boxfile.yml 8.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280
  1. run.config:
  2. engine: ruby
  3. engine.config:
  4. runtime: ruby-2.5
  5. extra_packages:
  6. # basic servers:
  7. - nginx
  8. - nodejs
  9. # for images:
  10. - ImageMagick
  11. - jemalloc
  12. # for videos:
  13. - ffmpeg3
  14. # to prep the .env file:
  15. - gettext-tools
  16. # for node-gyp, used in the asset compilation process:
  17. - python-2
  18. # i18n:
  19. - libidn
  20. cache_dirs:
  21. - node_modules
  22. extra_path_dirs:
  23. - node_modules/.bin
  24. build_triggers:
  25. - .ruby-version
  26. - Gemfile
  27. - Gemfile.lock
  28. - package.json
  29. - yarn.lock
  30. extra_steps:
  31. - cp .env.nanobox .env
  32. - yarn
  33. fs_watch: true
  34. deploy.config:
  35. extra_steps:
  36. - NODE_ENV=production bundle exec rake assets:precompile
  37. transform:
  38. - "envsubst < /app/.env.nanobox > /app/.env.production"
  39. - |-
  40. if [ -z "$LOCAL_DOMAIN" ]
  41. then
  42. . /app/.env.production
  43. export LOCAL_DOMAIN
  44. fi
  45. erb /app/nanobox/nginx-web.conf.erb > /app/nanobox/nginx-web.conf
  46. erb /app/nanobox/nginx-stream.conf.erb > /app/nanobox/nginx-stream.conf
  47. - touch /app/log/production.log
  48. before_live:
  49. web.web:
  50. - bundle exec rake db:migrate:setup
  51. - |-
  52. if [[ "${ES_ENABLED}" != "false" ]]
  53. then
  54. bundle exec rake chewy:deploy
  55. fi
  56. web.web:
  57. start:
  58. nginx: nginx -c /app/nanobox/nginx-web.conf
  59. rails: bundle exec puma -C /app/config/puma.rb
  60. routes:
  61. - '/'
  62. writable_dirs:
  63. - tmp
  64. log_watch:
  65. rails: 'log/production.log'
  66. network_dirs:
  67. data.storage:
  68. - public/system
  69. web.stream:
  70. start:
  71. nginx: nginx -c /app/nanobox/nginx-stream.conf
  72. node: yarn run start
  73. routes:
  74. - '/api/v1/streaming*'
  75. # Somehow we're getting requests for scheme://domain//api/v1/streaming* - match those, too
  76. - '//api/v1/streaming*'
  77. writable_dirs:
  78. - tmp
  79. worker.sidekiq:
  80. start:
  81. default: bundle exec sidekiq -c 5 -q default -L /app/log/sidekiq.log
  82. mailers: bundle exec sidekiq -c 5 -q mailers -L /app/log/sidekiq.log
  83. pull: bundle exec sidekiq -c 5 -q pull -L /app/log/sidekiq.log
  84. push: bundle exec sidekiq -c 5 -q push -L /app/log/sidekiq.log
  85. writable_dirs:
  86. - tmp
  87. log_watch:
  88. rails: 'log/production.log'
  89. sidekiq: 'log/sidekiq.log'
  90. network_dirs:
  91. data.storage:
  92. - public/system
  93. worker.cron_only:
  94. start: sleep 365d
  95. writable_dirs:
  96. - tmp
  97. log_watch:
  98. rake: 'log/production.log'
  99. network_dirs:
  100. data.storage:
  101. - public/system
  102. cron:
  103. # 20:00 (8 pm), server time: send out the daily digest emails to everyone
  104. # who opted to receive one
  105. - id: send_digest_emails
  106. schedule: '00 20 * * *'
  107. command: 'bundle exec rake mastodon:emails:digest'
  108. # 00:10 (ten past midnight), server time: remove local copies of remote
  109. # users' media once they are older than a certain age (use NUM_DAYS evar to
  110. # change this from the default of 7 days)
  111. - id: clear_remote_media
  112. schedule: '10 00 * * *'
  113. command: 'bundle exec rake mastodon:media:remove_remote'
  114. # 00:20 (twenty past midnight), server time: remove subscriptions to remote
  115. # users that nobody follows locally (anymore)
  116. - id: clear_unfollowed_subs
  117. schedule: '20 00 * * *'
  118. command: 'bundle exec rake mastodon:push:clear'
  119. # 00:30 (half past midnight), server time: update local copies of remote
  120. # users' avatars to match whatever they currently have set on their profile
  121. - id: update_remote_avatars
  122. schedule: '30 00 * * *'
  123. command: 'bundle exec rake mastodon:media:redownload_avatars'
  124. ############################################################################
  125. # This task is one you might want to enable, or might not. It keeps disk
  126. # usage low, but makes "shadow bans" (scenarios where the user is silenced,
  127. # but not intended to be made aware that the silencing has occurred) much
  128. # more difficult to put in place, as users would then notice their media is
  129. # vanishing on a regular basis. Enable it if you aren't worried about users
  130. # knowing they've been silenced (on the instance level), and want to save
  131. # disk space. Leave it disabled otherwise.
  132. ############################################################################
  133. # # 00:00 (midnight), server time: remove media posted by silenced users
  134. # - id: clear_silenced_media
  135. # schedule: '00 00 * * *'
  136. # command: 'bundle exec rake mastodon:media:remove_silenced'
  137. ############################################################################
  138. # The following two tasks can be uncommented to automatically open and close
  139. # registrations on a schedule. The format of 'schedule' is a standard cron
  140. # time expression: minute hour day month day-of-week; search for "cron
  141. # time expressions" for more info on how to set these up. The examples here
  142. # open registration only from 8 am to 4 pm, server time.
  143. ############################################################################
  144. # # 08:00 (8 am), server time: open registrations so new users can join
  145. # - id: open_registrations
  146. # schedule: '00 08 * * *'
  147. # command: 'bundle exec rake mastodon:settings:open_registrations'
  148. #
  149. # # 16:00 (4 pm), server time: close registrations so new users *can't* join
  150. # - id: close_registrations
  151. # schedule: '00 16 * * *'
  152. # command: 'bundle exec rake mastodon:settings:close_registrations'
  153. data.db:
  154. image: nanobox/postgresql:9.6
  155. cron:
  156. - id: backup
  157. schedule: '0 3 * * *'
  158. command: |
  159. PGPASSWORD=${DATA_DB_PASS} pg_dump -U ${DATA_DB_USER} -w -Fc -O gonano |
  160. gzip |
  161. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/backup-${HOSTNAME}-$(date -u +%Y-%m-%d.%H-%M-%S).sql.gz -X POST -T - >&2
  162. curl -k -s -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/ |
  163. sed 's/,/\n/g' |
  164. grep ${HOSTNAME} |
  165. sort |
  166. head -n-${BACKUP_COUNT:-1} |
  167. sed 's/.*: \?"\(.*\)".*/\1/' |
  168. while read file
  169. do
  170. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
  171. done
  172. data.elastic:
  173. image: nanobox/elasticsearch:5
  174. cron:
  175. - id: backup
  176. schedule: '0 3 * * *'
  177. command: |
  178. id=$(cat /proc/sys/kernel/random/uuid)
  179. curl -X PUT -H "Content-Type: application/json" "127.0.0.1:9200/_snapshot/${id}" -d "{\"type\": \"fs\",\"settings\": {\"location\": \"/var/tmp/${id}\",\"compress\": true}}"
  180. curl -X PUT -H "Content-Type: application/json" "127.0.0.1:9200/_snapshot/${id}/backup?wait_for_completion=true&pretty"
  181. tar -cz -C "/var/tmp/${id}" . |
  182. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/backup-${HOSTNAME}-$(date -u +%Y-%m-%d.%H-%M-%S).tgz -X POST -T - >&2
  183. curl -X DELETE -H "Content-Type: application/json" "127.0.0.1:9200/_snapshot/${id}"
  184. rm -rf "/var/tmp/${id}"
  185. curl -k -s -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/ |
  186. sed 's/,/\n/g' |
  187. grep ${HOSTNAME} |
  188. sort |
  189. head -n-${BACKUP_COUNT:-1} |
  190. sed 's/.*: \?"\(.*\)".*/\1/' |
  191. while read file
  192. do
  193. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
  194. done
  195. data.redis:
  196. image: nanobox/redis:4.0
  197. cron:
  198. - id: backup
  199. schedule: '0 3 * * *'
  200. command: |
  201. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/backup-${HOSTNAME}-$(date -u +%Y-%m-%d.%H-%M-%S).rdb -X POST -T /data/var/db/redis/dump.rdb >&2
  202. curl -k -s -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/ |
  203. sed 's/,/\n/g' |
  204. grep ${HOSTNAME} |
  205. sort |
  206. head -n-${BACKUP_COUNT:-1} |
  207. sed 's/.*: \?"\(.*\)".*/\1/' |
  208. while read file
  209. do
  210. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
  211. done
  212. data.storage:
  213. image: nanobox/unfs:0.9
  214. cron:
  215. - id: backup
  216. schedule: '0 3 * * *'
  217. command: |
  218. tar cz -C /data/var/db/unfs/ . |
  219. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/backup-${HOSTNAME}-$(date -u +%Y-%m-%d.%H-%M-%S).tgz -X POST -T - >&2
  220. curl -k -s -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/ |
  221. sed 's/,/\n/g' |
  222. grep ${HOSTNAME} |
  223. sort |
  224. head -n-${BACKUP_COUNT:-1} |
  225. sed 's/.*: \?"\(.*\)".*/\1/' |
  226. while read file
  227. do
  228. curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
  229. done