From 816188080d5863203e3061ee8694e283b2598dff Mon Sep 17 00:00:00 2001 From: Nikholas Pcenicni Date: Mon, 19 Jan 2026 03:10:15 +0000 Subject: [PATCH] Update komodo/mastodon/compose.yaml --- komodo/mastodon/compose.yaml | 170 ++++++++++++++++++++++++----------- 1 file changed, 118 insertions(+), 52 deletions(-) diff --git a/komodo/mastodon/compose.yaml b/komodo/mastodon/compose.yaml index 1c98232..3db327d 100644 --- a/komodo/mastodon/compose.yaml +++ b/komodo/mastodon/compose.yaml @@ -1,55 +1,121 @@ +# Mastodon using Docker named volumes. All runtime env vars are passed through (no env_file). +# Komodo / your orchestration should inject the environment variables listed below into each container. services: - mastodon: - image: lscr.io/linuxserver/mastodon:latest - container_name: mastodon - environment: - PUID: "${PUID}" - PGID: "${PGID}" - TZ: "${TZ}" - LOCAL_DOMAIN: "${LOCAL_DOMAIN}" - REDIS_HOST: "${REDIS_HOST}" - REDIS_PORT: "${REDIS_PORT}" - DB_HOST: "${DB_HOST}" - DB_USER: "${DB_USER}" - DB_NAME: "${DB_NAME}" - DB_PASS: "${DB_PASS}" - DB_PORT: "${DB_PORT}" - ES_ENABLED: "${ES_ENABLED}" - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: "${ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY}" - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: "${ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY}" - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: "${ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT}" - SECRET_KEY_BASE: "${SECRET_KEY_BASE}" - OTP_SECRET: "${OTP_SECRET}" - VAPID_PRIVATE_KEY: "${VAPID_PRIVATE_KEY}" - VAPID_PUBLIC_KEY: "${VAPID_PUBLIC_KEY}" - SMTP_SERVER: "${SMTP_SERVER}" - SMTP_PORT: "${SMTP_PORT}" - SMTP_LOGIN: "${SMTP_LOGIN}" - SMTP_PASSWORD: "${SMTP_PASSWORD}" - SMTP_FROM_ADDRESS: "${SMTP_FROM_ADDRESS}" - S3_ENABLED: "${S3_ENABLED}" - WEB_DOMAIN: "${WEB_DOMAIN}" - ES_HOST: "${ES_HOST}" - ES_PORT: "${ES_PORT}" - ES_USER: "${ES_USER}" - ES_PASS: "${ES_PASS}" - S3_BUCKET: "${S3_BUCKET}" - AWS_ACCESS_KEY_ID: "${AWS_ACCESS_KEY_ID}" - AWS_SECRET_ACCESS_KEY: "${AWS_SECRET_ACCESS_KEY}" - S3_ALIAS_HOST: "${S3_ALIAS_HOST}" - SIDEKIQ_ONLY: "${SIDEKIQ_ONLY}" - SIDEKIQ_QUEUE: "${SIDEKIQ_QUEUE}" - SIDEKIQ_DEFAULT: "${SIDEKIQ_DEFAULT}" - SIDEKIQ_THREADS: "${SIDEKIQ_THREADS}" - DB_POOL: "${DB_POOL}" - NO_CHOWN: "${NO_CHOWN}" - MASTODON_PROMETHEUS_EXPORTER_ENABLED: "${MASTODON_PROMETHEUS_EXPORTER_ENABLED}" - volumes: - - mastodon:/config" - ports: - - "${PORT_HTTP:-80}:80" - - "${PORT_HTTPS:-443}:443" - - "${PORT_PROMETHEUS:-9394}:9394" + db: + image: postgres:14-alpine restart: unless-stopped + environment: + POSTGRES_DB: mastodon_production + POSTGRES_USER: mastodon + # Komodo must provide DB_PASSWORD in the environment for this service + POSTGRES_PASSWORD: "${DB_PASSWORD}" + volumes: + - db-data:/var/lib/postgresql/data + + redis: + image: redis:6-alpine + restart: unless-stopped + command: ["redis-server", "--appendonly", "yes"] + volumes: + - redis-data:/data + + web: + image: ghcr.io/mastodon/mastodon:latest + depends_on: + - db + - redis + restart: unless-stopped + volumes: + - public-system:/mastodon/public/system + - public-assets:/mastodon/public/assets + - public-packs:/mastodon/public/packs + - mastodon-log:/mastodon/log + ports: + - "3000:3000" + # Komodo must inject all Mastodon env vars below into the container environment. + environment: + - RAILS_ENV=production + - LOCAL_DOMAIN=${LOCAL_DOMAIN} + - LOCAL_HTTPS=${LOCAL_HTTPS} + - PORT=${PORT} + - STREAMING_PORT=${STREAMING_PORT} + - DB_HOST=${DB_HOST} + - DB_PORT=${DB_PORT} + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - DB_PASS=${DB_PASS} + - REDIS_URL=${REDIS_URL} + - SECRET_KEY_BASE=${SECRET_KEY_BASE} + - OTP_SECRET=${OTP_SECRET} + - VAPID_PUBLIC_KEY=${VAPID_PUBLIC_KEY} + - VAPID_PRIVATE_KEY=${VAPID_PRIVATE_KEY} + - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} + - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} + - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} + - SMTP_SERVER=${SMTP_SERVER} + - SMTP_PORT=${SMTP_PORT} + - SMTP_LOGIN=${SMTP_LOGIN} + - SMTP_PASSWORD=${SMTP_PASSWORD} + - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} + - STREAMING_ENABLED=${STREAMING_ENABLED} + - RAILS_SERVE_STATIC_FILES=${RAILS_SERVE_STATIC_FILES} + command: bash -lc "RAILS_ENV=production bundle exec puma -C config/puma.rb" + + sidekiq: + image: ghcr.io/mastodon/mastodon:latest + depends_on: + - db + - redis + restart: unless-stopped + volumes: + - public-system:/mastodon/public/system + - mastodon-log:/mastodon/log + environment: + - RAILS_ENV=production + - LOCAL_DOMAIN=${LOCAL_DOMAIN} + - DB_HOST=${DB_HOST} + - DB_PORT=${DB_PORT} + - DB_NAME=${DB_NAME} + - DB_USER=${DB_USER} + - DB_PASS=${DB_PASS} + - REDIS_URL=${REDIS_URL} + - SECRET_KEY_BASE=${SECRET_KEY_BASE} + - VAPID_PUBLIC_KEY=${VAPID_PUBLIC_KEY} + - VAPID_PRIVATE_KEY=${VAPID_PRIVATE_KEY} + - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} + - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} + - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} + - SMTP_SERVER=${SMTP_SERVER} + - SMTP_PORT=${SMTP_PORT} + - SMTP_LOGIN=${SMTP_LOGIN} + - SMTP_PASSWORD=${SMTP_PASSWORD} + - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} + command: bash -lc "RAILS_ENV=production bundle exec sidekiq" + + streaming: + image: ghcr.io/mastodon/mastodon:latest + depends_on: + - redis + restart: unless-stopped + volumes: + - mastodon-log:/mastodon/log + ports: + - "4000:4000" + environment: + - RAILS_ENV=production + - LOCAL_DOMAIN=${LOCAL_DOMAIN} + - PORT=${STREAMING_PORT} + - REDIS_URL=${REDIS_URL} + - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} + - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} + - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} + - STREAMING_ENABLED=${STREAMING_ENABLED} + command: bash -lc "NODE_ENV=production ./bin/streaming" + volumes: - mastodon: \ No newline at end of file + db-data: + redis-data: + public-system: + public-assets: + public-packs: + mastodon-log: \ No newline at end of file