forked from fedi/mastodon
ddd0bb69e1
If Mastodon accesses to the hidden service via transparent proxy, it's needed to avoid checking whether it's a private address, since `.onion` is resolved to a private address. I was previously using the `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` to provide that function. However, I realized that using `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` is redundant, since this specification is always used with `ALLOW_ACCESS_TO_HIDDEN_SERVICE`. Therefore, I decided to integrate the setting of `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into` ALLOW_ACCESS_TO_HIDDEN_SERVICE`.
104 lines
2.5 KiB
YAML
104 lines
2.5 KiB
YAML
version: '3'
|
|
services:
|
|
|
|
db:
|
|
restart: always
|
|
image: postgres:9.6-alpine
|
|
networks:
|
|
- internal_network
|
|
### Uncomment to enable DB persistance
|
|
# volumes:
|
|
# - ./postgres:/var/lib/postgresql/data
|
|
|
|
redis:
|
|
restart: always
|
|
image: redis:4.0-alpine
|
|
networks:
|
|
- internal_network
|
|
### Uncomment to enable REDIS persistance
|
|
# volumes:
|
|
# - ./redis:/data
|
|
|
|
# es:
|
|
# restart: always
|
|
# image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.1.3
|
|
# environment:
|
|
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
|
# networks:
|
|
# - internal_network
|
|
#### Uncomment to enable ES persistance
|
|
## volumes:
|
|
## - ./elasticsearch:/usr/share/elasticsearch/data
|
|
|
|
web:
|
|
build: .
|
|
image: tootsuite/mastodon
|
|
restart: always
|
|
env_file: .env.production
|
|
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000 -b '0.0.0.0'"
|
|
networks:
|
|
- external_network
|
|
- internal_network
|
|
ports:
|
|
- "127.0.0.1:3000:3000"
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
# - es
|
|
volumes:
|
|
- ./public/assets:/mastodon/public/assets
|
|
- ./public/packs:/mastodon/public/packs
|
|
- ./public/system:/mastodon/public/system
|
|
|
|
streaming:
|
|
build: .
|
|
image: tootsuite/mastodon
|
|
restart: always
|
|
env_file: .env.production
|
|
command: yarn start
|
|
networks:
|
|
- external_network
|
|
- internal_network
|
|
ports:
|
|
- "127.0.0.1:4000:4000"
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
|
|
sidekiq:
|
|
build: .
|
|
image: tootsuite/mastodon
|
|
restart: always
|
|
env_file: .env.production
|
|
command: bundle exec sidekiq -q default -q mailers -q pull -q push
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
networks:
|
|
- external_network
|
|
- internal_network
|
|
volumes:
|
|
- ./public/packs:/mastodon/public/packs
|
|
- ./public/system:/mastodon/public/system
|
|
## Uncomment to enable federation with tor instances along with adding the following ENV variables
|
|
## http_proxy=http://privoxy:8118
|
|
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
|
|
# tor:
|
|
# build: https://github.com/usbsnowcrash/docker-tor.git
|
|
# networks:
|
|
# - external_network
|
|
# - internal_network
|
|
#
|
|
# privoxy:
|
|
# build: https://github.com/usbsnowcrash/docker-privoxy.git
|
|
# command: /opt/sbin/privoxy --no-daemon --user privoxy.privoxy /opt/config
|
|
# volumes:
|
|
# - ./priv-config:/opt/config
|
|
# networks:
|
|
# - external_network
|
|
# - internal_network
|
|
|
|
networks:
|
|
external_network:
|
|
internal_network:
|
|
internal: true
|