From 135fd6864b016c4a9f58cd6597907f0e84dbe512 Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Thu, 4 Nov 2021 21:41:14 +0100 Subject: [PATCH] Add docker setup for testing Pleroma federation --- docker/pleroma/Dockerfile | 75 ++++++++++++++++++++ docker/pleroma/docker-compose.yml | 83 +++++++++++++++++++++++ docker/pleroma/lemmy.hjson | 23 +++++++ docker/pleroma/nginx.conf | 44 ++++++++++++ docker/pleroma/pleroma_config.exs | 47 +++++++++++++ docker/pleroma/run-pleroma.sh | 25 +++++++ docker/pleroma/start-local-instances.bash | 10 +++ 7 files changed, 307 insertions(+) create mode 100644 docker/pleroma/Dockerfile create mode 100644 docker/pleroma/docker-compose.yml create mode 100644 docker/pleroma/lemmy.hjson create mode 100644 docker/pleroma/nginx.conf create mode 100644 docker/pleroma/pleroma_config.exs create mode 100755 docker/pleroma/run-pleroma.sh create mode 100755 docker/pleroma/start-local-instances.bash diff --git a/docker/pleroma/Dockerfile b/docker/pleroma/Dockerfile new file mode 100644 index 000000000..ef4ef3762 --- /dev/null +++ b/docker/pleroma/Dockerfile @@ -0,0 +1,75 @@ +# Pleroma Docker setup taken from +# https://github.com/jordemort/docker-pleroma + +FROM ubuntu:20.04 AS unzip + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install -y --no-install-recommends unzip + +# docker buildx will fill these in +ARG TARGETARCH=amd64 +ARG TARGETVARIANT= + +# Clone the release build into a temporary directory and unpack it +# We use ADD here to bust the cache if the pleroma release changes +# We use a separate layer for extraction so we don't end up with junk +# from ADD left over in the final image. +ADD https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=${TARGETARCH}${TARGETVARIANT:+${TARGETVARIANT}l} /tmp/pleroma.zip + +RUN mkdir -p /opt/pleroma && \ + unzip /tmp/pleroma.zip -d /tmp/ && \ + mv /tmp/release/* /opt/pleroma + +# Ok, really build the container now +FROM ubuntu:20.04 AS pleroma + +ENV DEBIAN_FRONTEND=noninteractive + +ARG SOAPBOXVERSION=1.2.3 + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + ca-certificates curl dumb-init ffmpeg gnupg imagemagick libimage-exiftool-perl libmagic-dev libncurses5 locales postgresql-client-12 unzip && \ + apt-get clean + +RUN echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen && \ + locale-gen + +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 + +RUN mkdir -p /etc/pleroma /var/lib/pleroma/static /var/lib/pleroma/uploads && \ + adduser --system --shell /bin/false --home /opt/pleroma --group pleroma && \ + chown -vR pleroma /etc/pleroma /var/lib/pleroma + +COPY --chown=pleroma:pleroma --from=unzip /opt/pleroma/ /opt/pleroma/ + +VOLUME [ "/etc/pleroma", "/var/lib/pleroma/uploads", "/var/lib/pleroma/static" ] + +ADD https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs/artifacts/v${SOAPBOXVERSION}/download?job=build-production /tmp/soapbox-fe.zip +RUN chown pleroma /tmp/soapbox-fe.zip + +USER pleroma + +COPY run-pleroma.sh /opt/pleroma/bin/ + +ENTRYPOINT [ "/usr/bin/dumb-init" ] + +WORKDIR /opt/pleroma + +ENV PATH=/opt/pleroma/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV PLEROMA_CONFIG_PATH=/etc/pleroma/config.exs + +EXPOSE 4000 + +STOPSIGNAL SIGTERM + +HEALTHCHECK \ + --start-period=2m \ + --interval=5m \ + CMD curl --fail http://localhost:4000/api/v1/instance || exit 1 + +CMD [ "run-pleroma.sh" ] diff --git a/docker/pleroma/docker-compose.yml b/docker/pleroma/docker-compose.yml new file mode 100644 index 000000000..9db35700c --- /dev/null +++ b/docker/pleroma/docker-compose.yml @@ -0,0 +1,83 @@ +version: '3.3' + +services: + nginx: + image: nginx:1-alpine + ports: + - "8540:8540" + volumes: + - ./nginx.conf:/etc/nginx/nginx.conf + restart: always + depends_on: + - pictrs + - lemmy-ui + + pictrs: + restart: always + image: asonix/pictrs:v0.2.6-r2 + user: 991:991 + volumes: + - ./volumes/pictrs:/mnt + + lemmy-ui: + image: dessalines/lemmy-ui:0.13.3 + restart: always + environment: + - LEMMY_INTERNAL_HOST=lemmy:8541 + - LEMMY_EXTERNAL_HOST=localhost:8541 + - LEMMY_HTTPS=false + depends_on: + - lemmy + lemmy: + image: lemmy-federation:latest + restart: always + volumes: + - ./lemmy.hjson:/config/config.hjson + environment: + - APUB_TESTING_SEND_SYNC + - RUST_BACKTRACE=1 + - RUST_LOG="warn,lemmy_server=debug,lemmy_api=debug,lemmy_api_common=debug,lemmy_api_crud=debug,lemmy_apub=debug,lemmy_db_schema=debug,lemmy_db_views=debug,lemmy_db_views_actor=debug,lemmy_db_views_moderator=debug,lemmy_routes=debug,lemmy_utils=debug,lemmy_websocket=debug" + depends_on: + - postgres_lemmy + ports: + - "8541:8541" + postgres_lemmy: + image: postgres:12-alpine + restart: always + environment: + - POSTGRES_USER=lemmy + - POSTGRES_PASSWORD=password + - POSTGRES_DB=lemmy + volumes: + - ./volumes/postgres_lemmy:/var/lib/postgresql/data + + pleroma: + image: jordemort/pleroma + restart: always + ports: + - 127.0.0.1:4000:4000 + volumes: + - ./pleroma_config.exs:/etc/pleroma/config.exs + - uploads:/var/lib/pleroma/uploads + - static:/var/lib/pleroma/static + environment: + DOMAIN: pleroma:4000 + ADMIN_EMAIL: chicken@example.com + USE_RUM: "y" + USE_SOAPBOX: "n" + POSTGRES_PASSWORD: hunter2 + + postgres: + image: jordemort/postgres-rum + restart: always + volumes: + - data:/var/lib/postgresql/data + environment: + POSTGRES_DB: pleroma + POSTGRES_USER: pleroma + POSTGRES_PASSWORD: hunter2 + +volumes: + uploads: + static: + data: diff --git a/docker/pleroma/lemmy.hjson b/docker/pleroma/lemmy.hjson new file mode 100644 index 000000000..35cdabbd2 --- /dev/null +++ b/docker/pleroma/lemmy.hjson @@ -0,0 +1,23 @@ +{ + hostname: lemmy:8541 + port: 8541 + tls_enabled: false + setup: { + admin_username: lemmy + admin_password: lemmylemmy + site_name: lemmy + sidebar: lemmy sidebar + } + database: { + database: lemmy + user: lemmy + password: password + host: postgres_lemmy + } + federation: { + enabled: true + } + captcha: { + enabled: false + } +} diff --git a/docker/pleroma/nginx.conf b/docker/pleroma/nginx.conf new file mode 100644 index 000000000..86ec57ede --- /dev/null +++ b/docker/pleroma/nginx.conf @@ -0,0 +1,44 @@ +events { + worker_connections 1024; +} + +http { + upstream lemmy { + server "lemmy:8541"; + } + upstream lemmy-ui { + server "lemmy-ui:1234"; + } + server { + listen 8540; + server_name 127.0.0.1; + access_log off; + + # Upload limit for pictshare + client_max_body_size 50M; + + location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) { + proxy_pass http://lemmy; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + location / { + set $proxpass http://lemmy-ui; + if ($http_accept = "application/activity+json") { + set $proxpass http://lemmy; + } + if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") { + set $proxpass http://lemmy; + } + proxy_pass $proxpass; + + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # Cuts off the trailing slash on URLs to make them valid + rewrite ^(.+)/+$ $1 permanent; + } + } +} diff --git a/docker/pleroma/pleroma_config.exs b/docker/pleroma/pleroma_config.exs new file mode 100644 index 000000000..267930061 --- /dev/null +++ b/docker/pleroma/pleroma_config.exs @@ -0,0 +1,47 @@ +# Pleroma instance configuration + +import Config + +config :pleroma, Pleroma.Web.Endpoint, +url: [host: "pleroma", scheme: "http", port: 4000], +http: [ip: {0, 0, 0, 0}, port: 4000], +secret_key_base: "0dqEgJ+GcXLVgcmMsya1nSf5DyiDy7lRkGqYKB/TyAxrrbzgcuxPKM+gloTrNJPL", +signing_salt: "GmRjWVZ9" + +config :pleroma, :instance, +name: "pleroma:4000", +email: "chicken@example.com", +notify_email: "chicken@example.com", +limit: 5000, +registrations_open: true + +config :pleroma, :media_proxy, +enabled: false, +redirect_on_failure: true +#base_url: "https://cache.pleroma.social" + +config :pleroma, Pleroma.Repo, +adapter: Ecto.Adapters.Postgres, +username: "pleroma", +password: "hunter2", +database: "pleroma", +hostname: "postgres" + +# Configure web push notifications +config :web_push_encryption, :vapid_details, +subject: "mailto:chicken@example.com", +public_key: "BDy9svG0DfHPzJwZBt4VBYS8ub_pId4-FUZQLXBcqmkYvZtYVnhbErJgViLYZROSIVVWY4U-sZgeMSNPJRVlt_g", +private_key: "BuPx7F7nd42VKejnW9U3yPPUPrlRbcgGCLfZcGETdgo" + +config :pleroma, :database, rum_enabled: true +config :pleroma, :instance, static_dir: "/var/lib/pleroma/static" +config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads" + +config :joken, default_signer: "UnyjyX3et+ImHWSVYJ3hCM5vexmB7wq6Zcx1qrv/GAGOZdBmq5/SKmX8jSWKB6xi" + +config :pleroma, configurable_from_database: true + +config :pleroma, Pleroma.Upload, filters: [Pleroma.Upload.Filter.Exiftool, Pleroma.Upload.Filter.AnonymizeFilename, Pleroma.Upload.Filter.Dedupe] + +config :logger, :ex_syslogger, + level: :debug \ No newline at end of file diff --git a/docker/pleroma/run-pleroma.sh b/docker/pleroma/run-pleroma.sh new file mode 100755 index 000000000..0d8bc9f89 --- /dev/null +++ b/docker/pleroma/run-pleroma.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ ! -e "$PLEROMA_CONFIG_PATH" ] ; then + generate-pleroma-config.sh +fi + +while ! pg_isready -U "${POSTGRES_USER:-pleroma}" -d "postgres://${POSTGRES_HOST:-postgres}:5432/${POSTGRES_DB:-pleroma}" -t 1; do + echo "Waiting for ${POSTGRES_HOST-postgres} to come up..." >&2 + sleep 1s +done + +pleroma_ctl migrate + +if [ "${USE_RUM:-n}" = "y" ] ; then + pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/ +fi + +if [ "${USE_SOAPBOX:-n}" = "y" ]; then + unzip -o /tmp/soapbox-fe.zip -d /var/lib/pleroma + rm /tmp/soapbox-fe.zip +fi + +exec pleroma start diff --git a/docker/pleroma/start-local-instances.bash b/docker/pleroma/start-local-instances.bash new file mode 100755 index 000000000..27a0c3ffa --- /dev/null +++ b/docker/pleroma/start-local-instances.bash @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +sudo docker build ../../ --file ../dev/volume_mount.dockerfile -t lemmy-federation:latest + +sudo mkdir -p volumes/pictrs +sudo chown -R 991:991 volumes/pictrs + +#sudo docker-compose pull --ignore-pull-failures || true +sudo docker-compose up