# vi: ft=yaml version: '3' networks: traefik: external: true mastodon: volumes: system: driver_opts: type: "nfs" o: "addr=192.168.30.10,nolock,soft,rw" device: ":/mnt/data/mastodon/system" services: redis: image: redis:7-alpine networks: mastodon: aliases: - redis healthcheck: test: ['CMD', 'redis-cli', 'ping'] volumes: - type: bind source: /mnt/data/mastodon/redis target: /data environment: - 'REDIS_PASSWORD={{ mastodon_redis_password }}' deploy: placement: constraints: - "node.labels.mastodon == true" web: image: tootsuite/mastodon:v4.1 environment: - 'OTP_SECRET={{ otp_secret }}' - 'SECRET_KEY_BASE={{ secret_key_base }}' - 'REDIS_HOST=redis' - 'DB_HOST=192.168.30.10' - 'DB_USER=mastodon' - 'DB_NAME=mastodon' - 'DB_PASS={{ database_passwords.mastodon }}' - 'VAPID_PRIVATE_KEY={{ vapid_private_key }}' - 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g=' - 'SMTP_SERVER=smtp.tweak.nl' - 'SMTP_PORT=587' - 'SMTP_LOGIN=' - 'SMTP_PASSWORD=' - 'SMTP_FROM_ADDRESS=mastodon@kunis.nl' - 'LOCAL_DOMAIN=social.pizzapim.nl' command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" networks: - mastodon - traefik healthcheck: test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1'] depends_on: - redis volumes: - type: volume source: system target: /mastodon/public/system volume: nocopy: true - type: bind source: /mnt/data/mastodon/cache target: /mastodon/public/system/cache deploy: placement: constraints: - "node.labels.mastodon == true" labels: - traefik.enable=true - traefik.http.routers.mastodon.entrypoints=websecure - traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`) - traefik.http.routers.mastodon.tls=true - traefik.http.routers.mastodon.tls.certresolver=letsencrypt - traefik.http.services.mastodon.loadbalancer.server.port=3000 - traefik.http.routers.mastodon.service=mastodon - traefik.docker.network=traefik streaming: image: tootsuite/mastodon:v4.1 command: node ./streaming environment: - 'REDIS_HOST=redis' - 'LOCAL_DOMAIN=social.pizzapim.nl' - 'DB_HOST=192.168.30.10' - 'DB_USER=mastodon' - 'DB_NAME=mastodon' - 'DB_PASS={{ database_passwords.mastodon }}' networks: - mastodon - traefik healthcheck: # prettier-ignore test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1'] depends_on: - redis deploy: placement: constraints: - "node.labels.mastodon == true" labels: - traefik.enable=true - traefik.http.routers.mastodon-streaming.entrypoints=websecure - "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))" - traefik.http.routers.mastodon-streaming.service=mastodon-streaming - traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000 - traefik.http.routers.mastodon-streaming.tls=true - traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt - traefik.docker.network=traefik sidekiq: image: tootsuite/mastodon:v4.1 command: bundle exec sidekiq environment: - 'OTP_SECRET={{ otp_secret }}' - 'SECRET_KEY_BASE={{ secret_key_base }}' - 'REDIS_HOST=redis' - 'DB_HOST=192.168.30.10' - 'DB_USER=mastodon' - 'DB_NAME=mastodon' - 'DB_PASS={{ database_passwords.mastodon }}' depends_on: - redis networks: - mastodon volumes: - type: volume source: system target: /mastodon/public/system volume: nocopy: true - type: bind source: /mnt/data/mastodon/cache target: /mastodon/public/system/cache healthcheck: test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] deploy: placement: constraints: - "node.labels.mastodon == true"