More improvements to abra.sh

.env.sample

@@ -1,6 +1,6 @@
 TYPE=hometown
 
-DOMAIN=hometown.example.com
+DOMAIN={{ .Domain }}
 # Enables WEB_DOMAIN if set (FOR FUTURE USE)
 # USER_DOMAIN=
 
@@ -30,7 +30,6 @@ LOCAL_DOMAIN=$DOMAIN
 
 # ALTERNATE_DOMAINS=$EXTRA_DOMAINS
 AUTHORIZED_FETCH=false
-DISALLOW_UNAUTHENTICATED_API_ACCESS=false
 LIMITED_FEDERATION_MODE=false
 
 # Deployment
@@ -62,7 +61,7 @@ REDIS_PORT=6379
 
 # ElasticSearch
 # --------------------------------------
-#COMPOSE_FILE="$COMPOSE_FILE:compose.elasticsearch.yml"
+ES_ENABLED=true
 ES_HOST=es
 ES_PORT=9200
 
@@ -78,7 +77,6 @@ SECRET_OTP_SECRET_VERSION=v1
 SECRET_VAPID_PRIVATE_KEY_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_SMTP_PASSWORD_VERSION=v1
-SECRET_AWS_SECRET_ACCESS_KEY_VERSION=v1
 
 # Web Push
 # ========
@@ -120,7 +118,7 @@ DEFAULT_LOCALE=en
 
 # S3 and AWS
 # ----------
-#COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
+# S3_ENABLED=
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=

README.md

@@ -2,7 +2,7 @@
 
 > A supported fork of Mastodon that provides local posting and a wider range of content types.
 
-The configuration aims to stay as close as possible to [coop-cloud/mastodon](https://git.coopcloud.tech/coop-cloud/mastodon).
+The configuration aims to stay as close as possible to [coop-cloud/mastodon](https://git.autonomic.zone/coop-cloud/mastodon).
 At some point, ideally, we could merge them. We don't have enough folks running
 both Mastodon & Hometown to understand if that is a good idea right now. To be
 discussed.
@@ -11,7 +11,7 @@ discussed.
 
 * **Category**: Apps
 * **Status**: 1
-* **Image**: [`hometown`](https://git.coopcloud.tech/coop-cloud-chaos-patchs/docker-hometown), 1, Co-op Cloud custom image
+* **Image**: [`decentral1se/hometown`](https://hub.docker.com/r/decentral1se/hometown)
 * **Healthcheck**: No
 * **Backups**: No
 * **Email**: Yes

abra.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 
-export ENTRYPOINT_CONF_VERSION=v8
+export ENTRYPOINT_CONF_VERSION=v7
+
 
 file_env() {
   local var="$1"

compose.elasticsearch.yml

@@ -1,34 +0,0 @@
----
-version: "3.8"
-
-services:
-  es:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
-    environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - "cluster.name=es-mastodon"
-      - "discovery.type=single-node"
-      - "bootstrap.memory_lock=true"
-    networks:
-      - internal_network
-    volumes:
-      - es:/usr/share/elasticsearch/data
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-
-  app:
-    environment: &es-env
-      - ES_ENABLED=true
-      - ES_HOST
-      - ES_PORT
-
-  streaming:
-    environment: *es-env
-
-  sidekiq:
-    environment: *es-env
-
-volumes:
-  es:

compose.s3.yml

@@ -1,35 +0,0 @@
----
-version: "3.8"
-
-services:
-  app:
-    environment: &s3-env
-      - S3_ENABLED=true
-      - AWS_ACCESS_KEY_ID
-      - AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/aws_secret_access_key
-      - S3_BUCKET
-      - S3_REGION
-      - S3_PROTOCOL
-      - S3_HOSTNAME
-      - S3_ENDPOINT
-      - S3_SIGNATURE_VERSION
-      - S3_OVERRIDE_PATH_STYLE
-      - S3_OPEN_TIMEOUT
-      - S3_READ_TIMEOUT
-      - S3_FORCE_SINGLE_REQUEST
-      - S3_ALIAS_HOST
-    secrets: &s3-secrets
-      - aws_secret_access_key
-
-  streaming:
-    environment: *s3-env
-    secrets: *s3-secrets
-
-  sidekiq:
-    environment: *s3-env
-    secrets: *s3-secrets
-
-secrets:
-  aws_secret_access_key:
-    name: ${STACK_NAME}_aws_secret_access_key_${SECRET_AWS_SECRET_ACCESS_KEY_VERSION}
-    external: true

compose.yml

@@ -3,8 +3,8 @@ version: "3.8"
 
 services:
   app:
-    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
-    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rake db:migrate; bundle exec rails s -p 3000"
+    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v3.5.10-hometown-1.0.8
+    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
     networks: &bothNetworks
       - proxy
       - internal_network
@@ -19,7 +19,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=1.1.9+v4.0.15-hometown-1.1.1"
+        - "coop-cloud.${STACK_NAME}.version=0.2.3+v3.5.10-hometown-1.0.8"
     configs: &configs
       - source: entrypoint_sh
         target: /usr/local/bin/entrypoint.sh
@@ -47,9 +47,11 @@ services:
       - DB_USER
       - DB_PASS_FILE=/run/secrets/db_password
       - DEFAULT_LOCALE
-      - DISALLOW_UNAUTHENTICATED_API_ACCESS
       - EMAIL_DOMAIN_ALLOWLIST
       - EMAIL_DOMAIN_DENYLIST
+      - ES_ENABLED
+      - ES_HOST
+      - ES_PORT
       - LDAP_BASE
       - LDAP_BIND_DN
       - LDAP_ENABLED
@@ -66,6 +68,7 @@ services:
       - MAX_SESSION_ACTIVATIONS
       - MAX_TOOT_CHARS
       - OAUTH_REDIRECT_AT_SIGN_IN
+      - OTP_SECRET_FILE=/run/secrets/otp_secret
       - OIDC_AUTH_ENDPOINT
       - OIDC_CLIENT_AUTH_METHOD
       - OIDC_CLIENT_ID
@@ -91,7 +94,6 @@ services:
       - OIDC_TOKEN_ENDPOINT
       - OIDC_UID_FIELD
       - OIDC_USER_INFO_ENDPOINT
-      - OTP_SECRET_FILE=/run/secrets/otp_secret
       - PAPERCLIP_ROOT_PATH
       - PAPERCLIP_ROOT_URL
       - RAILS_ENV
@@ -143,7 +145,7 @@ services:
       - WEB_DOMAIN
 
   streaming:
-    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
+    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v3.5.10-hometown-1.0.8
     command: node ./streaming
     configs: *configs
     entrypoint: *entrypoint
@@ -164,7 +166,7 @@ services:
     volumes: *appVolume # used to make sure this volume is created
 
   sidekiq:
-    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.0.15-hometown-1.1.1
+    image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v3.5.10-hometown-1.0.8
     secrets: *secrets
     command: bundle exec sidekiq
     configs: *configs
@@ -178,7 +180,7 @@ services:
     environment: *env
 
   db:
-    image: postgres:14.10-alpine
+    image: postgres:14.5-alpine
     networks: &internalNetwork
       - internal_network
     volumes:
@@ -191,13 +193,29 @@ services:
       - POSTGRES_USER=${DB_USER}
 
   redis:
-    image: redis:7.2-alpine
+    image: redis:7.0-alpine
     networks: *internalNetwork
     healthcheck:
       test: ["CMD", "redis-cli", "ping"]
     volumes:
       - redis:/data
 
+  es:
+    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
+    environment:
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - "cluster.name=es-mastodon"
+      - "discovery.type=single-node"
+      - "bootstrap.memory_lock=true"
+    networks:
+      - internal_network
+    volumes:
+      - es:/usr/share/elasticsearch/data
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+
 secrets:
   secret_key_base:
     name: ${STACK_NAME}_secret_key_base_${SECRET_SECRET_KEY_BASE_VERSION}
@@ -219,6 +237,7 @@ volumes:
   app:
   redis:
   postgres:
+  es:
 
 networks:
   proxy:

entrypoint.sh.tmpl

@@ -24,12 +24,11 @@ file_env() {
 }
 
 # for sidekiq service bundle exec env var threading
-file_env "DB_PASS"
 file_env "OTP_SECRET"
 file_env "SECRET_KEY_BASE"
+file_env "DB_PASS"
 file_env "SMTP_PASSWORD"
 file_env "VAPID_PRIVATE_KEY"
-file_env "AWS_SECRET_ACCESS_KEY"
 
 {{ if eq (env "OIDC_ENABLED") "true" }}
 file_env "OIDC_CLIENT_SECRET"

release/1.0.0+v4.0.6-hometown-1.1.1

@@ -1,11 +0,0 @@
-Mastodon 4 requires running pre- and post-deployment migrations, something like
-
-```
-abra app run your.app.domain app bash -c "SKIP_POST_DEPLOYMENT_MIGRATIONS=true rails db:migrate"
-abra app restart your.app.domain app
-abra app restart your.app.domain streaming
-abra app restart your.app.domain sidekiq
-abra app run your.app.domain app rails db:migrate
-```
-
-See the full release notes for details: https://github.com/mastodon/mastodon/releases/tag/v4.0.0