Mastodon updates, more docs #10
|
@ -1,7 +1,7 @@
|
|||
# pub.solar mastodon
|
||||
https://mastodon.pub.solar
|
||||
|
||||
### Upgrading
|
||||
### Upgrading Mastodon
|
||||
This section assumes you edited `docker-compose.yml` and bumped the mastodon docker
|
||||
image version tag
|
||||
```
|
||||
|
@ -53,6 +53,45 @@ docker rm \
|
|||
blue-mastodon_sidekiq_($current_container_index - 1)
|
||||
```
|
||||
|
||||
### Upgrading Caddy
|
||||
```
|
||||
mkdir -p certificates/acme-v02.api.letsencrypt.org-directory
|
||||
docker cp --archive blue-mastodon_caddy_2:/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/files.pub.solar ./certificates/acme-v02.api.letsencrypt.org-directory/
|
||||
docker cp --archive blue-mastodon_caddy_2:/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/mastodon.pub.solar ./certificates/acme-v02.api.letsencrypt.org-directory/
|
||||
|
||||
docker-compose --project-name blue-mastodon up \
|
||||
--scale caddy=2 \
|
||||
--no-recreate \
|
||||
--no-start
|
||||
|
||||
docker cp --archive ./backups/certificates blue-mastodon_caddy_3:/data/caddy/certificates
|
||||
docker start blue-mastodon_caddy_3
|
||||
|
||||
# Stop old caddy container
|
||||
docker stop blue-mastodon_caddy_2
|
||||
|
||||
# Verify everything works fine, then remove the old caddy container
|
||||
docker rm blue-mastodon_caddy_2
|
||||
```
|
||||
|
||||
### Upgrading Elasticsearch
|
||||
Look for new releases on https://www.elastic.co/guide/en/elasticsearch/reference/7.17/es-release-notes.html
|
||||
and edit the docker image tag accordingly.
|
||||
```
|
||||
docker-compose --project-name blue-mastodon up \
|
||||
--scale elasticsearch=2 \
|
||||
--no-recreate \
|
||||
|
||||
# Stop old elasticsearch container
|
||||
docker stop blue-mastodon_elasticsearch_2
|
||||
|
||||
docker exec -it blue-mastodon_web_15 bash
|
||||
tootctl search deploy
|
||||
|
||||
# Verify everything works fine, then remove the old caddy container
|
||||
docker rm blue-mastodon_elasticsearch_2
|
||||
```
|
||||
|
||||
Todos:
|
||||
- implement automatic backups, they are only done manually during upgrades at the moment
|
||||
- switch proxy from nginx-dehydrated to caddy - done
|
||||
|
|
|
@ -28,7 +28,7 @@ services:
|
|||
# - triton.cns.services=mastodon-proxy
|
||||
|
||||
caddy:
|
||||
image: caddy:2.5.1
|
||||
image: caddy:2.6.4
|
||||
mem_limit: 256m
|
||||
restart: always
|
||||
environment:
|
||||
|
@ -44,12 +44,16 @@ services:
|
|||
labels:
|
||||
- triton.cns.services=mastodon-proxy
|
||||
entrypoint: /bin/sh
|
||||
command: >-
|
||||
-c 'echo "
|
||||
command:
|
||||
- -c
|
||||
- >-
|
||||
echo "
|
||||
{
|
||||
email admins@pub.solar
|
||||
servers {
|
||||
protocols h1 h2
|
||||
}
|
||||
}
|
||||
|
||||
$$SITE_DOMAIN {
|
||||
@streaming {
|
||||
path /api/v1/streaming/*
|
||||
|
@ -77,23 +81,21 @@ services:
|
|||
handle_errors {
|
||||
rewrite 500.html
|
||||
}
|
||||
|
||||
encode zstd gzip
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000"
|
||||
# clickjacking protection
|
||||
X-Frame-Options DENY
|
||||
}
|
||||
header /sw.js Cache-Control "public, max-age=0"
|
||||
header @cache_control Cache-Control "public, max-age=31536000, immutable"
|
||||
}
|
||||
|
||||
files.pub.solar {
|
||||
handle {
|
||||
rewrite * /s/jw24ad6l4a6zxsnd32cmf5hp5nsq/pub-solar-mastodon{uri}?download
|
||||
reverse_proxy {
|
||||
# backends / upstreams
|
||||
to https://link.tardigradeshare.io
|
||||
|
||||
# header manipulation
|
||||
# proxy to an HTTPS endpoint
|
||||
header_up Host {upstream_hostport}
|
||||
|
@ -101,7 +103,6 @@ services:
|
|||
header_up Connection ""
|
||||
header_up Authorization ""
|
||||
# remove these header from the backends response
|
||||
header_down -content-disposition
|
||||
header_down -Set-Cookie
|
||||
header_down -Access-Control-Allow-Origin
|
||||
header_down -Access-Control-Allow-Methods
|
||||
|
@ -115,14 +116,14 @@ services:
|
|||
# add these header to the backends response
|
||||
# cache client side for 7 days
|
||||
header_down Cache-Control "public, max-age=604800"
|
||||
header_down Access-Control-Allow-Origin "*"
|
||||
header_down X-Content-Type-Options "nosniff"
|
||||
}
|
||||
}
|
||||
handle_errors {
|
||||
rewrite 500.html
|
||||
}
|
||||
}
|
||||
" | caddy run --adapter caddyfile --config -'
|
||||
|
||||
}" | caddy run --adapter caddyfile --config -
|
||||
|
||||
# using SmartOS native zone mastodon-redis, lx-brand redis crashes regularly,
|
||||
# upstream bug: https://github.com/redis/redis/issues/8861
|
||||
|
@ -135,7 +136,7 @@ services:
|
|||
# - triton.cns.services=mastodon-redis
|
||||
|
||||
web:
|
||||
image: tootsuite/mastodon:v4.1.2
|
||||
image: tootsuite/mastodon:v4.1.4
|
||||
mem_limit: 1g
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
|
@ -148,7 +149,7 @@ services:
|
|||
- triton.cns.services=mastodon-web
|
||||
|
||||
streaming:
|
||||
image: tootsuite/mastodon:v4.1.2
|
||||
image: tootsuite/mastodon:v4.1.4
|
||||
mem_limit: 1g
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
|
@ -161,7 +162,7 @@ services:
|
|||
- triton.cns.services=mastodon-streaming
|
||||
|
||||
sidekiq:
|
||||
image: tootsuite/mastodon:v4.1.2
|
||||
image: tootsuite/mastodon:v4.1.4
|
||||
mem_limit: 1g
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
|
@ -171,7 +172,7 @@ services:
|
|||
- triton.cns.services=mastodon-sidekiq
|
||||
|
||||
elasticsearch:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.9
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.11
|
||||
mem_limit: 512m
|
||||
restart: always
|
||||
environment:
|
||||
|
|
Loading…
Reference in a new issue