coop-cloud/hometown
coop-cloud
/
hometown
1
0
Fork 2
Code Issues 1 Pull Requests Projects Releases Activity

Compare commits

merge into: coop-cloud:add/s3
Branches Tags
coop-cloud:main
coop-cloud:add/missing-s3-vars
coop-cloud:mastodon-3.5
coop-cloud:mastodon_3.5.0
coop-cloud:add/s3
coop-cloud:1.1.9+v4.0.15-hometown-1.1.1
coop-cloud:1.1.8+v4.0.15-hometown-1.1.1
coop-cloud:1.1.7+v4.0.14-hometown-1.1.1
coop-cloud:1.1.6+v4.0.13-hometown-1.1.1
coop-cloud:1.1.5+v4.0.13-hometown-1.1.1
coop-cloud:1.1.4+v4.0.10-hometown-1.1.1
coop-cloud:1.1.3+v4.0.10-hometown-1.1.1
coop-cloud:1.1.2+v4.0.10-hometown-1.1.1
coop-cloud:1.1.1+v4.0.6-hometown-1.1.1
coop-cloud:0.2.5+v3.5.10-hometown-1.0.8
coop-cloud:1.1.0+v4.0.6-hometown-1.1.1
coop-cloud:0.2.4+v3.5.10-hometown-1.0.8
coop-cloud:0.2.3+v3.5.10-hometown-1.0.8
coop-cloud:1.0.0+v4.0.6-hometown-1.1.1
coop-cloud:0.2.2+v3.5.10-hometown-1.0.8
coop-cloud:0.2.1+v3.5.5-hometown-1.0.8
coop-cloud:0.2.0+v3.5.5-hometown-1.0.8
coop-cloud:0.1.1+v1.0.5_3.4.6
...
pull from: coop-cloud:main
Branches Tags
coop-cloud:main
coop-cloud:add/missing-s3-vars
coop-cloud:mastodon-3.5
coop-cloud:mastodon_3.5.0
coop-cloud:add/s3
coop-cloud:1.1.9+v4.0.15-hometown-1.1.1
coop-cloud:1.1.8+v4.0.15-hometown-1.1.1
coop-cloud:1.1.7+v4.0.14-hometown-1.1.1
coop-cloud:1.1.6+v4.0.13-hometown-1.1.1
coop-cloud:1.1.5+v4.0.13-hometown-1.1.1
coop-cloud:1.1.4+v4.0.10-hometown-1.1.1
coop-cloud:1.1.3+v4.0.10-hometown-1.1.1
coop-cloud:1.1.2+v4.0.10-hometown-1.1.1
coop-cloud:1.1.1+v4.0.6-hometown-1.1.1
coop-cloud:0.2.5+v3.5.10-hometown-1.0.8
coop-cloud:1.1.0+v4.0.6-hometown-1.1.1
coop-cloud:0.2.4+v3.5.10-hometown-1.0.8
coop-cloud:0.2.3+v3.5.10-hometown-1.0.8
coop-cloud:1.0.0+v4.0.6-hometown-1.1.1
coop-cloud:0.2.2+v3.5.10-hometown-1.0.8
coop-cloud:0.2.1+v3.5.5-hometown-1.0.8
coop-cloud:0.2.0+v3.5.5-hometown-1.0.8
coop-cloud:0.1.1+v1.0.5_3.4.6

22 Commits
add/s3 ... main

Author SHA1 Message Date
decentral1se 2ca92dd55f
fix: drop golang templatin'
continuous-integration/drone/push Build is passing Details
2024-03-28 22:40:46 +01:00
3wc 080fcd7a2d chore: publish 1.1.9+v4.0.15-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-03-27 01:30:10 -03:00
3wc 556d73cce8 Further startup fix
continuous-integration/drone/push Build is passing Details
2024-03-27 01:26:42 -03:00
3wc f6c2527182 Run migrations during app startup
continuous-integration/drone/push Build is passing Details
2024-03-27 00:55:00 -03:00
3wc 953faaca83 chore: publish 1.1.8+v4.0.15-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-02-16 18:57:41 -03:00
knoflook 547cefbd19 chore: publish 1.1.7+v4.0.14-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-02-15 16:14:49 +01:00
Nick Sellen 91ed3cf439
chore: publish 1.1.6+v4.0.13-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-02-12 22:18:27 +00:00
Nick Sellen 6f31be3458
Bump ENTRYPOINT_CONF_VERSION 2024-02-12 22:16:14 +00:00
3wc 4e8ae43423 chore: publish 1.1.5+v4.0.13-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-02-01 20:31:28 -03:00
3wc 2e46a01082 chore: publish 1.1.4+v4.0.10-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2024-01-11 21:33:16 -03:00
3wc 1155b3cc50 Improve abra.sh and use DB_PASS_FILE 2024-01-11 21:32:36 -03:00
3wordchant 66adadea97 Merge pull request 'Add missing S3_ vars' (#19) from add/missing-s3-vars into main
continuous-integration/drone/push Build is passing Details 
Reviewed-on: #19
 2023-10-31 22:11:54 +00:00
Nick Sellen e776970066
Bump recipe version 2023-10-31 21:41:39 +00:00
Nick Sellen eab512222a
Add missing S3_ vars 2023-10-31 16:06:17 +00:00
knoflook 9d5e427b80 chore: publish 1.1.2+v4.0.10-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
2023-10-30 16:32:13 +01:00
knoflook c1ca15ff87 bump up the entrypoint version
continuous-integration/drone/push Build is passing Details
2023-10-30 15:50:39 +01:00
knoflook f4ad09c3b2 chore: publish 1.1.1+v4.0.6-hometown-1.1.1 release
continuous-integration/drone/push Build is passing Details
continuous-integration/drone Build is passing Details
2023-10-30 15:27:30 +01:00
3wordchant 3fc213854f Merge pull request 'fix links in README' (#16) from amras/hometown:main into main
continuous-integration/drone/push Build is passing Details 
Reviewed-on: #16
 2023-09-11 16:15:55 +00:00
Sarma 7cec462a60 fix links in README 
* opening paragraph previously pointed to git.autonomic.zone's archived repo
* decentral1se/hometown is no longer used in the recipe.

Signed-off-by: Sarma <amras@noreply.git.coopcloud.tech>
 2023-09-11 15:04:46 +00:00
Nick Sellen acee84e403 Add missing secret env entries
continuous-integration/drone/push Build is passing Details
continuous-integration/drone/tag Build is passing Details
2023-07-24 14:10:22 +01:00
nicksellen 307037b36b Move elasticsearch to compose.elasticsearch.yml (#15)
continuous-integration/drone/push Build is passing Details 
I realised although I had created compose.elasticsearch.yml I had only moved the env vars into it, not the actual service.

Now moved the service and the volume :)

I haven't tried it, but will do soon for bath.social...

Co-authored-by: Nick Sellen <git@nicksellen.co.uk>
Reviewed-on: #15
 2023-07-20 12:51:39 +00:00
nicksellen 86bef2441d Merge pull request 'Add S3 configuration' (#14) from add/s3 into main
continuous-integration/drone/push Build is passing Details 
Reviewed-on: #14
 2023-07-19 19:14:59 +00:00
7 changed files with 117 additions and 87 deletions
Show Stats Expand all files Collapse all files

3
.env.sample
View File

@ -1,6 +1,6 @@
TYPE=hometown
DOMAIN={{ .Domain }}
DOMAIN=hometown.example.com
# Enables WEB_DOMAIN if set (FOR FUTURE USE)
# USER_DOMAIN=
@ -30,6 +30,7 @@ LOCAL_DOMAIN=$DOMAIN
# ALTERNATE_DOMAINS=$EXTRA_DOMAINS
AUTHORIZED_FETCH=false
DISALLOW_UNAUTHENTICATED_API_ACCESS=false
LIMITED_FEDERATION_MODE=false
# Deployment

4
README.md
View File

@ -2,7 +2,7 @@
> A supported fork of Mastodon that provides local posting and a wider range of content types.
The configuration aims to stay as close as possible to [coop-cloud/mastodon](https://git.autonomic.zone/coop-cloud/mastodon).
The configuration aims to stay as close as possible to [coop-cloud/mastodon](https://git.coopcloud.tech/coop-cloud/mastodon).
At some point, ideally, we could merge them. We don't have enough folks running
both Mastodon & Hometown to understand if that is a good idea right now. To be
discussed.
@ -11,7 +11,7 @@ discussed.
* **Category**: Apps
* **Status**: 1
* **Image**: [`decentral1se/hometown`](https://hub.docker.com/r/decentral1se/hometown)
* **Image**: [`hometown`](https://git.coopcloud.tech/coop-cloud-chaos-patchs/docker-hometown), 1, Co-op Cloud custom image
* **Healthcheck**: No
* **Backups**: No
* **Email**: Yes

138
abra.sh
View File

@ -1,70 +1,92 @@
#!/bin/bash
export ENTRYPOINT_CONF_VERSION=v6
export ENTRYPOINT_CONF_VERSION=v8
assets() {
export OTP_SECRET=$(cat /run/secrets/otp_secret)
export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
export DB_PASS=$(cat /run/secrets/db_password)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
RAILS_ENV=production bundle exec rails assets:precompile
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
declare -x -g "$var"="$val"
unset "$fileVar"
}
setup() {
export OTP_SECRET=$(cat /run/secrets/otp_secret)
export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
export DB_PASS=$(cat /run/secrets/db_password)
environment() {
# for sidekiq service bundle exec env var threading
file_env "OTP_SECRET"
file_env "SECRET_KEY_BASE"
file_env "DB_PASS"
file_env "SMTP_PASSWORD"
file_env "VAPID_PRIVATE_KEY"
RAILS_ENV=production bundle exec rake db:setup
declare -x RAILS_ENV=production
}
admin() {
export OTP_SECRET=$(cat /run/secrets/otp_secret)
export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
export DB_PASS=$(cat /run/secrets/db_password)
RAILS_ENV=production bin/tootctl accounts create "$1" --email "$2" --confirmed --role admin
setup_admin() {
## Create an admin user
environment
accounts create "$1" --email "$2" --confirmed --role admin
}
secrets() {
docker context use default > /dev/null 2>&1
echo "Generating secrets for new Hometown deployment..."
echo ""
SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
echo ""
OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
echo "OTP_SECRET = $OTP_SECRET"
echo ""
docker run \
-e SECRET_KEY_BASE="$SECRET_KEY_BASE" \
-e OTP_SECRET="$OTP_SECRET" \
--rm tootsuite/mastodon:v3.4.0 \
bundle exec rake mastodon:webpush:generate_vapid_key \
> /tmp/key.txt
VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
rm -rf /tmp/key.txt
echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!"
echo ""
abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY"
echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY"
echo ""
abra app secret generate "$APP_NAME" db_password v1
echo ""
echo "don't forget to insert your smtp_password! your deployment won't work without it"
echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
echo ""
shell() {
## Run a shell with proper environment
environment
bash $@
}
generate_secrets() {
## Run `abra app cmd -l <yourdomain> generate_secrets` to use Docker to generate secrets you'll need to deploy
## your new instance (and create the secrets on target app).
docker context use default > /dev/null 2>&1
echo "Generating secrets for new Hometown deployment..."
echo ""
SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v4.2.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
echo ""
OTP_SECRET=$(docker run --rm tootsuite/mastodon:v4.2.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
echo "OTP_SECRET = $OTP_SECRET"
echo ""
docker run \
-e SECRET_KEY_BASE="$SECRET_KEY_BASE" \
-e OTP_SECRET="$OTP_SECRET" \
--rm tootsuite/mastodon:v3.4.0 \
bundle exec rake mastodon:webpush:generate_vapid_key \
> /tmp/key.txt
VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
rm -rf /tmp/key.txt
echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!"
echo ""
abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY"
echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY"
echo ""
abra app secret generate "$APP_NAME" db_password v1
echo ""
echo "don't forget to insert your smtp_password! your deployment won't work without it"
echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
echo ""
}

19
compose.elasticsearch.yml
View File

@ -2,6 +2,22 @@
version: "3.8"
services:
es:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
environment:
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- "cluster.name=es-mastodon"
- "discovery.type=single-node"
- "bootstrap.memory_lock=true"
networks:
- internal_network
volumes:
- es:/usr/share/elasticsearch/data
ulimits:
memlock:
soft: -1
hard: -1
app:
environment: &es-env
- ES_ENABLED=true
@ -13,3 +29,6 @@ services:
sidekiq:
environment: *es-env
volumes:
es:

2
compose.s3.yml
View File

@ -16,6 +16,8 @@ services:
- S3_OVERRIDE_PATH_STYLE
- S3_OPEN_TIMEOUT
- S3_READ_TIMEOUT
- S3_FORCE_SINGLE_REQUEST
- S3_ALIAS_HOST
secrets: &s3-secrets
- aws_secret_access_key

35
compose.yml
View File

@ -3,8 +3,8 @@ version: "3.8"
services:
app:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.6-hometown-1.1.1
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rake db:migrate; bundle exec rails s -p 3000"
networks: &bothNetworks
- proxy
- internal_network
@ -19,7 +19,7 @@ services:
- "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "coop-cloud.${STACK_NAME}.version=1.0.0+v4.0.6-hometown-1.1.1"
- "coop-cloud.${STACK_NAME}.version=1.1.9+v4.0.15-hometown-1.1.1"
configs: &configs
- source: entrypoint_sh
target: /usr/local/bin/entrypoint.sh
@ -45,7 +45,9 @@ services:
- DB_NAME
- DB_PORT
- DB_USER
- DB_PASS_FILE=/run/secrets/db_password
- DEFAULT_LOCALE
- DISALLOW_UNAUTHENTICATED_API_ACCESS
- EMAIL_DOMAIN_ALLOWLIST
- EMAIL_DOMAIN_DENYLIST
- LDAP_BASE
@ -89,6 +91,7 @@ services:
- OIDC_TOKEN_ENDPOINT
- OIDC_UID_FIELD
- OIDC_USER_INFO_ENDPOINT
- OTP_SECRET_FILE=/run/secrets/otp_secret
- PAPERCLIP_ROOT_PATH
- PAPERCLIP_ROOT_URL
- RAILS_ENV
@ -117,6 +120,7 @@ services:
- SAML_SECURITY_WANT_ASSERTION_ENCRYPTED
- SAML_SECURITY_WANT_ASSERTION_SIGNED
- SAML_UID_ATTRIBUTE
- SECRET_KEY_BASE_FILE=/run/secrets/secret_key_base
- SINGLE_USER_MODE
- SMTP_AUTH_METHOD
- SMTP_CA_FILE
@ -139,7 +143,7 @@ services:
- WEB_DOMAIN
streaming:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.6-hometown-1.1.1
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
command: node ./streaming
configs: *configs
entrypoint: *entrypoint
@ -160,7 +164,7 @@ services:
volumes: *appVolume # used to make sure this volume is created
sidekiq:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.6-hometown-1.1.1
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
secrets: *secrets
command: bundle exec sidekiq
configs: *configs
@ -174,7 +178,7 @@ services:
environment: *env
db:
image: postgres:14.5-alpine
image: postgres:14.10-alpine
networks: &internalNetwork
- internal_network
volumes:
@ -187,29 +191,13 @@ services:
- POSTGRES_USER=${DB_USER}
redis:
image: redis:7.0-alpine
image: redis:7.2-alpine
networks: *internalNetwork
healthcheck:
test: ["CMD", "redis-cli", "ping"]
volumes:
- redis:/data
es:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
environment:
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- "cluster.name=es-mastodon"
- "discovery.type=single-node"
- "bootstrap.memory_lock=true"
networks:
- internal_network
volumes:
- es:/usr/share/elasticsearch/data
ulimits:
memlock:
soft: -1
hard: -1
secrets:
secret_key_base:
name: ${STACK_NAME}_secret_key_base_${SECRET_SECRET_KEY_BASE_VERSION}
@ -231,7 +219,6 @@ volumes:
app:
redis:
postgres:
es:
networks:
proxy:

3
entrypoint.sh.tmpl
View File

@ -23,9 +23,8 @@ file_env() {
unset "$fileVar"
}
export DB_PASS=$(cat /run/secrets/db_password)
# for sidekiq service bundle exec env var threading
file_env "DB_PASS"
file_env "OTP_SECRET"
file_env "SECRET_KEY_BASE"
file_env "SMTP_PASSWORD"