diff options
Diffstat (limited to 'docker/federation')
-rw-r--r-- | docker/federation/Dockerfile | 17 | ||||
-rw-r--r-- | docker/federation/docker-compose.yml | 132 | ||||
-rw-r--r-- | docker/federation/nginx.conf | 125 | ||||
-rwxr-xr-x | docker/federation/run-federation-test.bash | 28 |
4 files changed, 302 insertions, 0 deletions
diff --git a/docker/federation/Dockerfile b/docker/federation/Dockerfile new file mode 100644 index 00000000..ec7bf2d2 --- /dev/null +++ b/docker/federation/Dockerfile @@ -0,0 +1,17 @@ +FROM ekidd/rust-musl-builder:1.42.0-openssl11 + +USER root +RUN mkdir /app/dist/documentation/ -p \ + && addgroup --gid 1001 lemmy \ + && adduser --disabled-password --shell /bin/sh -u 1001 --ingroup lemmy lemmy + +# Copy resources +COPY server/config/defaults.hjson /app/config/defaults.hjson +COPY ui/dist /app/dist +COPY server/target/debug/lemmy_server /app/lemmy + +RUN chown lemmy:lemmy /app/ -R +USER lemmy +EXPOSE 8536 +WORKDIR /app +CMD ["/app/lemmy"] diff --git a/docker/federation/docker-compose.yml b/docker/federation/docker-compose.yml new file mode 100644 index 00000000..585f2b4b --- /dev/null +++ b/docker/federation/docker-compose.yml @@ -0,0 +1,132 @@ +version: '3.3' + +services: + nginx: + image: nginx:1.17-alpine + ports: + - "8540:8540" + - "8550:8550" + - "8560:8560" + volumes: + # Hack to make this work from both docker/federation/ and docker/federation-test/ + - ../federation/nginx.conf:/etc/nginx/nginx.conf + depends_on: + - lemmy_alpha + - pictrs_alpha + - lemmy_beta + - pictrs_beta + - lemmy_gamma + - pictrs_gamma + - iframely + restart: "always" + + lemmy_alpha: + image: lemmy-federation:latest + environment: + - LEMMY_HOSTNAME=lemmy_alpha:8540 + - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_alpha:5432/lemmy + - LEMMY_JWT_SECRET=changeme + - LEMMY_FRONT_END_DIR=/app/dist + - LEMMY_FEDERATION__ENABLED=true + - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy_beta,lemmy_gamma + - LEMMY_PORT=8540 + - LEMMY_SETUP__ADMIN_USERNAME=lemmy_alpha + - LEMMY_SETUP__ADMIN_PASSWORD=lemmy + - LEMMY_SETUP__SITE_NAME=lemmy_alpha + - RUST_BACKTRACE=1 + - RUST_LOG=debug + restart: always + depends_on: + - postgres_alpha + postgres_alpha: + image: postgres:12-alpine + environment: + - POSTGRES_USER=lemmy + - POSTGRES_PASSWORD=password + - POSTGRES_DB=lemmy + volumes: + - ./volumes/postgres_alpha:/var/lib/postgresql/data + restart: always + pictrs_alpha: + image: asonix/pictrs:v0.1.13-r0 + user: 991:991 + volumes: + - ./volumes/pictrs_alpha:/mnt + restart: always + + lemmy_beta: + image: lemmy-federation:latest + environment: + - LEMMY_HOSTNAME=lemmy_beta:8550 + - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_beta:5432/lemmy + - LEMMY_JWT_SECRET=changeme + - LEMMY_FRONT_END_DIR=/app/dist + - LEMMY_FEDERATION__ENABLED=true + - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy_alpha,lemmy_gamma + - LEMMY_PORT=8550 + - LEMMY_SETUP__ADMIN_USERNAME=lemmy_beta + - LEMMY_SETUP__ADMIN_PASSWORD=lemmy + - LEMMY_SETUP__SITE_NAME=lemmy_beta + - RUST_BACKTRACE=1 + - RUST_LOG=debug + restart: always + depends_on: + - postgres_beta + postgres_beta: + image: postgres:12-alpine + environment: + - POSTGRES_USER=lemmy + - POSTGRES_PASSWORD=password + - POSTGRES_DB=lemmy + volumes: + - ./volumes/postgres_beta:/var/lib/postgresql/data + restart: always + pictrs_beta: + image: asonix/pictrs:v0.1.13-r0 + user: 991:991 + volumes: + - ./volumes/pictrs_beta:/mnt + restart: always + + lemmy_gamma: + image: lemmy-federation:latest + environment: + - LEMMY_HOSTNAME=lemmy_gamma:8560 + - LEMMY_DATABASE_URL=postgres://lemmy:password@postgres_gamma:5432/lemmy + - LEMMY_JWT_SECRET=changeme + - LEMMY_FRONT_END_DIR=/app/dist + - LEMMY_FEDERATION__ENABLED=true + - LEMMY_FEDERATION__TLS_ENABLED=false + - LEMMY_FEDERATION__ALLOWED_INSTANCES=lemmy_alpha,lemmy_beta + - LEMMY_PORT=8560 + - LEMMY_SETUP__ADMIN_USERNAME=lemmy_gamma + - LEMMY_SETUP__ADMIN_PASSWORD=lemmy + - LEMMY_SETUP__SITE_NAME=lemmy_gamma + - RUST_BACKTRACE=1 + - RUST_LOG=debug + restart: always + depends_on: + - postgres_gamma + postgres_gamma: + image: postgres:12-alpine + environment: + - POSTGRES_USER=lemmy + - POSTGRES_PASSWORD=password + - POSTGRES_DB=lemmy + volumes: + - ./volumes/postgres_gamma:/var/lib/postgresql/data + restart: always + pictrs_gamma: + image: asonix/pictrs:v0.1.13-r0 + user: 991:991 + volumes: + - ./volumes/pictrs_gamma:/mnt + restart: always + + iframely: + image: dogbin/iframely:latest + volumes: + - ../iframely.config.local.js:/iframely/config.local.js:ro + restart: always diff --git a/docker/federation/nginx.conf b/docker/federation/nginx.conf new file mode 100644 index 00000000..25160eb6 --- /dev/null +++ b/docker/federation/nginx.conf @@ -0,0 +1,125 @@ +events { + worker_connections 1024; +} + +http { + server { + listen 8540; + server_name 127.0.0.1; + access_log off; + + # Upload limit for pictshare + client_max_body_size 50M; + + location / { + proxy_pass http://lemmy_alpha:8540; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # WebSocket support + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + # pict-rs images + location /pictrs { + location /pictrs/image { + proxy_pass http://pictrs_alpha:8080/image; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # Block the import + return 403; + } + + location /iframely/ { + proxy_pass http://iframely:80/; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + + server { + listen 8550; + server_name 127.0.0.1; + access_log off; + + # Upload limit for pictshare + client_max_body_size 50M; + + location / { + proxy_pass http://lemmy_beta:8550; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # WebSocket support + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + # pict-rs images + location /pictrs { + location /pictrs/image { + proxy_pass http://pictrs_beta:8080/image; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # Block the import + return 403; + } + + location /iframely/ { + proxy_pass http://iframely:80/; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + + server { + listen 8560; + server_name 127.0.0.1; + access_log off; + + # Upload limit for pictshare + client_max_body_size 50M; + + location / { + proxy_pass http://lemmy_gamma:8560; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # WebSocket support + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + # pict-rs images + location /pictrs { + location /pictrs/image { + proxy_pass http://pictrs_gamma:8080/image; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # Block the import + return 403; + } + + location /iframely/ { + proxy_pass http://iframely:80/; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } +} diff --git a/docker/federation/run-federation-test.bash b/docker/federation/run-federation-test.bash new file mode 100755 index 00000000..bc73fff6 --- /dev/null +++ b/docker/federation/run-federation-test.bash @@ -0,0 +1,28 @@ +#!/bin/bash +set -e + +# already start rust build in the background +pushd ../../server/ || exit +cargo build & +popd || exit + +if [ "$1" = "-yarn" ]; then + pushd ../../ui/ || exit + yarn + yarn build + popd || exit +fi + +# wait for rust build to finish +pushd ../../server/ || exit +cargo build +popd || exit + +sudo docker build ../../ --file Dockerfile -t lemmy-federation:latest + +for Item in alpha beta gamma ; do + sudo mkdir -p volumes/pictrs_$Item + sudo chown -R 991:991 volumes/pictrs_$Item +done + +sudo docker-compose up |