-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial Commit
- Loading branch information
Showing
10 changed files
with
225 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Pleroma | ||
|
||
[Pleroma](https://github.com/angristan/docker-pleroma) Pleroma is a federated social networking platform, compatible with GNU social and other OStatus implementations. It is free software licensed under the AGPLv3. | ||
|
||
## Additional Installation Steps | ||
|
||
* Pleroma requires you to interactively create the first user using docker exec, or something similar. Here's a templated version for you to run. You'll need to do this from your homelab server's /var/homelabos/pleroma directory. | ||
|
||
```sh | ||
docker-compose exec web /opt/pleroma/bin/pleroma_ctl user new {{default_username}} {{admin_email}} --name {{default_username}} --password {{default_password}} --admin --moderator -y | ||
``` | ||
|
||
## Access | ||
|
||
It is available at [https://{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}/](https://{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}/) or [http://{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}/](http://{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ airsonic.subdomain + "." + domain }}{% endif %}/) | ||
|
||
{% if enable_tor %} | ||
It is also available via Tor at [http://{{ pleroma + "." + tor_domain }}/](http://{{ pleroma + "." + tor_domain }}/) | ||
{% endif %} | ||
|
||
## Security enable/disable https_only and auth | ||
|
||
To enable https_only or auth set the service config to True | ||
`settings/config.yml` | ||
|
||
``` | ||
pleroma: | ||
https_only: True | ||
auth: True | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
--- | ||
- name: Make pleroma directory. | ||
file: | ||
path: "{{ volumes_root }}/pleroma" | ||
state: directory | ||
|
||
- name: Copy pleroma docker-compose.yml file into place. | ||
template: | ||
src: docker-compose.pleroma.yml.j2 | ||
dest: "{{ volumes_root }}/pleroma/docker-compose.yml" | ||
vars: | ||
tor_domain: "{{ tor_http_domain_file.stdout | default('') }}" | ||
|
||
- name: Configure upload directory | ||
file: | ||
state: directory | ||
path: "{{ volumes_root }}/pleroma/upload" | ||
owner: "{{ ansible_effective_user_id }}" | ||
group: "{{ ansible_effective_group_id }}" | ||
recurse: yes | ||
|
||
- name: Configure config directory | ||
file: | ||
state: directory | ||
path: "{{ volumes_root }}/pleroma/config" | ||
owner: "{{ ansible_effective_user_id }}" | ||
group: "{{ ansible_effective_group_id }}" | ||
recurse: yes | ||
|
||
- name: Generate Pleroma Secret Key Base | ||
shell: > | ||
openssl rand -base64 48 | ||
register: secret_key | ||
|
||
- name: Copy Secret.exs into place. | ||
template: | ||
src: secret.exs | ||
dest: "{{ volumes_root }}/pleroma/config/secret.exs" | ||
vars: | ||
secret_key: secret_key | ||
|
||
# - name: Install CIText postgres extension | ||
# shell: > | ||
# docker-compose -f {{ volumes_root}}/pleroma/docker-compose.yml up -d pleromadb; docker-compose -f {{ volumes_root}}/pleroma/docker-compose.yml exec pleromadb psql -U pleroma -c "CREATE EXTENSION IF NOT EXISTS citext;"; docker-compose -f {{ volumes_root}}/pleroma/docker-compose.yml down | ||
|
||
- name: Configure pleroma systemd service. | ||
template: | ||
src: service.j2 | ||
dest: /etc/systemd/system/pleroma.service | ||
|
||
- name: Start pleroma | ||
systemd: | ||
name: pleroma | ||
enabled: "yes" | ||
daemon-reload: "yes" | ||
state: started |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
FROM elixir:1.10.3-alpine | ||
|
||
ENV UID=911 GID=911 \ | ||
MIX_ENV=prod | ||
|
||
ARG PLEROMA_VER=stable | ||
|
||
RUN apk -U upgrade \ | ||
&& apk add --no-cache \ | ||
build-base \ | ||
git | ||
|
||
RUN addgroup -g ${GID} pleroma \ | ||
&& adduser -h /pleroma -s /bin/sh -D -G pleroma -u ${UID} pleroma | ||
|
||
USER pleroma | ||
WORKDIR pleroma | ||
|
||
RUN git clone -b develop https://git.pleroma.social/pleroma/pleroma.git /pleroma \ | ||
&& git checkout ${PLEROMA_VER} | ||
|
||
COPY config/secret.exs /pleroma/config/prod.secret.exs | ||
|
||
RUN mix local.rebar --force \ | ||
&& mix local.hex --force \ | ||
&& mix deps.get \ | ||
&& mix compile | ||
|
||
VOLUME /pleroma/uploads/ | ||
|
||
CMD ["mix", "phx.server"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
--- | ||
version: '3' | ||
|
||
# This networks section required for the pacakge to be visible to Traefik. | ||
# DO NOT Remove | ||
networks: | ||
traefik_network: | ||
external: | ||
name: homelabos_traefik | ||
|
||
services: | ||
db: | ||
image: postgres:9.6-alpine | ||
restart: always | ||
networks: | ||
- traefik_network | ||
environment: | ||
- POSTGRES_USER=pleroma | ||
- POSTGRES_PASSWORD={{lookup('password', './settings/passwords/pleroma_db_password chars=digits')}} | ||
- DB_PASS={{lookup('password', './settings/passwords/pleroma_db_password chars=digits')}} | ||
- POSTGRES_DB=pleroma | ||
volumes: | ||
- ./postgres:/var/lib/postgresql/data | ||
|
||
web: | ||
image: git.pleroma.social:5050/pleroma/pleroma:latest | ||
restart: unless-stopped | ||
volumes: | ||
- "{{ volumes_root }}/pleroma/uploads:/uploads" | ||
- "{{ volumes_root }}/pleroma/config:/config" | ||
networks: | ||
- traefik_network | ||
depends_on: | ||
- db | ||
environment: | ||
- POSTGRES_USER=pleroma | ||
- DB_PASS={{lookup('password', './settings/passwords/pleroma_db_password chars=digits')}} | ||
- POSTGRES_DB=pleroma | ||
labels: | ||
- "traefik.enable=true" | ||
- "traefik.docker.network=homelabos_traefik" | ||
- "traefik.http.services.pleroma.loadbalancer.server.scheme=http" | ||
- "traefik.http.services.pleroma.loadbalancer.server.port=4000" | ||
- "traefik.http.routers.pleroma-http.rule=Host(`{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}`)" | ||
- "traefik.http.routers.pleroma-http.entrypoints=http" | ||
{% if not pleroma.https_only %} | ||
- "traefik.http.routers.pleroma-http.middlewares={% if pleroma.https_only %}redirect@file, {% else %}{% if pleroma.auth %}{% if authelia.enable %}authelia@file{% else %}basicAuth@file{% endif %}, {% endif %}{% endif %}customFrameHomelab@file" | ||
{% else %} | ||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" | ||
- "traefik.http.routers.pleroma-http.middlewares=redirect-to-https" | ||
{% endif %} | ||
- "traefik.http.routers.pleroma.rule=Host(`{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}`)" | ||
- "traefik.http.routers.pleroma.entrypoints=https" | ||
- "traefik.http.routers.pleroma.middlewares={% if pleroma.auth %}{% if authelia.enable %}authelia@file{% else %}basicAuth@file{% endif %}, {% endif %}customFrameHomelab@file" | ||
- "traefik.http.routers.pleroma.tls=true" | ||
{% if traefik.dns_challenge_provider %} | ||
- "traefik.http.routers.pleroma.tls.certresolver=dns" | ||
- "traefik.http.routers.pleroma.tls.domains[0].main={{ domain }}" | ||
- "traefik.http.routers.pleroma.tls.domains[0].sans=*.{{ domain }}" | ||
{% else %} | ||
- "traefik.http.routers.pleroma.tls.certresolver=http" | ||
{% endif %} | ||
{% if enable_tor %} | ||
- "traefik.http.routers.pleroma-tor-http.rule=Host(`{{ pleroma.subdomain }}.{{ tor_domain }}`)" | ||
- "traefik.http.routers.pleroma-tor-http.entrypoints=http" | ||
- "traefik.http.routers.pleroma-tor-http.middlewares={% if pleroma.auth %}{% if authelia.enable %}authelia-tor@file{% else %}basicAuth@file{% endif %}, {% endif %}customFrameHomelab-tor@file" | ||
{% endif %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
use Mix.Config | ||
|
||
config :pleroma, Pleroma.Web.Endpoint, | ||
http: [ ip: {0, 0, 0, 0}, ], | ||
url: [host: "{% if pleroma.domain %}{{ pleroma.domain }}{% else %}{{ pleroma.subdomain + "." + domain }}{% endif %}", scheme: "https", port: 443], | ||
secret_key_base: "{{secret_key.stdout}}" | ||
|
||
config :pleroma, :instance, | ||
name: "Pleroma", | ||
email: "{{admin_email}}", | ||
limit: 5000, | ||
registrations_open: true | ||
|
||
config :pleroma, :media_proxy, | ||
enabled: false, | ||
redirect_on_failure: true, | ||
base_url: "https://cache.domain.tld" | ||
|
||
# Configure your database | ||
config :pleroma, Pleroma.Repo, | ||
adapter: Ecto.Adapters.Postgres, | ||
username: "pleroma", | ||
password: "{{lookup('password', './settings/passwords/pleroma_db_password chars=digits')}}", | ||
database: "pleroma", | ||
hostname: "pleromadb", | ||
pool_size: 20 |