Update docker, readme

2023-06-05 08:57:01 +02:00 · 2023-06-05 08:57:01 +02:00 · eec2c75ccc
parent 675254855d
commit eec2c75ccc
5 changed files with 166 additions and 154 deletions
--- a/.env.example
+++ b/.env.example
@ -14,6 +14,7 @@
 # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration

 # kbin variables
+SERVER_NAME=app.localhost
 KBIN_DOMAIN=app.localhost
 KBIN_TITLE=/kbin
 KBIN_DEFAULT_LANG=en
@ -31,8 +32,8 @@ KBIN_HEADER_LOGO=false
 KBIN_CAPTCHA_ENABLED=false

 # Redis
-REDIS_DNS=redis://${REDIS_PASSWORD}@redis
 REDIS_PASSWORD=!ChangeThisRedisPass!
+REDIS_DNS=redis://${REDIS_PASSWORD}@redis

 # S3 storage (optional)
 S3_KEY=
@ -58,7 +59,10 @@ APP_SECRET=427f5e2940e5b2472c1b44b2d06e0525
 # Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
 # IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
 #
-DATABASE_URL="postgresql://symfony:ChangeMe@127.0.0.1:5432/app?serverVersion=13&charset=utf8"
+POSTGRES_USER=kbin
+POSTGRES_PASSWORD=!ChangeThisPostgresPass!
+POSTGRES_VERSION=14
+DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@127.0.0.1:5432/kbin?serverVersion=${POSTGRES_VERSION}&charset=utf8"
 ###< doctrine/doctrine-bundle ###

 ###> symfony/messenger ###
@ -86,6 +90,9 @@ MERCURE_URL=https://example.com/.well-known/mercure
 MERCURE_PUBLIC_URL=https://example.com/.well-known/mercure
 # The secret used to sign the JWTs
 MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!"
+# Docker
+CADDY_MERCURE_URL=https://example.com/.well-known/mercure
+CADDY_MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!"
 ###< symfony/mercure-bundle ###

 ###> nelmio/cors-bundle ###
--- a/27
+++ b/27
@ -4,18 +4,12 @@
 # https://docs.docker.com/develop/develop-images/multistage-build/#stop-at-a-specific-build-stage
 # https://docs.docker.com/compose/compose-file/#target

-# Builder images
-FROM composer/composer:2-bin AS composer
-
-FROM mlocati/php-extension-installer:latest AS php_extension_installer
-
 # Build Caddy with the Mercure and Vulcain modules
-FROM caddy:2.6-builder-alpine AS app_caddy_builder
+# Temporary fix for https://github.com/dunglas/mercure/issues/770
+FROM caddy:2.7-builder-alpine AS app_caddy_builder

-RUN xcaddy build \
-	--with github.com/dunglas/mercure \
+RUN xcaddy build v2.6.4 \
 	--with github.com/dunglas/mercure/caddy \
-	--with github.com/dunglas/vulcain \
 	--with github.com/dunglas/vulcain/caddy

 # Prod image
@ -34,7 +28,7 @@ ENV APP_ENV=prod
 WORKDIR /srv/app

 # php extensions installer: https://github.com/mlocati/docker-php-extension-installer
-COPY --from=php_extension_installer --link /usr/bin/install-php-extensions /usr/local/bin/
+COPY --from=mlocati/php-extension-installer:latest --link /usr/bin/install-php-extensions /usr/local/bin/

 # persistent / runtime deps
 RUN apk add --no-cache \
@ -70,7 +64,6 @@ RUN apk add --no-cache --virtual .pgsql-deps postgresql-dev; \
 ###< recipes ###

 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
-
 COPY --link docker/php/conf.d/app.ini $PHP_INI_DIR/conf.d/
 COPY --link docker/php/conf.d/app.prod.ini $PHP_INI_DIR/conf.d/

@ -93,7 +86,7 @@ USER root
 ENV COMPOSER_ALLOW_SUPERUSER=1
 ENV PATH="${PATH}:/root/.composer/vendor/bin"

-COPY --from=composer --link /composer /usr/bin/composer
+COPY --from=composer/composer:2-bin --link /composer /usr/bin/composer

 # prevent the reinstallation of vendors at every changes in the source code
 COPY --link composer.* symfony.* ./
@ -126,7 +119,7 @@ RUN rm "$PHP_INI_DIR/conf.d/app.prod.ini"; \
 	mv "$PHP_INI_DIR/php.ini" "$PHP_INI_DIR/php.ini-production"; \
 	mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"

-COPY docker/php/conf.d/app.dev.ini $PHP_INI_DIR/conf.d/
+COPY --link docker/php/conf.d/app.dev.ini $PHP_INI_DIR/conf.d/

 RUN set -eux; \
 	install-php-extensions \
@ -136,12 +129,12 @@ RUN set -eux; \
 RUN rm -f .env.local.php

 # Caddy image
-FROM caddy:2.6-alpine AS app_caddy
+FROM caddy:2-alpine AS app_caddy

 WORKDIR /srv/app

-COPY --from=app_caddy_builder /usr/bin/caddy /usr/bin/caddy
-COPY --from=app_php /srv/app/public public/
-COPY docker/caddy/Caddyfile /etc/caddy/Caddyfile
+COPY --from=app_caddy_builder --link /usr/bin/caddy /usr/bin/caddy
+COPY --from=app_php --link /srv/app/public public/
+COPY --link docker/caddy/Caddyfile /etc/caddy/Caddyfile

 FROM app_php AS symfony_messenger
--- a/README.md
+++ b/README.md
@ -3,7 +3,7 @@
 [![Maintainability](https://api.codeclimate.com/v1/badges/ee285c05da04524ea2f9/maintainability)](https://codeclimate.com/github/ernestwisniewski/kbin/maintainability)
 [![Test Coverage](https://api.codeclimate.com/v1/badges/ee285c05da04524ea2f9/test_coverage)](https://codeclimate.com/github/ernestwisniewski/kbin/test_coverage)

-Kbin is a decentralized content aggregator and microblogging platform running on the Fediverse network. It can
+Kbin is a modular, decentralized content aggregator and microblogging platform running on the Fediverse network. It can
 communicate with many other ActivityPub services, including Mastodon, Lemmy, Pleroma, Peertube. The initiative aims to
 promote a free and open internet.

@ -43,133 +43,14 @@ the backend and the project will be prepared for contribution.
 * Redis (optional)
 * Mercure (optional)
 * RabbitMQ (optional)
-* Elasticsearch (optional) (deprecated)
-* Cardano Node, Cardano Wallet (optional) (deprecated)

-### Frontend
+## Documentation

-https://github.com/symfony/ux
-
-```bash
-$ yarn install
-$ yarn build
-```
-
-### Install with Docker
-
-Based on [https://github.com/dunglas/symfony-docker](https://github.com/dunglas/symfony-docker)
-
-#### Develop
-
-1. If not already done, [install Docker Compose](https://docs.docker.com/compose/install/)
-2. Run `docker compose build --pull --no-cache` to build fresh images
-3. Run `docker compose up` (the logs will be displayed in the current shell)
-4. Open `https://app.localhost` in your favorite web browser
-   and [accept the auto-generated TLS certificate](https://stackoverflow.com/a/15076602/1352334)
-5. Run `docker compose down --remove-orphans` to stop the Docker containers.
-
-```bash
-$ docker compose exec php bin/console doctrine:fixtures:load
-$ docker compose exec php bin/phpunit
-
-# Using Xdebug
-# Linux / Mac
-$ XDEBUG_MODE=debug docker compose up -d
-# Windows
-$ set XDEBUG_MODE=debug&& docker compose up -d&set XDEBUG_MODE=
-```
-
-#### Production
-
-```bash
-$ APP_ENV=dev SERVER_NAME=dev.karab.in \
-APP_SECRET=acme \
-CADDY_MERCURE_JWT_SECRET='!ChangeThisMercureHubJWTSecretKey!' \
-POSTGRES_USER=kbin \
-POSTGRES_PASSWORD=acme \
-POSTGRES_DB=kbin \
-CADDY_MERCURE_URL="https://example.com/.well-known/mercure" \
-KBIN_DEFAULT_LANG=pl \
-docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
-```
-
-#### Deploying on Multiple Nodes
-
-If you want to deploy your app on a cluster of machines, you can
-use [Docker Swarm](https://docs.docker.com/engine/swarm/stack-deploy/), which is
-compatible with the provided Compose files.
-
-## Configuration
-
-### Admin user
-
-```bash
-# Create new user (without email verification)
-$ docker compose exec php bin/console kbin:user:create username email@exmple.com password
-# Grant administrator privileges
-$ docker compose exec php bin/console kbin:user:admin username
-```
-
-### Media
-
-```bash
-$ mkdir public/media
-$ chmod 755 public/media
-$ chown 82:82 public/media
-```
-
-### Elasticsearch
-
-```bash
-$ docker compose exec php bin/console fos:elastica:create
-$ docker compose exec php bin/console fos:elastica:populate
-```
-
-### JWT keys
-
-```bash
-// @todo 
-```
-
-Next, set up your instance https://localhost/admin
-
-## Backup and restore
-
-### Database
-
-```bash
-# Backup
-$ docker exec -it database pg_dump -U kbin kbin > dump_`date +%d-%m-%Y"_"%H_%M_%S`.sql
-# Restore
-$ docker compose exec -T database psql -U kbin kbin < dump.sql
-```
-
-### Images
-
-```bash
-// @todo rsync
-```
-
-## Troubleshooting
-
-### Editing Permissions on Linux
-
-If you work on linux and cannot edit some of the project files right after the first installation, you can
-run `docker compose run --rm php chown -R $(id -u):$(id -g) .` to set yourself as owner of the project files that were
-created by the docker container.
-
-### Logs
-
-```bash
-$ docker compose logs -f
-$ docker compose exec php tail var/log/prod.log
-```
-
-### Cache
-
-```bash
-$ docker compose exec php bin/console cache:clear
-```
+* [User Guide](https://codeberg.org/Kbin/kbin-core/wiki#user-guide)
+* [Admin Guide](https://codeberg.org/Kbin/kbin-core/wiki#admin-guide)
+* [Kbin REST API Reference](https://docs.kbin.pub)
+* [Kbin ActivityPub Reference](https://fedidevs.org/projects/kbin/)
+* Kbin GraphQL Reference

 ## Federation

@ -185,13 +66,6 @@ $ docker compose exec php bin/console cache:clear
 * [Schema Generator 3: A Step Towards Redecentralizing the Web!](https://dunglas.fr/2021/01/schema-generator-3-a-step-towards-redecentralizing-the-web/)
 * [API Platform ActivityPub](https://github.com/api-platform/activity-pub)

-## Documentation
-
-* [Kbin REST API Reference](https://docs.kbin.pub)
-* [Kbin ActivityPub Reference](https://docs.kbin.pub#activity-pub)
-* Kbin GraphQL Reference
-* [Fediverse Developer Network](https://fedidevs.org/projects/kbin/)
-
 ## Languages

 * English
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -145,10 +145,10 @@ services:
  database:
    image: postgres:${POSTGRES_VERSION:-13}-alpine
    environment:
-      POSTGRES_DB: ${POSTGRES_DB:-app}
+      POSTGRES_DB: ${POSTGRES_DB:-kbin}
      # You should definitely change the password in production
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-ChangeMe}
-      POSTGRES_USER: ${POSTGRES_USER:-symfony}
+      POSTGRES_USER: ${POSTGRES_USER:-kbin}
    volumes:
      - db-data:/var/lib/postgresql/data:rw
      # You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
--- a/docs/admin_guide.md
+++ b/docs/admin_guide.md
@ -0,0 +1,138 @@
+## Admin guide
+
+Below is a step-by-step description of the process for creating your own instance from the moment a new VPS is created.  This is a preliminary outline that will help you launch an instance for your own needs. Please note that kbin is still in the early stages of development and is currently intended for smaller instances.
+
+If you would like to support the project, you can register using the following [affiliate link](https://hetzner.cloud/?ref=8tSPCw0qqIwl).
+
+The VPS is running Debian 11. Redis is used for caching, so it is recommended to have at least 2 CPUs (>2.6 GHz) and 4GB of RAM. Filesystem cache can be used too, but it causes significant performance issues under high traffic.
+
+#### System update
+
+```bash
+$ apt-get update && apt-get upgrade
+```
+
+#### Firewall
+
+```bash
+// todo 
+```
+
+#### Create user
+
+```bash
+$ adduser kbin
+$ usermod -aG sudo kbin
+$ su kbin
+$ cd ~
+```
+
+#### Front tools
+
+```bash
+$ curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
+$ curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
+$ sudo apt-get install -y nodejs
+$ echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
+$ sudo apt-get update && sudo apt-get install yarn
+
+```
+
+
+#### Clone repo
+
+```bash
+$ sudo apt-get install git
+$ git clone https://codeberg.org/Kbin/kbin-core.git kbin
+$ cd kbin
+$ mkdir public/media
+$ sudo chown 82:82 public/media
+$ sudo chown 82:82 var
+$ cp .env.example .env
+$ vi .env # esc + !q + enter to exit
+or 
+$ nano .env
+```
+
+
+Make sure you have substituted all the passwords and configured the basic services.
+
+### Install with Docker
+
+The Dockerfile is based on [symfony-docker](https://github.com/dunglas/symfony-docker).
+
+[https://docs.docker.com/engine/install/debian/](https://docs.docker.com/engine/install/debian/)
+
+```bash
+$ sudo apt-get install ca-certificates curl gnupg
+$ sudo install -m 0755 -d /etc/apt/keyrings
+$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+$ sudo chmod a+r /etc/apt/keyrings/docker.gpg
+$ echo \
+  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
+  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+$ sudo apt-get update
+$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+$ sudo apt-get install docker-compose-plugin
+$ sudo groupadd docker
+$ sudo usermod -aG docker $USER
+```
+
+#### Run containers
+
+```bash
+$ compose build --pull --no-cache # build fresh images
+$ docker compose up # the logs will be displayed in the current shell
+$ docker compose down --remove-orphans # stop the Docker containers.
+```
+
+#### Build front
+
+The first startup will fail, so while the container is starting, execute the following commands:
+
+```bash
+$ yarn install
+$ yarn build
+$ docker compose down && docker compose up
+```
+
+Open [https://app.localhost](https://app.localhost) in your favorite web browser and accept the auto-generated TLS certificate
+
+#### Production
+
+```bash
+$ docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d --build
+```
+
+[https://github.com/dunglas/symfony-docker/blob/main/docs/production.md](https://github.com/dunglas/symfony-docker/blob/main/docs/production.md)
+
+If you want to deploy your app on a cluster of machines, you can use [Docker Swarm](https://docs.docker.com/engine/swarm/stack-deploy/), which is compatible with the provided Compose files.
+
+#### Configuration
+
+```bash
+# Create new user (without email verification)
+$ docker compose exec php bin/console kbin:user:create username email@exmple.com password
+# Grant administrator privileges
+$ docker compose exec php bin/console kbin:user:admin username
+```
+
+```bash
+docker compose exec php bin/console kbin:ap:keys:update
+```
+Next, log in and create a repository named "random" to which unclassified content from the fediverse will flow.
+
+#### Admin panel
+
+[https://instance-domain.com/admin/settings](https://instance-domain.com/admin/settings)
+
+### Install without Docker
+
+References:
+
+- [https://symfony.com/doc/current/setup.html](https://symfony.com/doc/current/setup.html)
+- [https://symfony.com/doc/current/deployment.html](https://symfony.com/doc/current/deployment.html)
+- [https://symfony.com/doc/current/setup/web_server_configuration.html](https://symfony.com/doc/current/setup/web_server_configuration.html)
+- [https://symfony.com/doc/current/messenger.html#deploying-to-production](https://symfony.com/doc/current/messenger.html#deploying-to-production)
+- [https://codingstories.net/how-to/how-to-install-and-use-mercure/](https://codingstories.net/how-to/how-to-install-and-use-mercure/)