UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-11-23 15:01:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

many small fixes and improvements

Browse source
This commit is contained in:
Christian Winther 2024-02-10 20:03:04 +00:00
parent d8e1caec53
commit bc66b6da18
12 changed files with 723 additions and 678 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.editorconfig
View file

@ -17,11 +17,11 @@ indent_style = space
indent_size = 4 indent_size = 4
# ShellCheck config # ShellCheck config
shell_variant = bash shell_variant = bash # like -ln=bash
binary_next_line = true binary_next_line = true # like -bn
case-indent = true switch_case_indent = true # like -ci
switch_case_indent = true space_redirects = false # like -sr
space_redirects = true keep_padding = false # like -kp
function_next_line = true function_next_line = true # like -fn
never_split = true # like -ns
simplify = true simplify = true
space-redirects = true

1132
.env.docker
View file

File diff suppressed because it is too large Load diff

80
.env.example
View file

@ -1,80 +0,0 @@
# shellcheck disable=SC2034,SC2148
APP_NAME="Pixelfed"
APP_ENV="production"
APP_KEY=
APP_DEBUG="false"
# Instance Configuration
OPEN_REGISTRATION="false"
ENFORCE_EMAIL_VERIFICATION="false"
PF_MAX_USERS="1000"
OAUTH_ENABLED="true"
# Media Configuration
PF_OPTIMIZE_IMAGES="true"
IMAGE_QUALITY="80"
MAX_PHOTO_SIZE="15000"
MAX_CAPTION_LENGTH="500"
MAX_ALBUM_LENGTH="4"
# Instance URL Configuration
APP_URL="http://localhost"
APP_DOMAIN="localhost"
ADMIN_DOMAIN="localhost"
SESSION_DOMAIN="localhost"
TRUST_PROXIES="*"
# Database Configuration
DB_CONNECTION="mysql"
DB_HOST="127.0.0.1"
DB_PORT="3306"
DB_DATABASE="pixelfed"
DB_USERNAME="pixelfed"
DB_PASSWORD="pixelfed"
# Redis Configuration
REDIS_CLIENT="predis"
REDIS_SCHEME="tcp"
REDIS_HOST="127.0.0.1"
REDIS_PASSWORD="null"
REDIS_PORT="6379"
# Laravel Configuration
SESSION_DRIVER="database"
CACHE_DRIVER="redis"
QUEUE_DRIVER="redis"
BROADCAST_DRIVER="log"
LOG_CHANNEL="stack"
HORIZON_PREFIX="horizon-"
# ActivityPub Configuration
ACTIVITY_PUB="false"
AP_REMOTE_FOLLOW="false"
AP_INBOX="false"
AP_OUTBOX="false"
AP_SHAREDINBOX="false"
# Experimental Configuration
EXP_EMC="true"
## Mail Configuration (Post-Installer)
MAIL_DRIVER=log
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="pixelfed@example.com"
MAIL_FROM_NAME="Pixelfed"
## S3 Configuration (Post-Installer)
PF_ENABLE_CLOUD=false
FILESYSTEM_CLOUD=s3
#AWS_ACCESS_KEY_ID=
#AWS_SECRET_ACCESS_KEY=
#AWS_DEFAULT_REGION=
#AWS_BUCKET=<BucketName>
#AWS_URL=
#AWS_ENDPOINT=
#AWS_USE_PATH_STYLE_ENDPOINT=false

14
.vscode/settings.json vendored
View file

@ -1,5 +1,19 @@
{ {
"shellformat.useEditorConfig": true, "shellformat.useEditorConfig": true,
"[shellscript]": {
"files.eol": "\n",
"editor.defaultFormatter": "foxundermoon.shell-format"
},
"[yaml]": {
"editor.defaultFormatter": "redhat.vscode-yaml"
},
"[dockercompose]": {
"editor.defaultFormatter": "redhat.vscode-yaml",
"editor.autoIndent": "advanced",
},
"yaml.schemas": {
"https://json.schemastore.org/composer": "https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json"
},
"files.associations": { "files.associations": {
".env": "shellscript", ".env": "shellscript",
".env.*": "shellscript" ".env.*": "shellscript"

16
Dockerfile
View file

@ -20,10 +20,8 @@ ARG FOREGO_VERSION="0.17.2"
# See: https://github.com/hairyhenderson/gomplate # See: https://github.com/hairyhenderson/gomplate
ARG GOMPLATE_VERSION="v3.11.6" ARG GOMPLATE_VERSION="v3.11.6"
# See: https://github.com/dotenv-linter/dotenv-linter # See: https://github.com/jippi/dottie
# ARG DOTTIE_VERSION="v0.6.5"
# WARN: v3.3.0 and above requires newer libc version than Ubuntu ships with
ARG DOTENV_LINTER_VERSION="v3.2.0"
### ###
# PHP base configuration # PHP base configuration
@ -88,6 +86,13 @@ FROM nginx:${NGINX_VERSION} AS nginx-image
# See: https://github.com/nginx-proxy/forego # See: https://github.com/nginx-proxy/forego
FROM nginxproxy/forego:${FOREGO_VERSION}-debian AS forego-image FROM nginxproxy/forego:${FOREGO_VERSION}-debian AS forego-image
# Dottie makes working with .env files easier and safer
#
# NOTE: Docker will *not* pull this image unless it's referenced (via build target)
#
# See: https://github.com/jippi/dottie
FROM ghcr.io/jippi/dottie:${DOTTIE_VERSION} AS dottie-image
# gomplate-image grabs the gomplate binary from GitHub releases # gomplate-image grabs the gomplate binary from GitHub releases
# #
# It's in its own layer so it can be fetched in parallel with other build steps # It's in its own layer so it can be fetched in parallel with other build steps
@ -116,7 +121,6 @@ FROM php:${PHP_VERSION}-${PHP_BASE_TYPE}-${PHP_DEBIAN_RELEASE} AS base
ARG BUILDKIT_SBOM_SCAN_STAGE="true" ARG BUILDKIT_SBOM_SCAN_STAGE="true"
ARG APT_PACKAGES_EXTRA ARG APT_PACKAGES_EXTRA
ARG DOTENV_LINTER_VERSION
ARG PHP_DEBIAN_RELEASE ARG PHP_DEBIAN_RELEASE
ARG PHP_VERSION ARG PHP_VERSION
ARG RUNTIME_GID ARG RUNTIME_GID
@ -135,7 +139,6 @@ RUN set -ex \
WORKDIR /var/www/ WORKDIR /var/www/
ENV APT_PACKAGES_EXTRA=${APT_PACKAGES_EXTRA} ENV APT_PACKAGES_EXTRA=${APT_PACKAGES_EXTRA}
ENV DOTENV_LINTER_VERSION="${DOTENV_LINTER_VERSION}"
# Install and configure base layer # Install and configure base layer
COPY docker/shared/root/docker/install/base.sh /docker/install/base.sh COPY docker/shared/root/docker/install/base.sh /docker/install/base.sh
@ -226,6 +229,7 @@ ENV RUNTIME_UID=${RUNTIME_UID}
ENV RUNTIME_GID=${RUNTIME_GID} ENV RUNTIME_GID=${RUNTIME_GID}
COPY --link --from=forego-image /usr/local/bin/forego /usr/local/bin/forego COPY --link --from=forego-image /usr/local/bin/forego /usr/local/bin/forego
COPY --link --from=dottie-image /dottie /usr/local/bin/dottie
COPY --link --from=gomplate-image /usr/local/bin/gomplate /usr/local/bin/gomplate COPY --link --from=gomplate-image /usr/local/bin/gomplate /usr/local/bin/gomplate
COPY --link --from=composer-image /usr/bin/composer /usr/bin/composer COPY --link --from=composer-image /usr/bin/composer /usr/bin/composer
COPY --link --from=composer-and-src --chown=${RUNTIME_UID}:${RUNTIME_GID} /var/www /var/www COPY --link --from=composer-and-src --chown=${RUNTIME_UID}:${RUNTIME_GID} /var/www /var/www

60
docker-compose.yml
View file

@ -1,5 +1,6 @@
--- ---
version: "3" # Require 3.8 to ensure people use a recent version of Docker + Compose
version: "3.8"
############################################################### ###############################################################
# Please see docker/README.md for usage information # Please see docker/README.md for usage information
@ -53,7 +54,7 @@ services:
- ${DOCKER_PROXY_ACME_PROFILE:-} - ${DOCKER_PROXY_ACME_PROFILE:-}
environment: environment:
DEBUG: 0 DEBUG: 0
DEFAULT_EMAIL: "${LETSENCRYPT_EMAIL}" DEFAULT_EMAIL: "${DOCKER_PROXY_LETSENCRYPT_EMAIL:?error}"
NGINX_PROXY_CONTAINER: "${DOCKER_ALL_CONTAINER_NAME_PREFIX}-proxy" NGINX_PROXY_CONTAINER: "${DOCKER_ALL_CONTAINER_NAME_PREFIX}-proxy"
depends_on: depends_on:
- proxy - proxy
@ -74,21 +75,21 @@ services:
build: build:
target: ${DOCKER_APP_RUNTIME}-runtime target: ${DOCKER_APP_RUNTIME}-runtime
args: args:
PHP_VERSION: "${DOCKER_APP_PHP_VERSION}" APT_PACKAGES_EXTRA: "${DOCKER_APP_APT_PACKAGES_EXTRA:-}"
PHP_BASE_TYPE: "${DOCKER_APP_BASE_TYPE}" PHP_BASE_TYPE: "${DOCKER_APP_BASE_TYPE}"
PHP_DEBIAN_RELEASE: "${DOCKER_APP_DEBIAN_RELEASE}" PHP_DEBIAN_RELEASE: "${DOCKER_APP_DEBIAN_RELEASE}"
APT_PACKAGES_EXTRA: "${DOCKER_APP_APT_PACKAGES_EXTRA:-}"
PHP_PECL_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_PECL_EXTENSIONS_EXTRA:-}"
PHP_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_EXTENSIONS_EXTRA:-}" PHP_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_EXTENSIONS_EXTRA:-}"
PHP_PECL_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_PECL_EXTENSIONS_EXTRA:-}"
PHP_VERSION: "${DOCKER_APP_PHP_VERSION:?error}"
volumes: volumes:
- "./.env:/var/www/.env" - "./.env:/var/www/.env"
- "${DOCKER_APP_HOST_CACHE_PATH}:/var/www/bootstrap/cache" - "${DOCKER_APP_HOST_CACHE_PATH}:/var/www/bootstrap/cache"
- "${DOCKER_APP_HOST_STORAGE_PATH}:/var/www/storage" - "${DOCKER_APP_HOST_STORAGE_PATH}:/var/www/storage"
- "${DOCKER_APP_HOST_OVERRIDES_PATH}:/docker/overrides:ro" - "${DOCKER_APP_HOST_OVERRIDES_PATH}:/docker/overrides:ro"
environment: environment:
LETSENCRYPT_HOST: "${LETSENCRYPT_HOST}" LETSENCRYPT_HOST: "${DOCKER_PROXY_LETSENCRYPT_HOST:?error}"
LETSENCRYPT_EMAIL: "${LETSENCRYPT_EMAIL}" LETSENCRYPT_EMAIL: "${DOCKER_PROXY_LETSENCRYPT_EMAIL:?error}"
LETSENCRYPT_TEST: "${LETSENCRYPT_TEST:-}" LETSENCRYPT_TEST: "${DOCKER_PROXY_LETSENCRYPT_TEST:-}"
VIRTUAL_HOST: "${APP_DOMAIN}" VIRTUAL_HOST: "${APP_DOMAIN}"
VIRTUAL_PORT: "80" VIRTUAL_PORT: "80"
labels: labels:
@ -117,12 +118,12 @@ services:
build: build:
target: ${DOCKER_APP_RUNTIME}-runtime target: ${DOCKER_APP_RUNTIME}-runtime
args: args:
PHP_VERSION: "${DOCKER_APP_PHP_VERSION}" APT_PACKAGES_EXTRA: "${DOCKER_APP_APT_PACKAGES_EXTRA:-}"
PHP_BASE_TYPE: "${DOCKER_APP_BASE_TYPE}" PHP_BASE_TYPE: "${DOCKER_APP_BASE_TYPE}"
PHP_DEBIAN_RELEASE: "${DOCKER_APP_DEBIAN_RELEASE}" PHP_DEBIAN_RELEASE: "${DOCKER_APP_DEBIAN_RELEASE}"
APT_PACKAGES_EXTRA: "${DOCKER_APP_APT_PACKAGES_EXTRA:-}"
PHP_PECL_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_PECL_EXTENSIONS_EXTRA:-}"
PHP_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_EXTENSIONS_EXTRA:-}" PHP_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_EXTENSIONS_EXTRA:-}"
PHP_PECL_EXTENSIONS_EXTRA: "${DOCKER_APP_PHP_PECL_EXTENSIONS_EXTRA:-}"
PHP_VERSION: "${DOCKER_APP_PHP_VERSION:?error}"
volumes: volumes:
- "./.env:/var/www/.env" - "./.env:/var/www/.env"
- "${DOCKER_APP_HOST_CACHE_PATH}:/var/www/bootstrap/cache" - "${DOCKER_APP_HOST_CACHE_PATH}:/var/www/bootstrap/cache"
@ -133,23 +134,37 @@ services:
- redis - redis
healthcheck: healthcheck:
test: gosu www-data php artisan horizon:status | grep running test: gosu www-data php artisan horizon:status | grep running
interval: "${DOCKER_WORKER_HEALTHCHECK_INTERVAL}" interval: "${DOCKER_WORKER_HEALTHCHECK_INTERVAL:?error}"
timeout: 5s timeout: 5s
retries: 2 retries: 2
db: db:
image: mariadb:${DB_VERSION} image: ${DOCKER_DB_IMAGE:?error}
container_name: "${DOCKER_ALL_CONTAINER_NAME_PREFIX}-db" container_name: "${DOCKER_ALL_CONTAINER_NAME_PREFIX}-db"
command: --default-authentication-plugin=mysql_native_password command: ${DOCKER_DB_COMMAND:-}
restart: unless-stopped restart: unless-stopped
profiles: profiles:
- ${DOCKER_DB_PROFILE:-} - ${DOCKER_DB_PROFILE:-}
env_file: environment:
- ".env" TZ: "${TZ:?error}"
# MySQL (Oracle) - "Environment Variables" at https://hub.docker.com/_/mysql
MYSQL_ROOT_PASSWORD: "${DB_PASSWORD:?error}"
MYSQL_USER: "${DB_USERNAME:?error}"
MYSQL_PASSWORD: "${DB_PASSWORD:?error}"
MYSQL_DATABASE: "${DB_DATABASE:?error}"
# MySQL (MariaDB) - "Start a mariadb server instance with user, password and database" at https://hub.docker.com/_/mariadb
MARIADB_ROOT_PASSWORD: "${DB_PASSWORD:?error}"
MARIADB_USER: "${DB_USERNAME:?error}"
MARIADB_PASSWORD: "${DB_PASSWORD:?error}"
MARIADB_DATABASE: "${DB_DATABASE:?error}"
# PostgreSQL - "Environment Variables" at https://hub.docker.com/_/postgres
POSTGRES_USER: "${DB_USERNAME:?error}"
POSTGRES_PASSWORD: "${DB_PASSWORD:?error}"
POSTGRES_DB: "${DB_DATABASE:?error}"
volumes: volumes:
- "${DOCKER_DB_HOST_DATA_PATH}:/var/lib/mysql" - "${DOCKER_DB_HOST_DATA_PATH:?error}:${DOCKER_DB_CONTAINER_DATA_PATH:?error}"
ports: ports:
- "${DOCKER_DB_HOST_PORT}:3306" - "${DOCKER_DB_HOST_PORT:?error}:${DOCKER_DB_CONTAINER_PORT:?error}"
healthcheck: healthcheck:
test: test:
[ [
@ -159,7 +174,7 @@ services:
"--connect", "--connect",
"--innodb_initialized", "--innodb_initialized",
] ]
interval: "${DOCKER_DB_HEALTHCHECK_INTERVAL}" interval: "${DOCKER_DB_HEALTHCHECK_INTERVAL:?error}"
retries: 2 retries: 2
timeout: 5s timeout: 5s
@ -169,9 +184,8 @@ services:
restart: unless-stopped restart: unless-stopped
command: "${DOCKER_REDIS_CONFIG_FILE:-} --requirepass '${REDIS_PASSWORD:-}'" command: "${DOCKER_REDIS_CONFIG_FILE:-} --requirepass '${REDIS_PASSWORD:-}'"
environment: environment:
- REDISCLI_AUTH=${REDIS_PASSWORD:-} TZ: "${TZ:?error}"
env_file: REDISCLI_AUTH: ${REDIS_PASSWORD:-}
- ".env"
volumes: volumes:
- "${DOCKER_ALL_HOST_CONFIG_ROOT_PATH}/redis:/etc/redis" - "${DOCKER_ALL_HOST_CONFIG_ROOT_PATH}/redis:/etc/redis"
- "${DOCKER_REDIS_HOST_DATA_PATH}:/data" - "${DOCKER_REDIS_HOST_DATA_PATH}:/data"
@ -179,6 +193,6 @@ services:
- "${DOCKER_REDIS_HOST_PORT}:6379" - "${DOCKER_REDIS_HOST_PORT}:6379"
healthcheck: healthcheck:
test: ["CMD", "redis-cli", "-p", "6379", "ping"] test: ["CMD", "redis-cli", "-p", "6379", "ping"]
interval: "${DOCKER_REDIS_HEALTHCHECK_INTERVAL}" interval: "${DOCKER_REDIS_HEALTHCHECK_INTERVAL:?error}"
retries: 2 retries: 2
timeout: 5s timeout: 5s

41
docker/nginx/root/docker/templates/etc/nginx/nginx.conf Normal file
View file

@ -0,0 +1,41 @@
# This is changed from the original "nginx" in upstream to work properly
# with permissions within pixelfed when serving static files.
user www-data;
worker_processes auto;
# Ensure the PID is writable
# Lifted from: https://hub.docker.com/r/nginxinc/nginx-unprivileged
pid /tmp/nginx.pid;
# Write error log to stderr (/proc/self/fd/2 -> /dev/stderr)
error_log /proc/self/fd/2 notice;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
# Write error log to stdout (/proc/self/fd/1 -> /dev/stdout)
access_log /proc/self/fd/1 main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
# Ensure all temp paths are in a writable by "www-data" user.
# Lifted from: https://hub.docker.com/r/nginxinc/nginx-unprivileged
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/conf.d/*.conf;
}

6
docker/shared/root/docker/entrypoint.d/02-check-config.sh
View file

@ -13,5 +13,9 @@ for file in "${dot_env_files[@]}"; do
continue continue
fi fi
run-as-current-user dotenv-linter --skip=QuoteCharacter --skip=UnorderedKey "${file}" # We ignore 'dir' + 'file' rules since they are validate *host* paths
# which do not (and should not) exists inside the container
#
# We disable fixer since its not interactive anyway
run-as-current-user dottie validate --file "${file}" --ignore-rule dir,file --no-fix
done done

16
docker/shared/root/docker/helpers.sh
View file

@ -20,9 +20,10 @@ declare -g script_name=
declare -g script_name_previous= declare -g script_name_previous=
declare -g log_prefix= declare -g log_prefix=
declare -Ag lock_fds=()
# dot-env files to source when reading config # dot-env files to source when reading config
declare -a dot_env_files=( declare -a dot_env_files=(
/var/www/.env.docker
/var/www/.env /var/www/.env
) )
@ -377,17 +378,20 @@ function acquire-lock()
{ {
local name="${1:-$script_name}" local name="${1:-$script_name}"
local file="${docker_locks_path}/${name}" local file="${docker_locks_path}/${name}"
local lock_fd
ensure-directory-exists "$(dirname "${file}")" ensure-directory-exists "$(dirname "${file}")"
exec {lock_fd}>"$file"
log-info "🔑 Trying to acquire lock: ${file}: " log-info "🔑 Trying to acquire lock: ${file}: "
while file-exists "${file}"; do while ! ([[ -v lock_fds[$name] ]] || flock -n -x "$lock_fd"); do
log-info "🔒 Waiting on lock ${file}" log-info "🔒 Waiting on lock ${file}"
staggered-sleep staggered-sleep
done done
stream-prefix-command-output touch "${file}" [[ -v lock_fds[$name] ]] || lock_fds[$name]=$lock_fd
log-info "🔐 Lock acquired [${file}]" log-info "🔐 Lock acquired [${file}]"
@ -403,7 +407,11 @@ function release-lock()
log-info "🔓 Releasing lock [${file}]" log-info "🔓 Releasing lock [${file}]"
stream-prefix-command-output rm -fv "${file}" [[ -v lock_fds[$name] ]] || return
# shellcheck disable=SC1083,SC2086
flock --unlock ${lock_fds[$name]}
unset 'lock_fds[$name]'
} }
# @description Helper function to append multiple actions onto # @description Helper function to append multiple actions onto

3
docker/shared/root/docker/install/base.sh
View file

@ -59,6 +59,3 @@ apt-get install -y "${packages[@]}"
locale-gen locale-gen
update-locale update-locale
# Install dotenv linter (https://github.com/dotenv-linter/dotenv-linter)
curl -sSfL https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s -- -b /usr/local/bin "${DOTENV_LINTER_VERSION:-}"

7
docker/shared/root/docker/templates/usr/local/etc/php/php.ini
View file

@ -406,7 +406,7 @@ max_input_time = 60
; Maximum amount of memory a script may consume (128MB) ; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit ; http://php.net/memory-limit
memory_limit = {{ getenv "PHP_MEMORY_LIMIT" "128M" }} memory_limit = {{ getenv "DOCKER_APP_PHP_MEMORY_LIMIT" "128M" }}
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ; ; Error handling and logging ;
@ -570,8 +570,9 @@ report_memleaks = On
; Log errors to specified file. PHP's default behavior is to leave this value ; Log errors to specified file. PHP's default behavior is to leave this value
; empty. ; empty.
; http://php.net/error-log ; http://php.net/error-log
; Example: ;
;error_log = php_errors.log ; NOTE: Write error log to stderr (/proc/self/fd/2 -> /dev/stderr)
error_log = /proc/self/fd/2
; Log errors to syslog (Event Log on Windows). ; Log errors to syslog (Event Log on Windows).
;error_log = syslog ;error_log = syslog

2
goss.yaml
View file

@ -114,7 +114,7 @@ command:
{{ end }} {{ end }}
{{ if eq .Env.PHP_BASE_TYPE "apache" }} {{ if eq .Env.PHP_BASE_TYPE "apache" }}
nginx-version: apache-version:
exit-status: 0 exit-status: 0
exec: 'apachectl -v' exec: 'apachectl -v'
stdout: stdout: