initial commit

This commit is contained in:
Vivianne 2022-05-10 21:14:37 -07:00
commit 1e6b6ae15e
8 changed files with 2266 additions and 0 deletions

162
.env.docker.example Normal file
View File

@ -0,0 +1,162 @@
## Crypto
APP_KEY=secretsgohere
## General Settings
APP_NAME="Moe for Solarpunk Pix"
APP_ENV=production
APP_DEBUG=false
APP_URL=https://pix.solarpunk.moe
APP_DOMAIN="pix.solarpunk.moe"
ADMIN_DOMAIN="pix.solarpunk.moe"
SESSION_DOMAIN="pix.solarpunk.moe"
OPEN_REGISTRATION=true
ENFORCE_EMAIL_VERIFICATION=true
PF_MAX_USERS=30
OAUTH_ENABLED=true
APP_TIMEZONE=UTC
APP_LOCALE=en
## Pixelfed Tweaks
LIMIT_ACCOUNT_SIZE=true
MAX_ACCOUNT_SIZE=1000000
MAX_PHOTO_SIZE=15000
MAX_AVATAR_SIZE=2000
MAX_CAPTION_LENGTH=500
MAX_BIO_LENGTH=125
MAX_NAME_LENGTH=30
MAX_ALBUM_LENGTH=4
IMAGE_QUALITY=80
PF_OPTIMIZE_IMAGES=true
PF_OPTIMIZE_VIDEOS=true
ADMIN_ENV_EDITOR=false
ACCOUNT_DELETION=true
ACCOUNT_DELETE_AFTER=false
MAX_LINKS_PER_POST=0
## Instance
#INSTANCE_DESCRIPTION=
INSTANCE_PUBLIC_HASHTAGS=false
#INSTANCE_CONTACT_EMAIL=
INSTANCE_PUBLIC_LOCAL_TIMELINE=false
#BANNED_USERNAMES=
STORIES_ENABLED=false
RESTRICTED_INSTANCE=false
## Mail
MAIL_DRIVER=smtp
MAIL_HOST=mail
MAIL_PORT=25
MAIL_FROM_ADDRESS="pixelfed@solarpunk.moe"
MAIL_FROM_NAME="Moe for Solarpunk Pixelfed"
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
## Databases (MySQL)
DB_CONNECTION=mysql
DB_DATABASE=pixelfed_prod
DB_HOST=db
DB_PASSWORD=pixelfed_db_pass
DB_PORT=3306
DB_USERNAME=pixelfed
# pass the same values to the db itself
MYSQL_DATABASE=pixelfed_prod
MYSQL_PASSWORD=pixelfed_db_pass
MYSQL_RANDOM_ROOT_PASSWORD=true
MYSQL_USER=pixelfed
## Databases (Postgres)
#DB_CONNECTION=pgsql
#DB_HOST=db
#DB_PORT=5432
#DB_DATABASE=pixelfed
#DB_USERNAME=postgres
#DB_PASSWORD=9*K5JFNo
#POSTGRES_DB=pixelfed
#POSTGRES_USER=postgres
#POSTGRES_PASSWORD=9*K5JFNo
## Cache (Redis)
REDIS_CLIENT=phpredis
REDIS_SCHEME=tcp
REDIS_HOST=redis
REDIS_PASSWORD=secrets
REDIS_PORT=6379
REDIS_DATABASE=0
## EXPERIMENTS
EXP_LC=false
EXP_REC=false
EXP_LOOPS=false
## ActivityPub Federation
ACTIVITY_PUB=true
AP_REMOTE_FOLLOW=true
AP_SHAREDINBOX=true
AP_INBOX=true
AP_OUTBOX=true
ATOM_FEEDS=true
NODEINFO=true
WEBFINGER=true
## S3
FILESYSTEM_DRIVER=local
FILESYSTEM_CLOUD=s3
PF_ENABLE_CLOUD=true
AWS_ACCESS_KEY_ID=secrets
AWS_SECRET_ACCESS_KEY=secrets
AWS_DEFAULT_REGION=region
AWS_BUCKET=bucketname
AWS_URL=https://something.something.digitaloceanspaces.com
AWS_ENDPOINT=https://something.digitaloceanspaces.com
#AWS_USE_PATH_STYLE_ENDPOINT=false
## Horizon
HORIZON_DARKMODE=true
## COSTAR - Confirm Object Sentiment Transform and Reduce
PF_COSTAR_ENABLED=false
# Media
MEDIA_EXIF_DATABASE=false
## Logging
LOG_CHANNEL=stdout
## Image
IMAGE_DRIVER=imagick
## Broadcasting
BROADCAST_DRIVER=redis # log driver for local development
## Cache
CACHE_DRIVER=redis
## Purify
RESTRICT_HTML_TYPES=true
## Queue
QUEUE_DRIVER=redis
## Session
SESSION_DRIVER=redis
## Trusted Proxy
TRUST_PROXIES="*"
## Passport
#PASSPORT_PRIVATE_KEY=
#PASSPORT_PUBLIC_KEY=
#
#
PF_USER_INVITES=true
PF_USER_INVITES_TOTAL_LIMIT=100
PF_USER_INVITES_DAILY_LIMIT=10
PF_USER_INVITES_MONTHLY_LIMIT=25
# This needs to be set to false when doing initial migration!
# It's awkward! Yeah!
ENABLE_CONFIG_CACHE=true

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
# Secrets!
.env.docker

39
contrib/docker-nginx.conf Normal file
View File

@ -0,0 +1,39 @@
upstream fpm {
server pixelfed-app:9000;
}
server {
listen ${NGINX_PORT};
server_name pix.solarpunk.moe; # change this to your fqdn
root /var/www/public; # path to repo/public
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
client_max_body_size 32M; # or your desired limit
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass fpm;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # or $request_filename
}
location ~ /\.(?!well-known).* {
deny all;
}
}

File diff suppressed because it is too large Load Diff

15
contrib/docker/start.fpm.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/ bootstrap/ public/
# Refresh the environment
php artisan storage:link
php artisan horizon:publish
php artisan route:cache
php artisan view:cache
php artisan config:cache
# Finally run FPM
php-fpm

8
contrib/docker/start.nginx.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
rm -rf /var/www/public/storage
ln -s /var/www/storage/app/public /var/www/public/storage
chown -R www-data /var/www/public/
./docker-entrypoint.sh nginx -g "daemon off;"

15
contrib/docker/start.php.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/ bootstrap/
# Refresh the environment
php artisan storage:link
php artisan horizon:publish
php artisan route:cache
php artisan view:cache
php artisan config:cache
# Finally run php
php

109
docker-compose.yml Normal file
View File

@ -0,0 +1,109 @@
---
version: '3'
# In order to set configuration, please use a .env file in
# your compose project directory (the same directory as your
# docker-compose.yml), and set database options, application
# name, key, and other settings there.
# A list of available settings is available in .env.example
#
# The services should scale properly across a swarm cluster
# if the volumes are properly shared between cluster members.
services:
## App and Worker
pixelfed-app:
# Comment to use dockerhub image
build:
context: .
dockerfile: contrib/docker/Dockerfile.fpm
image: porttown.solarpunk.moe/pixelfed
restart: unless-stopped
env_file:
- .env.docker
volumes:
- app-storage:/var/www/storage
- app-bootstrap:/var/www/bootstrap
- "./.env.docker:/var/www/.env"
networks:
internal:
external:
mail:
depends_on:
- db
- redis
worker:
build:
context: .
dockerfile: contrib/docker/Dockerfile.fpm
image: porttown.solarpunk.moe/pixelfed
restart: unless-stopped
env_file:
- .env.docker
volumes:
- app-storage:/var/www/storage
- app-bootstrap:/var/www/bootstrap
networks:
- internal
- mail
command: gosu www-data php artisan horizon
depends_on:
- db
- redis
## DB and Cache
db:
image: mysql:8.0
restart: unless-stopped
networks:
- internal
command: --default-authentication-plugin=mysql_native_password
env_file:
- .env.docker
volumes:
- "db-data:/var/lib/lib/mysql"
redis:
image: redis:5-alpine
restart: unless-stopped
env_file:
- .env.docker
volumes:
- "redis-data:/data"
networks:
- internal
nginx:
image: nginx
restart: always
command: /var/www/start.nginx.sh
networks:
- httpsproxy
- external
volumes:
- ./contrib/docker-nginx.conf:/etc/nginx/templates/default.conf.template
- ./contrib/docker/start.nginx.sh:/var/www/start.nginx.sh
- ./public:/var/www/public
- app-storage:/var/www/storage
environment:
- LETSENCRYPT_HOST=pix.solarpunk.moe
- VIRTUAL_HOST=pix.solarpunk.moe
- VIRTUAL_PORT=80
- NGINX_PORT=80
volumes:
db-data:
redis-data:
app-storage:
app-bootstrap:
networks:
internal:
internal: true
external:
mail:
external: true
httpsproxy:
external: true