coop-cloud/hometown
1
0
Fork 1
Code Issues 2 Pull Requests 3 Projects Releases Activity
Files
update-121
hometown/compose.yml
Amras 00d71c3fb6
All checks were successful
continuous-integration/drone/tag Build is passing
Details
Upgrade to 4.5.11+1.2.1 
Notable change
is that the streaming and main images
have different entrypoints in the Dockerfiles.
I broke up our entrypoint.sh to respect that.

Unclear if this affected 1.2.0,
but in my tests the streaming container
deployed without issue in 1.2.0.
2026-06-17 14:29:54 +00:00

272 lines
8.4 KiB
YAML
Raw Permalink Blame History

---
version: "3.8"
services:
app:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.5.11-hometown-1.2.1
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rake db:migrate; bundle exec rails s -p 3000"
networks: &bothNetworks
- proxy
- internal_network
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.services.${STACK_NAME}_web.loadbalancer.server.port=3000"
- "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "coop-cloud.${STACK_NAME}.version=3.0.1+v4.5.11-hometown-1.2.1"
configs: &configs
- source: entrypoint_common_sh
target: /usr/local/bin/entrypoint.common.sh
mode: 0555
- source: entrypoint_main_sh
target: /usr/local/bin/entrypoint.sh
mode: 0555
entrypoint: &entrypoint /usr/local/bin/entrypoint.sh
volumes: &appVolume
- app:/opt/mastodon/public/system
secrets: &secrets
- db_password
- otp_secret
- secret_key_base
- smtp_password
- vapid_private_key
- enc_det_key
- enc_salt
- enc_pri_key
environment: &env
- ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_FILE=/run/secrets/enc_det_key
- ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_FILE=/run/secrets/enc_salt
- ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_FILE=/run/secrets/enc_pri_key
- ALLOW_ACCESS_TO_HIDDEN_SERVICE
- ALTERNATE_DOMAINS
- AUTHORIZED_FETCH
- CACHE_REDIS_HOST
- CACHE_REDIS_PORT
- CACHE_REDIS_URL
- DB_HOST
- DB_NAME
- DB_PORT
- DB_USER
- DB_PASS_FILE=/run/secrets/db_password
- DEFAULT_LOCALE
- DISALLOW_UNAUTHENTICATED_API_ACCESS
- EMAIL_DOMAIN_ALLOWLIST
- EMAIL_DOMAIN_DENYLIST
- LDAP_BASE
- LDAP_BIND_DN
- LDAP_ENABLED
- LDAP_HOST
- LDAP_MAIL
- LDAP_METHOD
- LDAP_PASSWORD
- LDAP_PORT
- LDAP_SEARCH_FILTER
- LDAP_UID
- LDAP_UID_CONVERSTION_ENABLED
- LIMITED_FEDERATION_MODE
- LOCAL_DOMAIN
- MAX_SESSION_ACTIVATIONS
- MAX_TOOT_CHARS
- OAUTH_REDIRECT_AT_SIGN_IN
- OIDC_AUTH_ENDPOINT
- OIDC_CLIENT_AUTH_METHOD
- OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET_FILE=/run/secrets/oidc_client_secret
- OIDC_DISCOVERY
- OIDC_DISPLAY
- OIDC_DISPLAY_NAME
- OIDC_ENABLED
- OIDC_END_SESSION_ENDPOINT
- OIDC_HOST
- OIDC_IDP_LOGOUT_REDIRECT_URI
- OIDC_ISSUER
- OIDC_JWKS_URI
- OIDC_PORT
- OIDC_PROMPT
- OIDC_REDIRECT_URI
- OIDC_RESPONSE_MODE
- OIDC_RESPONSE_TYPE
- OIDC_SCOPE
- OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED
- OIDC_SEND_NONCE
- OIDC_SEND_SCOPE_TO_TOKEN_ENDPOINT
- OIDC_TOKEN_ENDPOINT
- OIDC_UID_FIELD
- OIDC_USER_INFO_ENDPOINT
- OTP_SECRET_FILE=/run/secrets/otp_secret
- PAPERCLIP_ROOT_PATH
- PAPERCLIP_ROOT_URL
- RAILS_ENV
- RAILS_SERVE_STATIC_FILES
- REDIS_HOST
- REDIS_PORT
- REDIS_URL
- SAML_ACS_URL
- SAML_ATTRIBUTES_STATEMENTS_EMAIL
- SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME
- SAML_ATTRIBUTES_STATEMENTS_FULL_NAME
- SAML_ATTRIBUTES_STATEMENTS_LAST_NAME
- SAML_ATTRIBUTES_STATEMENTS_UID
- SAML_ATTRIBUTES_STATEMENTS_VERIFIED
- SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL
- SAML_CERT
- SAML_ENABLED
- SAML_IDP_CERT
- SAML_IDP_CERT_FINGERPRINT
- SAML_IDP_SSO_TARGET_URL
- SAML_ISSUER
- SAML_NAME_IDENTIFIER_FORMAT
- SAML_PRIVATE_KEY
- SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED
- SAML_SECURITY_WANT_ASSERTION_ENCRYPTED
- SAML_SECURITY_WANT_ASSERTION_SIGNED
- SAML_UID_ATTRIBUTE
- SECRET_KEY_BASE_FILE=/run/secrets/secret_key_base
- SINGLE_USER_MODE
- SMTP_AUTH_METHOD
- SMTP_CA_FILE
- SMTP_DELIVERY_METHOD
- SMTP_DOMAIN
- SMTP_ENABLE_STARTTLS_AUTO
- SMTP_FROM_ADDRESS
- SMTP_LOGIN
- SMTP_OPENSSL_VERIFY_MODE
- SMTP_PASSWORD_FILE=/run/secrets/smtp_password
- SMTP_PORT
- SMTP_SERVER
- SMTP_SSL
- SMTP_TLS
- STATSD_ADDR
- STATSD_NAMESPACE
- USER_ACTIVE_DAYS
- VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
- VAPID_PUBLIC_KEY
- WEB_DOMAIN
streaming:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.5.11-hometown-1.2.1-streaming
command: node ./streaming
configs:
- source: entrypoint_common_sh
target: /usr/local/bin/entrypoint.common.sh
mode: 0555
- source: entrypoint_streaming_sh
target: /usr/local/bin/entrypoint.sh
mode: 0555
entrypoint: *entrypoint
secrets: *secrets
networks: *bothNetworks
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.services.${STACK_NAME}_streaming.loadbalancer.server.port=4000"
- "traefik.http.routers.${STACK_NAME}_streaming.rule=(Host(`${DOMAIN}`) && PathPrefix(`/api/v1/streaming`))"
- "traefik.http.routers.${STACK_NAME}_streaming.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}_streaming.tls.certresolver=${LETS_ENCRYPT_ENV}"
environment: *env
volumes: *appVolume # used to make sure this volume is created
sidekiq:
image: git.coopcloud.tech/coop-cloud-chaos-patchs/hometown:v4.5.11-hometown-1.2.1
secrets: *secrets
command: bundle exec sidekiq
configs: *configs
entrypoint: *entrypoint
deploy:
update_config:
failure_action: rollback
order: start-first
networks: *bothNetworks
volumes: *appVolume
environment: *env
db:
image: postgres:14.10-alpine
networks: &internalNetwork
- internal_network
volumes:
- postgres:/var/lib/postgresql/data
secrets:
- db_password
environment:
- POSTGRES_DB=${DB_NAME}
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
- POSTGRES_USER=${DB_USER}
deploy:
labels:
- "backupbot.backup=true"
- "backupbot.backup.pre-hook=sh -c \"mkdir -p /var/backup/hometown; /usr/local/bin/pg_dump -Fc -U ${DB_USER} ${DB_NAME} > /var/backup/hometown/backupbot.dump\""
- "backupbot.backup.path=/var/backup/hometown"
- "backupbot.backup.post-hook=rm -f /var/backup/hometown/backupbot.dump"
- "backupbot.restore.post-hook=sh -c \"/usr/local/bin/pg_restore -U ${DB_USER} -d ${DB_NAME} -1 /var/backup/hometown/backupbot.dump\""
redis:
image: redis:7.4-alpine
networks: *internalNetwork
healthcheck:
test: ["CMD", "redis-cli", "ping"]
volumes:
- redis:/data
secrets:
secret_key_base:
name: ${STACK_NAME}_secret_key_base_${SECRET_SECRET_KEY_BASE_VERSION}
external: true
otp_secret:
name: ${STACK_NAME}_otp_secret_${SECRET_OTP_SECRET_VERSION}
external: true
vapid_private_key:
name: ${STACK_NAME}_vapid_private_key_${SECRET_VAPID_PRIVATE_KEY_VERSION}
external: true
db_password:
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
external: true
smtp_password:
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
external: true
enc_det_key:
name: ${STACK_NAME}_enc_det_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION}
external: true
enc_salt:
name: ${STACK_NAME}_enc_salt_${SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION}
external: true
enc_pri_key:
name: ${STACK_NAME}_enc_pri_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION}
external: true
volumes:
app:
redis:
postgres:
networks:
proxy:
external: true
internal_network:
internal: true
configs:
entrypoint_common_sh:
name: ${STACK_NAME}_ep_common_conf_${ENTRYPOINT_CONF_VERSION}
file: entrypoint.common.sh.tmpl
template_driver: golang
entrypoint_main_sh:
name: ${STACK_NAME}_ep_main_conf_${ENTRYPOINT_CONF_VERSION}
file: entrypoint.main.sh.tmpl
template_driver: golang
entrypoint_streaming_sh:
name: ${STACK_NAME}_ep_streaming_conf_${ENTRYPOINT_CONF_VERSION}
file: entrypoint.streaming.sh.tmpl
template_driver: golang
Reference in New Issue View Git Blame Copy Permalink