the name it gives here, it will be something like akkoma_db_run
+docker-compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
+docker stop akkoma_db_run # Replace with the name you noted down
+```
+
+Now we can actually run our migrations
+
+```bash
+./docker-resources/manage.sh mix ecto.migrate
+# this will recompile your files at the same time, since we changed the config
+```
+
+### Start the server
+
+We're going to run it in the foreground on the first run, just to make sure
+everything start up.
+
+```bash
+docker-compose up
+```
+#### Create your first user
+
+If your instance is up and running, you can create your first user with administrative rights with the following task:
+
+```shell
+doas -u akkoma env MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin
+```
+
+{! installation/frontends.include !}
+
+#### Further reading
+
+{! installation/further_reading.include !}
+
+{! support.include !}