# vi: ft=yaml version: '3' networks: traefik: external: true mastodon: volumes: cache: services: db: image: postgres:14-alpine networks: - mastodon healthcheck: test: ['CMD', 'pg_isready', '-U', 'postgres'] volumes: - type: bind source: /mnt/data/mastodon/postgres14 target: /var/lib/postgresql/data environment: - 'POSTGRES_HOST_AUTH_METHOD=trust' - 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}' - 'POSTGRES_DB=mastodon_production' - 'POSTGRES_USER=mastodon' deploy: placement: constraints: - "node.labels.mastodon == true" redis: image: redis:7-alpine networks: - mastodon healthcheck: test: ['CMD', 'redis-cli', 'ping'] volumes: - type: bind source: /mnt/data/mastodon/redis target: /data environment: - 'REDIS_PASSWORD={{ mastodon_redis_password }}' deploy: placement: constraints: - "node.labels.mastodon == true" web: image: tootsuite/mastodon:v3.5.3 environment: - 'OTP_SECRET={{ otp_secret }}' - 'SECRET_KEY_BASE={{ secret_key_base }}' - 'REDIS_HOST=redis' - 'DB_HOST=db' - 'DB_USER=mastodon' - 'DB_NAME=mastodon_production' - 'DB_PASS=password' - 'VAPID_PRIVATE_KEY={{ vapid_private_key }}' - 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g=' - 'SMTP_SERVER=smtp.tweak.nl' - 'SMTP_PORT=587' - 'SMTP_LOGIN=' - 'SMTP_PASSWORD=' - 'SMTP_FROM_ADDRESS=mastodon@kunis.nl' - 'LOCAL_DOMAIN=social.pizzapim.nl' command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" networks: - mastodon - traefik healthcheck: test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1'] depends_on: - db - redis volumes: - type: bind source: /mnt/data/mastodon/public/system target: /mastodon/public/system - cache:/mastodon/public/system/cache deploy: placement: constraints: - "node.labels.mastodon == true" labels: - traefik.enable=true - traefik.http.routers.mastodon.entrypoints=websecure - traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`) - traefik.http.routers.mastodon.tls=true - traefik.http.routers.mastodon.tls.certresolver=letsencrypt - traefik.http.services.mastodon.loadbalancer.server.port=3000 - traefik.http.routers.mastodon.service=mastodon - traefik.docker.network=traefik streaming: image: tootsuite/mastodon:v3.5.3 command: node ./streaming environment: - 'REDIS_HOST=redis' - 'LOCAL_DOMAIN=social.pizzapim.nl' networks: - mastodon - traefik healthcheck: # prettier-ignore test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1'] depends_on: - db - redis deploy: placement: constraints: - "node.labels.mastodon == true" labels: - traefik.enable=true - traefik.http.routers.mastodon-streaming.entrypoints=websecure - "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))" - traefik.http.routers.mastodon-streaming.service=mastodon-streaming - traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000 - traefik.docker.network=traefik sidekiq: image: tootsuite/mastodon:v3.5.3 command: bundle exec sidekiq environment: - 'OTP_SECRET={{ otp_secret }}' - 'SECRET_KEY_BASE={{ secret_key_base }}' - 'REDIS_HOST=redis' - 'DB_HOST=db' - 'DB_USER=mastodon' - 'DB_NAME=mastodon_production' - 'DB_PASS=password' depends_on: - db - redis networks: - mastodon volumes: - type: bind source: /mnt/data/mastodon/public/system target: /mastodon/public/system - cache:/mastodon/public/system/cache healthcheck: test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] deploy: placement: constraints: - "node.labels.mastodon == true"