From 8612bb1ab352feab7e77524532631fbc83fd680b Mon Sep 17 00:00:00 2001 From: Jordan Webb Date: Mon, 1 Feb 2021 23:38:02 -0600 Subject: [PATCH] Now you're playing with power --- .dockerignore | 1 + Dockerfile | 44 +++++++++++++++++++++++++---- README.md | 57 ++++++++++++++++++++++++++++++++++++-- example/README.md | 5 ++++ example/docker-compose.yml | 40 ++++++++++++++++++++++++++ generate-pleroma-config.sh | 40 ++++++++++++++++++++++++++ run-pleroma.sh | 20 +++++++++++++ with-rum.sql | 5 ++++ without-rum.sql | 4 +++ 9 files changed, 209 insertions(+), 7 deletions(-) create mode 100644 example/README.md create mode 100644 example/docker-compose.yml create mode 100755 generate-pleroma-config.sh create mode 100755 run-pleroma.sh create mode 100644 with-rum.sql create mode 100644 without-rum.sql diff --git a/.dockerignore b/.dockerignore index d06a06a..f422c4f 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,4 @@ .dockerignore Dockerfile README.md +example/** diff --git a/Dockerfile b/Dockerfile index f1be2fa..ee1edd6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,22 +4,56 @@ ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ apt-get install -y --no-install-recommends \ - ca-certificates curl dumb-init ffmpeg imagemagick libimage-exiftool-perl libmagic-dev libncurses5 unzip && \ + ca-certificates curl dumb-init ffmpeg gnupg imagemagick libimage-exiftool-perl libmagic-dev libncurses5 locales unzip && \ + curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \ + echo "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main" > /etc/apt/sources.list.d/postgres.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends postgresql-client-13 && \ apt-get clean -# Set the flavour environment variable to the string you got in Detecting flavour section. -# For example if the flavour is `amd64-musl` the command will be -ENV FLAVOUR=amd64 +RUN echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen && \ + locale-gen + +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 RUN mkdir -p /var/lib/pleroma/uploads /var/lib/pleroma/static /etc/pleroma && \ adduser --system --shell /bin/false --home /opt/pleroma pleroma && \ chown -R pleroma /var/lib/pleroma /etc/pleroma +VOLUME [ "/etc/pleroma", "/var/lib/pleroma/uploads", "/var/lib/pleroma/static" ] + USER pleroma +# Set the flavour environment variable to the string you got in Detecting flavour section. +# For example if the flavour is `amd64-musl` the command will be +ENV FLAVOUR=amd64 + # Clone the release build into a temporary directory and unpack it RUN curl "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR" -o /tmp/pleroma.zip && \ unzip /tmp/pleroma.zip -d /tmp/ && \ mv /tmp/release/* /opt/pleroma && \ rmdir /tmp/release && \ - rm /tmp/pleroma.zip + rm /tmp/pleroma.zip && \ + mkdir -p /opt/pleroma/bin + +COPY *.sh /opt/pleroma/bin/ + +ENTRYPOINT [ "/usr/bin/dumb-init" ] + +WORKDIR /opt/pleroma + +ENV PATH=/opt/pleroma/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV PLEROMA_CONFIG_PATH=/etc/pleroma/config.exs + +EXPOSE 4000 + +STOPSIGNAL SIGTERM + +HEALTHCHECK \ + --start-period=10m \ + --interval=5m \ + CMD curl --fail http://localhost:4000/api/v1/instance || exit 1 + +CMD [ "run-pleroma.sh" ] diff --git a/README.md b/README.md index ef9c182..27bd380 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,58 @@ # pleroma -This is a (rough) Docker image for running [Pleroma](https://pleroma.social), based on the [official installation instructions](https://docs-develop.pleroma.social/backend/installation/otp_en/). Build it yourself, or get it from [Docker Hub](https://hub.docker.com/r/jordemort/pleroma). +This is a Docker image for running [Pleroma](https://pleroma.social), based on the [official installation instructions](https://docs-develop.pleroma.social/backend/installation/otp_en/) and `ubuntu:20.04`. Build it yourself, or get it from [Docker Hub](https://hub.docker.com/r/jordemort/pleroma). -If you're interested in this, you might also like a [PostgreSQL image with RUM](https://github.com/jordemort/docker-postgres-rum/). +## Configuration + +The container expects to find a Pleroma configuration file at `/etc/pleroma/config.exs`. If the configuration does not exist, the container will call `pleroma_ctl instance gen` for you. The parameters passed to `instance gen` can be influenced by a number of environment variables. + +The three environment variables you MUST supply are: + +- `DOMAIN` +- `ADMIN_EMAIL` +- `POSTGRES_PASSWORD` + +The container will try to infer reasonable defaults for the rest of the variables, if not set. Note that some of these defaults may be different from Pleroma's own default settings: + +| Argument | Evironment variable | Default value | +| -------- | ------------------- | ------------- | +| `--domain` | `DOMAIN` | _none_ | +| `--instance-name` | `INSTANCE_NAME` | same as `DOMAIN` | +| `--admin-email` | `ADMIN_EMAIL` | _none_ | +| `--notify-email` | `NOTIFY_EMAIL` | same as `ADMIN_EMAIL` | +| `--dbhost` | `POSTGRES_HOST` | postgres | +| `--dbname` | `POSTGRES_DB` | pleroma | +| `--dbuser` | `POSTGRES_USER` | pleroma | +| `--dbpass` | `POSTGRES_PASSWORD` | _none_ | +| `--rum` | `USE_RUM` | n | +| `--indexable` | `INDEXABLE` | y | +| `--db-configurable` | `DB_CONFIGURABLE` | y | +| `--uploads-dir` | `UPLOADS_DIR` | /var/lib/pleroma/uploads | +| `--static-dir` | `STATIC_DIR` | /var/lib/pleroma/static | +| `--listen-ip` | `LISTEN_IP` | 0.0.0.0 | +| `--listen-port` | `LISTEN_PORT` | 4000 | +| `--strip-uploads` | `STRIP_UPLOADS` | y | +| `--anonymize-uploads` | `ANONYMIZE_UPLOADS` | y | +| `--dedupe-uploads` | `DEDUPE_UPLOADS` | y | + +See the [documentation for `instance gen`](https://docs-develop.pleroma.social/backend/administration/CLI_tasks/instance/) for more information. + +If you want to use RUM indexes, you need a [PostgreSQL container that supports them](https://github.com/jordemort/docker-postgres-rum/). + +## Persistence + +If you want your instance data to persist properly, you need to mount volumes on the following directories: + +- `/etc/pleroma` +- `/var/lib/pleroma/static` +- `/var/lib/pleroma/uploads` + +Even if you aren't supplying a configuration and letting the container generate it for you, it is still important to persist the generated configuration in `/etc/pleroma` - it contains generated secrets, and things may get weird or broken if those change every time you restart your container. + +## Example + +The git repository for this container includes [an example of how to use it with `docker-compose`](https://github.com/jordemort/docker-pleroma/tree/main/example) + +## Prior art & inspiration + +- https://www.github.com/goodtiding5/docker-pleroma - based on Alpine, if you're into that sort of thing :) diff --git a/example/README.md b/example/README.md new file mode 100644 index 0000000..05c8cd0 --- /dev/null +++ b/example/README.md @@ -0,0 +1,5 @@ +# docker-compose example + +Just run `docker-compose up`, and browse to http://localhost:4000/ + +Additional configuration for SSL certificates, reverse proxies, etc, is left as an exercise for the reader. diff --git a/example/docker-compose.yml b/example/docker-compose.yml new file mode 100644 index 0000000..ab67b0d --- /dev/null +++ b/example/docker-compose.yml @@ -0,0 +1,40 @@ +services: + + pleroma: + image: jordemort/pleroma + build: ../ + restart: unless-stopped + networks: + pleromanet: + ports: + - 127.0.0.1:4000:4000 + volumes: + - config:/etc/pleroma + - uploads:/var/lib/pleroma/uploads + - static:/var/lib/pleroma/static + environment: + DOMAIN: localhost + ADMIN_EMAIL: chicken@example.com + USE_RUM: "y" + POSTGRES_PASSWORD: hunter2 + + postgres: + image: jordemort/postgres-rum + restart: unless-stopped + networks: + pleromanet: + volumes: + - data:/var/lib/postgresql/data + environment: + POSTGRES_DB: pleroma + POSTGRES_USER: pleroma + POSTGRES_PASSWORD: hunter2 + +networks: + pleromanet: + +volumes: + config: + uploads: + static: + data: diff --git a/generate-pleroma-config.sh b/generate-pleroma-config.sh new file mode 100755 index 0000000..433d952 --- /dev/null +++ b/generate-pleroma-config.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ -z "${DOMAIN:-}" ] ; then + echo "ERROR: Please set DOMAIN before generating config" >&2 + exit 1 +fi + +if [ -z "${ADMIN_EMAIL:-}" ] ; then + echo "ERROR: Please set ADMIN_EMAIL before generating config" >&2 + exit 1 +fi + +if [ -z "${POSTGRES_PASSWORD:-}" ] ; then + echo "ERROR: Please set POSTGRES_PASSWORD before generating config" >&2 + exit 1 +fi +set -x + +pleroma_ctl instance gen --output "$PLEROMA_CONFIG_PATH" \ + --output-psql /tmp/setup_db.sql \ + --domain "$DOMAIN" \ + --instance-name "${INSTANCE_NAME:-$DOMAIN}" \ + --admin-email "$ADMIN_EMAIL" \ + --notify-email "${NOTIFY_EMAIL:-$ADMIN_EMAIL}" \ + --dbhost "${POSTGRES_HOST:-postgres}" \ + --dbname "${POSTGRES_DB:-pleroma}" \ + --dbuser "${POSTGRES_USER:-pleroma}" \ + --dbpass "$POSTGRES_PASSWORD" \ + --rum "${USE_RUM:-n}" \ + --indexable "${INDEXABLE:-y}" \ + --db-configurable "${DB_CONFIGURABLE:-y}" \ + --uploads-dir "${UPLOADS_DIR:-/var/lib/pleroma/uploads}" \ + --static-dir "${STATIC_DIR:-/var/lib/pleroma/static}" \ + --listen-ip "${LISTEN_IP:-0.0.0.0}" \ + --listen-port "${LISTEN_PORT:-4000}" \ + --strip-uploads "${STRIP_UPLOADS:-y}" \ + --anonymize-uploads "${ANONYMIZE_UPLOADS:-y}" \ + --dedupe-uploads "${DEDUPE_UPLOADS:-y}" diff --git a/run-pleroma.sh b/run-pleroma.sh new file mode 100755 index 0000000..848593d --- /dev/null +++ b/run-pleroma.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +set -euo pipefail + +while ! pg_isready -U "${POSTGRES_USER:-pleroma}" -d "postgres://${POSTGRES_HOST:-postgres}:5432/${POSTGRES_DB:-pleroma}" -t 1; do + echo "Waiting for ${POSTGRES_HOST-postgres} to come up..." >&2 + sleep 1s +done + +if [ ! -e "$PLEROMA_CONFIG_PATH" ] ; then + generate-pleroma-config.sh +fi + +if [ "${USE_RUM:-n}" = "y" ] ; then + pleroma_ctl migrate +fi + +pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/ + +exec pleroma start diff --git a/with-rum.sql b/with-rum.sql new file mode 100644 index 0000000..48d0b0a --- /dev/null +++ b/with-rum.sql @@ -0,0 +1,5 @@ +--Extensions made by ecto.migrate that need superuser access +CREATE EXTENSION IF NOT EXISTS citext; +CREATE EXTENSION IF NOT EXISTS pg_trgm; +CREATE EXTENSION IF NOT EXISTS "uuid-ossp"; +CREATE EXTENSION IF NOT EXISTS rum; diff --git a/without-rum.sql b/without-rum.sql new file mode 100644 index 0000000..f82e926 --- /dev/null +++ b/without-rum.sql @@ -0,0 +1,4 @@ +--Extensions made by ecto.migrate that need superuser access +CREATE EXTENSION IF NOT EXISTS citext; +CREATE EXTENSION IF NOT EXISTS pg_trgm; +CREATE EXTENSION IF NOT EXISTS "uuid-ossp";