# Mastodon using Docker named volumes. All runtime env vars are passed through (no env_file). # Komodo / your orchestration should inject the environment variables listed below into each container. services: db: image: postgres:14-alpine restart: unless-stopped environment: POSTGRES_DB: mastodon_production POSTGRES_USER: mastodon # Komodo must provide DB_PASSWORD in the environment for this service POSTGRES_PASSWORD: "${DB_PASSWORD}" volumes: - db-data:/var/lib/postgresql/data redis: image: redis:6-alpine restart: unless-stopped command: ["redis-server", "--appendonly", "yes"] volumes: - redis-data:/data web: image: ghcr.io/mastodon/mastodon:latest depends_on: - db - redis restart: unless-stopped volumes: - public-system:/mastodon/public/system - public-assets:/mastodon/public/assets - public-packs:/mastodon/public/packs - mastodon-log:/mastodon/log ports: - "3000:3000" # Komodo must inject all Mastodon env vars below into the container environment. environment: - RAILS_ENV=production - LOCAL_DOMAIN=${LOCAL_DOMAIN} - LOCAL_HTTPS=${LOCAL_HTTPS} - PORT=${PORT} - STREAMING_PORT=${STREAMING_PORT} - DB_HOST=${DB_HOST} - DB_PORT=${DB_PORT} - DB_NAME=${DB_NAME} - DB_USER=${DB_USER} - DB_PASS=${DB_PASS} - REDIS_URL=${REDIS_URL} - SECRET_KEY_BASE=${SECRET_KEY_BASE} - OTP_SECRET=${OTP_SECRET} - VAPID_PUBLIC_KEY=${VAPID_PUBLIC_KEY} - VAPID_PRIVATE_KEY=${VAPID_PRIVATE_KEY} - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} - SMTP_SERVER=${SMTP_SERVER} - SMTP_PORT=${SMTP_PORT} - SMTP_LOGIN=${SMTP_LOGIN} - SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} - STREAMING_ENABLED=${STREAMING_ENABLED} - RAILS_SERVE_STATIC_FILES=${RAILS_SERVE_STATIC_FILES} command: bash -lc "RAILS_ENV=production bundle exec puma -C config/puma.rb" sidekiq: image: ghcr.io/mastodon/mastodon:latest depends_on: - db - redis restart: unless-stopped volumes: - public-system:/mastodon/public/system - mastodon-log:/mastodon/log environment: - RAILS_ENV=production - LOCAL_DOMAIN=${LOCAL_DOMAIN} - DB_HOST=${DB_HOST} - DB_PORT=${DB_PORT} - DB_NAME=${DB_NAME} - DB_USER=${DB_USER} - DB_PASS=${DB_PASS} - REDIS_URL=${REDIS_URL} - SECRET_KEY_BASE=${SECRET_KEY_BASE} - VAPID_PUBLIC_KEY=${VAPID_PUBLIC_KEY} - VAPID_PRIVATE_KEY=${VAPID_PRIVATE_KEY} - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} - SMTP_SERVER=${SMTP_SERVER} - SMTP_PORT=${SMTP_PORT} - SMTP_LOGIN=${SMTP_LOGIN} - SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_FROM_ADDRESS=${SMTP_FROM_ADDRESS} command: bash -lc "RAILS_ENV=production bundle exec sidekiq" streaming: image: ghcr.io/mastodon/mastodon:latest depends_on: - redis restart: unless-stopped volumes: - mastodon-log:/mastodon/log ports: - "4000:4000" environment: - RAILS_ENV=production - LOCAL_DOMAIN=${LOCAL_DOMAIN} - PORT=${STREAMING_PORT} - REDIS_URL=${REDIS_URL} - ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=${ACTIVERECORD_ENCRYPTION_PRIMARY_KEY} - ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=${ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY} - ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=${ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT} - STREAMING_ENABLED=${STREAMING_ENABLED} command: bash -lc "NODE_ENV=production ./bin/streaming" volumes: db-data: redis-data: public-system: public-assets: public-packs: mastodon-log: