refactor: sort vars, drop unused, sort services

.env.sample

@@ -200,8 +200,3 @@ DEFAULT_LOCALE=en
 # OIDC_END_SESSION_ENDPOINT=
 # OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=
 # SECRET_OIDC_CLIENT_SECRET_VERSION=v1
-
-# Hidden services (Not Supported)
-# ===============================
-# http_proxy=  # yes, this should be lowercase
-# ALLOW_ACCESS_TO_HIDDEN_SERVICE=

compose.yml

@@ -66,10 +66,12 @@ services:
       - LIMITED_FEDERATION_MODE
       - LOCAL_DOMAIN
       - MAX_SESSION_ACTIVATIONS
+      - MAX_TOOT_CHARS
       - OAUTH_REDIRECT_AT_SIGN_IN
       - OIDC_AUTH_ENDPOINT
       - OIDC_CLIENT_AUTH_METHOD
       - OIDC_CLIENT_ID
+      - OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
       - OIDC_DISCOVERY
       - OIDC_DISPLAY
       - OIDC_DISPLAY_NAME
@@ -88,7 +90,6 @@ services:
       - OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED
       - OIDC_SEND_NONCE
       - OIDC_SEND_SCOPE_TO_TOKEN_ENDPOINT
-      - OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
       - OIDC_TOKEN_ENDPOINT
       - OIDC_UID_FIELD
       - OIDC_USER_INFO_ENDPOINT
@@ -142,8 +143,41 @@ services:
       - VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
       - VAPID_PUBLIC_KEY
       - WEB_DOMAIN
-      - MAX_TOOT_CHARS
-      - http_proxy # yes, this should be lowercase
+
+  streaming:
+    image: decentral1se/hometown:v1.0.6_3.5.2
+    command: node ./streaming
+    configs: *configs
+    entrypoint: *entrypoint
+    secrets: *secrets
+    networks: *bothNetworks
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+      labels:
+        - "traefik.enable=true"
+        - "traefik.docker.network=proxy"
+        - "traefik.http.services.${STACK_NAME}_streaming.loadbalancer.server.port=4000"
+        - "traefik.http.routers.${STACK_NAME}_streaming.rule=(Host(`${DOMAIN}`) && PathPrefix(`/api/v1/streaming`))"
+        - "traefik.http.routers.${STACK_NAME}_streaming.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}_streaming.tls.certresolver=${LETS_ENCRYPT_ENV}"
+    environment: *env
+    volumes: *appVolume # used to make sure this volume is created
+
+  sidekiq:
+    image: decentral1se/hometown:v1.0.6_3.5.2
+    secrets: *secrets
+    command: bundle exec sidekiq
+    configs: *configs
+    entrypoint: *entrypoint
+    deploy:
+      update_config:
+        failure_action: rollback
+        order: start-first
+    networks: *bothNetworks
+    volumes: *appVolume
+    environment: *env
 
   db:
     image: postgres:14.5-alpine
@@ -182,41 +216,6 @@ services:
         soft: -1
         hard: -1
 
-  streaming:
-    image: decentral1se/hometown:v1.0.6_3.5.2
-    command: node ./streaming
-    configs: *configs
-    entrypoint: *entrypoint
-    secrets: *secrets
-    networks: *bothNetworks
-    deploy:
-      update_config:
-        failure_action: rollback
-        order: start-first
-      labels:
-        - "traefik.enable=true"
-        - "traefik.docker.network=proxy"
-        - "traefik.http.services.${STACK_NAME}_streaming.loadbalancer.server.port=4000"
-        - "traefik.http.routers.${STACK_NAME}_streaming.rule=(Host(`${DOMAIN}`) && PathPrefix(`/api/v1/streaming`))"
-        - "traefik.http.routers.${STACK_NAME}_streaming.entrypoints=web-secure"
-        - "traefik.http.routers.${STACK_NAME}_streaming.tls.certresolver=${LETS_ENCRYPT_ENV}"
-    environment: *env
-    volumes: *appVolume # used to make sure this volume is created
-
-  sidekiq:
-    image: decentral1se/hometown:v1.0.6_3.5.2
-    secrets: *secrets
-    command: bundle exec sidekiq
-    configs: *configs
-    entrypoint: *entrypoint
-    deploy:
-      update_config:
-        failure_action: rollback
-        order: start-first
-    networks: *bothNetworks
-    volumes: *appVolume
-    environment: *env
-
 secrets:
   secret_key_base:
     name: ${STACK_NAME}_secret_key_base_${SECRET_SECRET_KEY_BASE_VERSION}