From 023ff0d4488d305a7b51d1b2477f8052ed59d380 Mon Sep 17 00:00:00 2001 From: Greg Melton Date: Fri, 24 May 2024 14:00:38 -0700 Subject: [PATCH 1/5] not sure what this means in the grandscheme of things --- app/models/user.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index f706c91eff55c4..394531460377e0 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -14,7 +14,6 @@ # sign_in_count :integer default(0), not null # current_sign_in_at :datetime # last_sign_in_at :datetime -# admin :boolean default(FALSE), not null # confirmation_token :string # confirmed_at :datetime # confirmation_sent_at :datetime @@ -29,7 +28,6 @@ # otp_backup_codes :string is an Array # account_id :bigint(8) not null # disabled :boolean default(FALSE), not null -# moderator :boolean default(FALSE), not null # invite_id :bigint(8) # chosen_languages :string is an Array # created_by_application_id :bigint(8) From c52ba38e7c0c6d66dace8c463d45be3d410e3177 Mon Sep 17 00:00:00 2001 From: Greg Melton Date: Fri, 24 May 2024 14:01:01 -0700 Subject: [PATCH 2/5] run developer mode using docker-compose --- dev/Dockerfile | 20 +++++ dev/README.md | 32 ++++++++ dev/docker-compose.yml | 113 +++++++++++++++++++++++++ dev/entrypoint.sh | 26 ++++++ dev/mastodon.local.conf | 177 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 368 insertions(+) create mode 100644 dev/Dockerfile create mode 100644 dev/README.md create mode 100644 dev/docker-compose.yml create mode 100755 dev/entrypoint.sh create mode 100644 dev/mastodon.local.conf diff --git a/dev/Dockerfile b/dev/Dockerfile new file mode 100644 index 00000000000000..96160dafafd39e --- /dev/null +++ b/dev/Dockerfile @@ -0,0 +1,20 @@ +# For details, see https://github.com/devcontainers/images/tree/main/src/ruby +FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye + +# Install Rails +# RUN gem install rails webdrivers + +ARG NODE_VERSION="20" +RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1" + +# [Optional] Uncomment this section to install additional OS packages. +RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ + && apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libpam-dev + +# [Optional] Uncomment this line to install additional gems. +RUN gem install foreman + +# [Optional] Uncomment this line to install global node packages. +RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && corepack enable" 2>&1 + +# COPY welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt diff --git a/dev/README.md b/dev/README.md new file mode 100644 index 00000000000000..4bd8b2712aa605 --- /dev/null +++ b/dev/README.md @@ -0,0 +1,32 @@ +# Developer Setup w/ Docker + +- Install docker/docker-compose +- Edit `/etc/hosts` and add `127.0.0.1 mastodon.local` + +# Running Apps + +From the root of the repo run: +- `docker-compose -f dev/docker-compose.yml up` + +The app takes a while to start. Patience, my friend. + +## Hosts + +The developer setup doesn't configure SSL and uses nginx as a reverse proxy (see: mastodon.local.conf). + +- App: + + - `http://mastodon.local/` + - `http://mastodon.local:3000/` + - `http://127.0.0.1:3000/` + +- Streaming: + - `http://mastodon.local/api/v1/streaming` + - `http://127.0.0.1:4000/api/v1/streaming` + +- Email viewer: `http://mastodon.local/letter_opener` + +# Data Directories + +- `postgres14/` - nuke this directory if you want to start over +- `redis/` - stores the dump.rdb diff --git a/dev/docker-compose.yml b/dev/docker-compose.yml new file mode 100644 index 00000000000000..18a345a1723bbf --- /dev/null +++ b/dev/docker-compose.yml @@ -0,0 +1,113 @@ +version: '3' + +services: + app: + build: + context: ../ + dockerfile: ./dev/Dockerfile + volumes: + - ../:/mastodon + working_dir: /mastodon + environment: + LOCAL_DOMAIN: mastodon.local + RAILS_ENV: development + NODE_ENV: development + BIND: 0.0.0.0 + REDIS_HOST: redis + REDIS_PORT: '6379' + DB_HOST: db + DB_NAME: postgres + DB_USER: postgres + DB_PASS: postgres + DB_PORT: '5432' + # Uncomment to enable elasticsearch + # ES_ENABLED: 'true' + # ES_HOST: es + # ES_PORT: '9200' + LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000 + # Overrides default command so things don't shut down after the process ends. + # command: sleep infinity + entrypoint: /mastodon/dev/entrypoint.sh + ports: + - '127.0.0.1:3000:3000' + - '127.0.0.1:3035:3035' + - '127.0.0.1:4000:4000' + networks: + - external_network + - internal_network + + db: + image: postgres:14-alpine + restart: unless-stopped + volumes: + - postgres-data:/var/lib/postgresql/data + environment: + POSTGRES_USER: postgres + POSTGRES_DB: postgres + POSTGRES_PASSWORD: postgres + POSTGRES_HOST_AUTH_METHOD: trust + networks: + - internal_network + + redis: + image: redis:7-alpine + restart: unless-stopped + volumes: + - redis-data:/data + networks: + - internal_network + + # Uncomment to enable ES + # This was copied from `.devcontainer` setup and + # is untested... + # es: + # image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2 + # restart: unless-stopped + # environment: + # ES_JAVA_OPTS: -Xms512m -Xmx512m + # cluster.name: es-mastodon + # discovery.type: single-node + # bootstrap.memory_lock: 'true' + # volumes: + # - es-data:/usr/share/elasticsearch/data + # networks: + # - internal_network + # ulimits: + # memlock: + # soft: -1 + # hard: -1 + + libretranslate: + image: libretranslate/libretranslate:v1.5.5 + restart: unless-stopped + volumes: + - lt-data:/home/libretranslate/.local + networks: + - external_network + - internal_network + + nginx: + image: nginx:latest + ports: + - 80:80 + depends_on: + - "app" + links: + - "app:app" + volumes: + - ../public:/mastodon/public + - ./mastodon.local.conf:/etc/nginx/conf.d/mastodon.local.conf + networks: + - external_network + - internal_network + +volumes: + postgres-data: + redis-data: + es-data: + lt-data: + +networks: + external_network: + internal_network: + internal: true diff --git a/dev/entrypoint.sh b/dev/entrypoint.sh new file mode 100755 index 00000000000000..baf6d680497906 --- /dev/null +++ b/dev/entrypoint.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +set -e # Fail the whole script on first error + +# Fetch Ruby gem dependencies +bundle config path 'vendor/bundle' +bundle config with 'development' +bundle install + +# Make Gemfile.lock pristine again +git checkout -- Gemfile.lock + +# Fetch Javascript dependencies +corepack prepare +yarn install + +# You can comment these lines out if you need restart +# without needing to pickup new changes here... +# Run db setup/migrations +RAILS_ENV=development ./bin/rails db:setup +RAILS_ENV=development ./bin/rails db:migrate +# Generate public/assets +RAILS_ENV=development ./bin/rails assets:precompile + +# This runs the Procfile.dev apps +foreman start \ No newline at end of file diff --git a/dev/mastodon.local.conf b/dev/mastodon.local.conf new file mode 100644 index 00000000000000..d7e9a5dd3a5aa5 --- /dev/null +++ b/dev/mastodon.local.conf @@ -0,0 +1,177 @@ +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +upstream backend { + # server 127.0.0.1:3000 fail_timeout=0; + server app:3000 fail_timeout=0; +} + +upstream streaming { + # Instruct nginx to send connections to the server with the least number of connections + # to ensure load is distributed evenly. + least_conn; + + # server 127.0.0.1:4000 fail_timeout=0; + server app:4000 fail_timeout=0; + + # Uncomment these lines for load-balancing multiple instances of streaming for scaling, + # this assumes your running the streaming server on ports 4000, 4001, and 4002: + # server 127.0.0.1:4001 fail_timeout=0; + # server 127.0.0.1:4002 fail_timeout=0; +} + +proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g; + +# Re-enable to test SSL +# server { +# listen 80; +# listen [::]:80; +# server_name mastodon.local; +# root /mastodon/public; +# location /.well-known/acme-challenge/ { allow all; } +# # location / { return 301 https://$host$request_uri; } +# } + +server { + listen 80; + listen [::]:80; + server_name mastodon.local; + + # ssl_protocols TLSv1.2 TLSv1.3; + + # You can use https://ssl-config.mozilla.org/ to generate your cipher set. + # We recommend their "Intermediate" level. + # ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305; + # ssl_prefer_server_ciphers on; + # ssl_session_cache shared:SSL:10m; + # ssl_session_tickets off; + + # Uncomment these lines once you acquire a certificate: + # ssl_certificate /etc/letsencrypt/live/mastodon.local/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/mastodon.local/privkey.pem; + + keepalive_timeout 70; + sendfile on; + client_max_body_size 99m; + + root /mastodon/public; + + gzip on; + gzip_disable "msie6"; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon; + + location / { + try_files $uri @proxy; + } + + # If Docker is used for deployment and Rails serves static files, + # then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`. + location = /sw.js { + add_header Cache-Control "public, max-age=604800, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/assets/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/avatars/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/emoji/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/headers/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/packs/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri @proxy; + + } + + location ~ ^/shortcuts/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/sounds/ { + add_header Cache-Control "public, max-age=2419200, must-revalidate"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + try_files $uri =404; + } + + location ~ ^/system/ { + add_header Cache-Control "public, max-age=2419200, immutable"; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + add_header X-Content-Type-Options nosniff; + add_header Content-Security-Policy "default-src 'none'; form-action 'none'"; + try_files $uri =404; + } + + location ^~ /api/v1/streaming { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Proxy ""; + + proxy_pass http://streaming; + proxy_buffering off; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"; + + tcp_nodelay on; + } + + location @proxy { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Proxy ""; + proxy_pass_header Server; + + proxy_pass http://backend; + proxy_buffering on; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + proxy_cache CACHE; + proxy_cache_valid 200 7d; + proxy_cache_valid 410 24h; + proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; + add_header X-Cached $upstream_cache_status; + + tcp_nodelay on; + } + + error_page 404 500 501 502 503 504 /500.html; +} From 6744f11c69775f340696da046e967d8316161edb Mon Sep 17 00:00:00 2001 From: Greg Melton Date: Fri, 24 May 2024 14:10:43 -0700 Subject: [PATCH 3/5] fix markdown formatting issues --- dev/README.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/dev/README.md b/dev/README.md index 4bd8b2712aa605..f6e3ef2db411e6 100644 --- a/dev/README.md +++ b/dev/README.md @@ -6,6 +6,7 @@ # Running Apps From the root of the repo run: + - `docker-compose -f dev/docker-compose.yml up` The app takes a while to start. Patience, my friend. @@ -16,13 +17,14 @@ The developer setup doesn't configure SSL and uses nginx as a reverse proxy (see - App: - - `http://mastodon.local/` - - `http://mastodon.local:3000/` - - `http://127.0.0.1:3000/` + - `http://mastodon.local/` + - `http://mastodon.local:3000/` + - `http://127.0.0.1:3000/` - Streaming: - - `http://mastodon.local/api/v1/streaming` - - `http://127.0.0.1:4000/api/v1/streaming` + + - `http://mastodon.local/api/v1/streaming` + - `http://127.0.0.1:4000/api/v1/streaming` - Email viewer: `http://mastodon.local/letter_opener` From 1eaf77835f95b3e3a73b9e7982e61d37eb5092e2 Mon Sep 17 00:00:00 2001 From: Greg Melton Date: Fri, 24 May 2024 14:13:35 -0700 Subject: [PATCH 4/5] fix formatting issues --- dev/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dev/docker-compose.yml b/dev/docker-compose.yml index 18a345a1723bbf..cc422be7b23f21 100644 --- a/dev/docker-compose.yml +++ b/dev/docker-compose.yml @@ -91,9 +91,9 @@ services: ports: - 80:80 depends_on: - - "app" + - 'app' links: - - "app:app" + - 'app:app' volumes: - ../public:/mastodon/public - ./mastodon.local.conf:/etc/nginx/conf.d/mastodon.local.conf From 4a7a2c2cc62397403aff94c093154d9a1363dba7 Mon Sep 17 00:00:00 2001 From: Greg Melton Date: Tue, 4 Jun 2024 15:07:54 -0700 Subject: [PATCH 5/5] more dev changes --- dev/docker-compose.yml | 2 +- dev/entrypoint.sh | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/dev/docker-compose.yml b/dev/docker-compose.yml index cc422be7b23f21..a3c2b15ee9ceab 100644 --- a/dev/docker-compose.yml +++ b/dev/docker-compose.yml @@ -40,7 +40,7 @@ services: image: postgres:14-alpine restart: unless-stopped volumes: - - postgres-data:/var/lib/postgresql/data + - ../postgres14:/var/lib/postgresql/data environment: POSTGRES_USER: postgres POSTGRES_DB: postgres diff --git a/dev/entrypoint.sh b/dev/entrypoint.sh index baf6d680497906..04f103e5275469 100755 --- a/dev/entrypoint.sh +++ b/dev/entrypoint.sh @@ -4,7 +4,7 @@ set -e # Fail the whole script on first error # Fetch Ruby gem dependencies bundle config path 'vendor/bundle' -bundle config with 'development' +bundle config with 'development test' bundle install # Make Gemfile.lock pristine again @@ -14,12 +14,16 @@ git checkout -- Gemfile.lock corepack prepare yarn install +# # seed test +# RAILS_ENV=test ./bin/rails db:setup +# RAILS_ENV=test ./bin/rails db:migrate +# RAILS_ENV=test ./bin/rails assets:precompile + # You can comment these lines out if you need restart # without needing to pickup new changes here... # Run db setup/migrations RAILS_ENV=development ./bin/rails db:setup RAILS_ENV=development ./bin/rails db:migrate -# Generate public/assets RAILS_ENV=development ./bin/rails assets:precompile # This runs the Procfile.dev apps