Pim Kunis
111bf68a0a
move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform
131 lines
3.8 KiB
Django/Jinja
131 lines
3.8 KiB
Django/Jinja
# vi: ft=yaml
|
|
version: '3'
|
|
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
mastodon:
|
|
|
|
volumes:
|
|
system:
|
|
driver_opts:
|
|
type: "nfs"
|
|
o: "addr=192.168.30.10,nolock,soft,rw"
|
|
device: ":/mnt/data/mastodon/system"
|
|
redis:
|
|
driver_opts:
|
|
type: "nfs"
|
|
o: "addr=192.168.30.10,nolock,soft,rw"
|
|
device: ":/mnt/data/mastodon/redis"
|
|
|
|
services:
|
|
redis:
|
|
image: redis:7-alpine
|
|
networks:
|
|
mastodon:
|
|
aliases:
|
|
- redis
|
|
healthcheck:
|
|
test: ['CMD', 'redis-cli', 'ping']
|
|
volumes:
|
|
- type: volume
|
|
source: redis
|
|
target: /data
|
|
volume:
|
|
nocopy: true
|
|
|
|
web:
|
|
image: tootsuite/mastodon:v4.1
|
|
environment:
|
|
- 'OTP_SECRET={{ otp_secret }}'
|
|
- 'SECRET_KEY_BASE={{ secret_key_base }}'
|
|
- 'REDIS_HOST=redis'
|
|
- 'DB_HOST=192.168.30.10'
|
|
- 'DB_USER=mastodon'
|
|
- 'DB_NAME=mastodon'
|
|
- 'DB_PASS={{ database_passwords.mastodon }}'
|
|
- 'VAPID_PRIVATE_KEY={{ vapid_private_key }}'
|
|
- 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g='
|
|
- 'SMTP_SERVER=smtp.tweak.nl'
|
|
- 'SMTP_PORT=587'
|
|
- 'SMTP_LOGIN='
|
|
- 'SMTP_PASSWORD='
|
|
- 'SMTP_FROM_ADDRESS=mastodon@kunis.nl'
|
|
- 'LOCAL_DOMAIN=social.pizzapim.nl'
|
|
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
|
networks:
|
|
- mastodon
|
|
- traefik
|
|
healthcheck:
|
|
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
|
|
volumes:
|
|
- type: volume
|
|
source: system
|
|
target: /mastodon/public/system
|
|
volume:
|
|
nocopy: true
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.mastodon.entrypoints=websecure
|
|
- traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
|
|
- traefik.http.routers.mastodon.tls=true
|
|
- traefik.http.routers.mastodon.tls.certresolver=letsencrypt
|
|
- traefik.http.services.mastodon.loadbalancer.server.port=3000
|
|
- traefik.http.routers.mastodon.service=mastodon
|
|
- traefik.docker.network=traefik
|
|
depends_on:
|
|
- redis
|
|
|
|
streaming:
|
|
image: tootsuite/mastodon:v4.1
|
|
command: node ./streaming
|
|
environment:
|
|
- 'REDIS_HOST=redis'
|
|
- 'LOCAL_DOMAIN=social.pizzapim.nl'
|
|
- 'DB_HOST=192.168.30.10'
|
|
- 'DB_USER=mastodon'
|
|
- 'DB_NAME=mastodon'
|
|
- 'DB_PASS={{ database_passwords.mastodon }}'
|
|
networks:
|
|
- mastodon
|
|
- traefik
|
|
healthcheck:
|
|
# prettier-ignore
|
|
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
|
|
deploy:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.mastodon-streaming.entrypoints=websecure
|
|
- "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))"
|
|
- traefik.http.routers.mastodon-streaming.service=mastodon-streaming
|
|
- traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000
|
|
- traefik.http.routers.mastodon-streaming.tls=true
|
|
- traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt
|
|
- traefik.docker.network=traefik
|
|
depends_on:
|
|
- redis
|
|
|
|
sidekiq:
|
|
image: tootsuite/mastodon:v4.1
|
|
command: bundle exec sidekiq
|
|
environment:
|
|
- 'OTP_SECRET={{ otp_secret }}'
|
|
- 'SECRET_KEY_BASE={{ secret_key_base }}'
|
|
- 'REDIS_HOST=redis'
|
|
- 'DB_HOST=192.168.30.10'
|
|
- 'DB_USER=mastodon'
|
|
- 'DB_NAME=mastodon'
|
|
- 'DB_PASS={{ database_passwords.mastodon }}'
|
|
networks:
|
|
- mastodon
|
|
volumes:
|
|
- type: volume
|
|
source: system
|
|
target: /mastodon/public/system
|
|
volume:
|
|
nocopy: true
|
|
healthcheck:
|
|
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
|
|
depends_on:
|
|
- redis
|