--- docker-compose-upstream.yml 2022-11-22 20:18:55.336374271 -0700 +++ docker-compose-mine.yml 2022-11-24 14:02:51.162690444 -0700 @@ -4,130 +4,102 @@ restart: always image: postgres:14-alpine shm_size: 256mb - networks: - - internal_network healthcheck: - test: ['CMD', 'pg_isready', '-U', 'postgres'] + test: ['CMD', 'pg_isready', '-U', 'mastodon', 'mastodon_production'] volumes: - - ./postgres14:/var/lib/postgresql/data - environment: - - 'POSTGRES_HOST_AUTH_METHOD=trust' + - db-data:/var/lib/postgresql/data + env_file: db.env redis: restart: always image: redis:7-alpine - networks: - - internal_network healthcheck: test: ['CMD', 'redis-cli', 'ping'] volumes: - - ./redis:/data + - redis-data:/data - # es: - # restart: always - # image: docker.elastic.co/elasticsearch/elasticsearch:7.17.4 - # environment: - # - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true" - # - "xpack.license.self_generated.type=basic" - # - "xpack.security.enabled=false" - # - "xpack.watcher.enabled=false" - # - "xpack.graph.enabled=false" - # - "xpack.ml.enabled=false" - # - "bootstrap.memory_lock=true" - # - "cluster.name=es-mastodon" - # - "discovery.type=single-node" - # - "thread_pool.write.queue_size=1000" - # networks: - # - external_network - # - internal_network - # healthcheck: - # test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"] - # volumes: - # - ./elasticsearch:/usr/share/elasticsearch/data - # ulimits: - # memlock: - # soft: -1 - # hard: -1 - # nofile: - # soft: 65536 - # hard: 65536 - # ports: - # - '127.0.0.1:9200:9200' - - web: + app: build: . - image: tootsuite/mastodon restart: always - env_file: .env.production + env_file: mastodon.env command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" - networks: - - external_network - - internal_network healthcheck: - # prettier-ignore test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1'] - ports: - - '127.0.0.1:3000:3000' + expose: + - 3000 + networks: + reverse_proxy_web_internal: + aliases: + - "mastodon-app" + default: depends_on: - db - redis - # - es volumes: - - ./public/system:/mastodon/public/system + - system-data:/opt/mastodon/public/system streaming: build: . - image: tootsuite/mastodon restart: always - env_file: .env.production + env_file: mastodon.env command: node ./streaming - networks: - - external_network - - internal_network healthcheck: # prettier-ignore test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1'] - ports: - - '127.0.0.1:4000:4000' + expose: + - 4000 + networks: + reverse_proxy_web_internal: + aliases: + - mastodon-streaming + default: depends_on: - db - redis sidekiq: build: . - image: tootsuite/mastodon restart: always - env_file: .env.production + env_file: mastodon.env command: bundle exec sidekiq depends_on: - db - redis - networks: - - external_network - - internal_network volumes: - - ./public/system:/mastodon/public/system + - system-data:/opt/mastodon/public/system healthcheck: test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] - ## Uncomment to enable federation with tor instances along with adding the following ENV variables - ## http_proxy=http://privoxy:8118 - ## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true - # tor: - # image: sirboops/tor - # networks: - # - external_network - # - internal_network - # - # privoxy: - # image: sirboops/privoxy - # volumes: - # - ./priv-config:/opt/config - # networks: - # - external_network - # - internal_network + nginx: + image: nginx:mainline-alpine + restart: always + depends_on: + - app + networks: + reverse_proxy_web_internal: + aliases: + - mastodon-web + default: + volumes: + - ./nginx.conf:/etc/nginx/conf.d/default.conf + - system-data:/home/mastodon/live/public/system + +volumes: + redis-data: + db-data: + driver: local + driver_opts: + type: 'none' + o: 'bind' + device: '/mnt/docker/mastodon/db-data' + system-data: + driver: local + driver_opts: + type: 'none' + o: 'bind,uid=991,gid=991' + device: '/mnt/docker/mastodon/system-data' networks: - external_network: - internal_network: - internal: true + reverse_proxy_web_internal: + external: true + default: