diff --git a/.env.example b/.env.example index c859d356..53d0a614 100644 --- a/.env.example +++ b/.env.example @@ -14,6 +14,7 @@ # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration # kbin variables +SERVER_NAME=app.localhost KBIN_DOMAIN=app.localhost KBIN_TITLE=/kbin KBIN_DEFAULT_LANG=en @@ -31,8 +32,8 @@ KBIN_HEADER_LOGO=false KBIN_CAPTCHA_ENABLED=false # Redis -REDIS_DNS=redis://${REDIS_PASSWORD}@redis REDIS_PASSWORD=!ChangeThisRedisPass! +REDIS_DNS=redis://${REDIS_PASSWORD}@redis # S3 storage (optional) S3_KEY= @@ -58,7 +59,10 @@ APP_SECRET=427f5e2940e5b2472c1b44b2d06e0525 # Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url # IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml # -DATABASE_URL="postgresql://symfony:ChangeMe@127.0.0.1:5432/app?serverVersion=13&charset=utf8" +POSTGRES_USER=kbin +POSTGRES_PASSWORD=!ChangeThisPostgresPass! +POSTGRES_VERSION=14 +DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@127.0.0.1:5432/kbin?serverVersion=${POSTGRES_VERSION}&charset=utf8" ###< doctrine/doctrine-bundle ### ###> symfony/messenger ### @@ -86,6 +90,9 @@ MERCURE_URL=https://example.com/.well-known/mercure MERCURE_PUBLIC_URL=https://example.com/.well-known/mercure # The secret used to sign the JWTs MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!" +# Docker +CADDY_MERCURE_URL=https://example.com/.well-known/mercure +CADDY_MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!" ###< symfony/mercure-bundle ### ###> nelmio/cors-bundle ### diff --git a/Dockerfile b/Dockerfile index f2d6f8c3..c0777aa2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,18 +4,12 @@ # https://docs.docker.com/develop/develop-images/multistage-build/#stop-at-a-specific-build-stage # https://docs.docker.com/compose/compose-file/#target -# Builder images -FROM composer/composer:2-bin AS composer - -FROM mlocati/php-extension-installer:latest AS php_extension_installer - # Build Caddy with the Mercure and Vulcain modules -FROM caddy:2.6-builder-alpine AS app_caddy_builder +# Temporary fix for https://github.com/dunglas/mercure/issues/770 +FROM caddy:2.7-builder-alpine AS app_caddy_builder -RUN xcaddy build \ - --with github.com/dunglas/mercure \ +RUN xcaddy build v2.6.4 \ --with github.com/dunglas/mercure/caddy \ - --with github.com/dunglas/vulcain \ --with github.com/dunglas/vulcain/caddy # Prod image @@ -34,7 +28,7 @@ ENV APP_ENV=prod WORKDIR /srv/app # php extensions installer: https://github.com/mlocati/docker-php-extension-installer -COPY --from=php_extension_installer --link /usr/bin/install-php-extensions /usr/local/bin/ +COPY --from=mlocati/php-extension-installer:latest --link /usr/bin/install-php-extensions /usr/local/bin/ # persistent / runtime deps RUN apk add --no-cache \ @@ -70,7 +64,6 @@ RUN apk add --no-cache --virtual .pgsql-deps postgresql-dev; \ ###< recipes ### RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" - COPY --link docker/php/conf.d/app.ini $PHP_INI_DIR/conf.d/ COPY --link docker/php/conf.d/app.prod.ini $PHP_INI_DIR/conf.d/ @@ -93,7 +86,7 @@ USER root ENV COMPOSER_ALLOW_SUPERUSER=1 ENV PATH="${PATH}:/root/.composer/vendor/bin" -COPY --from=composer --link /composer /usr/bin/composer +COPY --from=composer/composer:2-bin --link /composer /usr/bin/composer # prevent the reinstallation of vendors at every changes in the source code COPY --link composer.* symfony.* ./ @@ -126,7 +119,7 @@ RUN rm "$PHP_INI_DIR/conf.d/app.prod.ini"; \ mv "$PHP_INI_DIR/php.ini" "$PHP_INI_DIR/php.ini-production"; \ mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini" -COPY docker/php/conf.d/app.dev.ini $PHP_INI_DIR/conf.d/ +COPY --link docker/php/conf.d/app.dev.ini $PHP_INI_DIR/conf.d/ RUN set -eux; \ install-php-extensions \ @@ -136,12 +129,12 @@ RUN set -eux; \ RUN rm -f .env.local.php # Caddy image -FROM caddy:2.6-alpine AS app_caddy +FROM caddy:2-alpine AS app_caddy WORKDIR /srv/app -COPY --from=app_caddy_builder /usr/bin/caddy /usr/bin/caddy -COPY --from=app_php /srv/app/public public/ -COPY docker/caddy/Caddyfile /etc/caddy/Caddyfile +COPY --from=app_caddy_builder --link /usr/bin/caddy /usr/bin/caddy +COPY --from=app_php --link /srv/app/public public/ +COPY --link docker/caddy/Caddyfile /etc/caddy/Caddyfile FROM app_php AS symfony_messenger diff --git a/README.md b/README.md index b94058e3..389ae1eb 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![Maintainability](https://api.codeclimate.com/v1/badges/ee285c05da04524ea2f9/maintainability)](https://codeclimate.com/github/ernestwisniewski/kbin/maintainability) [![Test Coverage](https://api.codeclimate.com/v1/badges/ee285c05da04524ea2f9/test_coverage)](https://codeclimate.com/github/ernestwisniewski/kbin/test_coverage) -Kbin is a decentralized content aggregator and microblogging platform running on the Fediverse network. It can +Kbin is a modular, decentralized content aggregator and microblogging platform running on the Fediverse network. It can communicate with many other ActivityPub services, including Mastodon, Lemmy, Pleroma, Peertube. The initiative aims to promote a free and open internet. @@ -43,133 +43,14 @@ the backend and the project will be prepared for contribution. * Redis (optional) * Mercure (optional) * RabbitMQ (optional) -* Elasticsearch (optional) (deprecated) -* Cardano Node, Cardano Wallet (optional) (deprecated) -### Frontend +## Documentation -https://github.com/symfony/ux - -```bash -$ yarn install -$ yarn build -``` - -### Install with Docker - -Based on [https://github.com/dunglas/symfony-docker](https://github.com/dunglas/symfony-docker) - -#### Develop - -1. If not already done, [install Docker Compose](https://docs.docker.com/compose/install/) -2. Run `docker compose build --pull --no-cache` to build fresh images -3. Run `docker compose up` (the logs will be displayed in the current shell) -4. Open `https://app.localhost` in your favorite web browser - and [accept the auto-generated TLS certificate](https://stackoverflow.com/a/15076602/1352334) -5. Run `docker compose down --remove-orphans` to stop the Docker containers. - -```bash -$ docker compose exec php bin/console doctrine:fixtures:load -$ docker compose exec php bin/phpunit - -# Using Xdebug -# Linux / Mac -$ XDEBUG_MODE=debug docker compose up -d -# Windows -$ set XDEBUG_MODE=debug&& docker compose up -d&set XDEBUG_MODE= -``` - -#### Production - -```bash -$ APP_ENV=dev SERVER_NAME=dev.karab.in \ -APP_SECRET=acme \ -CADDY_MERCURE_JWT_SECRET='!ChangeThisMercureHubJWTSecretKey!' \ -POSTGRES_USER=kbin \ -POSTGRES_PASSWORD=acme \ -POSTGRES_DB=kbin \ -CADDY_MERCURE_URL="https://example.com/.well-known/mercure" \ -KBIN_DEFAULT_LANG=pl \ -docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d -``` - -#### Deploying on Multiple Nodes - -If you want to deploy your app on a cluster of machines, you can -use [Docker Swarm](https://docs.docker.com/engine/swarm/stack-deploy/), which is -compatible with the provided Compose files. - -## Configuration - -### Admin user - -```bash -# Create new user (without email verification) -$ docker compose exec php bin/console kbin:user:create username email@exmple.com password -# Grant administrator privileges -$ docker compose exec php bin/console kbin:user:admin username -``` - -### Media - -```bash -$ mkdir public/media -$ chmod 755 public/media -$ chown 82:82 public/media -``` - -### Elasticsearch - -```bash -$ docker compose exec php bin/console fos:elastica:create -$ docker compose exec php bin/console fos:elastica:populate -``` - -### JWT keys - -```bash -// @todo -``` - -Next, set up your instance https://localhost/admin - -## Backup and restore - -### Database - -```bash -# Backup -$ docker exec -it database pg_dump -U kbin kbin > dump_`date +%d-%m-%Y"_"%H_%M_%S`.sql -# Restore -$ docker compose exec -T database psql -U kbin kbin < dump.sql -``` - -### Images - -```bash -// @todo rsync -``` - -## Troubleshooting - -### Editing Permissions on Linux - -If you work on linux and cannot edit some of the project files right after the first installation, you can -run `docker compose run --rm php chown -R $(id -u):$(id -g) .` to set yourself as owner of the project files that were -created by the docker container. - -### Logs - -```bash -$ docker compose logs -f -$ docker compose exec php tail var/log/prod.log -``` - -### Cache - -```bash -$ docker compose exec php bin/console cache:clear -``` +* [User Guide](https://codeberg.org/Kbin/kbin-core/wiki#user-guide) +* [Admin Guide](https://codeberg.org/Kbin/kbin-core/wiki#admin-guide) +* [Kbin REST API Reference](https://docs.kbin.pub) +* [Kbin ActivityPub Reference](https://fedidevs.org/projects/kbin/) +* Kbin GraphQL Reference ## Federation @@ -185,13 +66,6 @@ $ docker compose exec php bin/console cache:clear * [Schema Generator 3: A Step Towards Redecentralizing the Web!](https://dunglas.fr/2021/01/schema-generator-3-a-step-towards-redecentralizing-the-web/) * [API Platform ActivityPub](https://github.com/api-platform/activity-pub) -## Documentation - -* [Kbin REST API Reference](https://docs.kbin.pub) -* [Kbin ActivityPub Reference](https://docs.kbin.pub#activity-pub) -* Kbin GraphQL Reference -* [Fediverse Developer Network](https://fedidevs.org/projects/kbin/) - ## Languages * English diff --git a/docker-compose.yml b/docker-compose.yml index f78206b4..8a8af023 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -145,10 +145,10 @@ services: database: image: postgres:${POSTGRES_VERSION:-13}-alpine environment: - POSTGRES_DB: ${POSTGRES_DB:-app} + POSTGRES_DB: ${POSTGRES_DB:-kbin} # You should definitely change the password in production POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-ChangeMe} - POSTGRES_USER: ${POSTGRES_USER:-symfony} + POSTGRES_USER: ${POSTGRES_USER:-kbin} volumes: - db-data:/var/lib/postgresql/data:rw # You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data! diff --git a/docs/admin_guide.md b/docs/admin_guide.md new file mode 100644 index 00000000..d3f76c4d --- /dev/null +++ b/docs/admin_guide.md @@ -0,0 +1,138 @@ +## Admin guide + +Below is a step-by-step description of the process for creating your own instance from the moment a new VPS is created. This is a preliminary outline that will help you launch an instance for your own needs. Please note that kbin is still in the early stages of development and is currently intended for smaller instances. + +If you would like to support the project, you can register using the following [affiliate link](https://hetzner.cloud/?ref=8tSPCw0qqIwl). + +The VPS is running Debian 11. Redis is used for caching, so it is recommended to have at least 2 CPUs (>2.6 GHz) and 4GB of RAM. Filesystem cache can be used too, but it causes significant performance issues under high traffic. + +#### System update + +```bash +$ apt-get update && apt-get upgrade +``` + +#### Firewall + +```bash +// todo +``` + +#### Create user + +```bash +$ adduser kbin +$ usermod -aG sudo kbin +$ su kbin +$ cd ~ +``` + +#### Front tools + +```bash +$ curl -sL https://deb.nodesource.com/setup_16.x | sudo bash - +$ curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null +$ sudo apt-get install -y nodejs +$ echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list +$ sudo apt-get update && sudo apt-get install yarn + +``` + + +#### Clone repo + +```bash +$ sudo apt-get install git +$ git clone https://codeberg.org/Kbin/kbin-core.git kbin +$ cd kbin +$ mkdir public/media +$ sudo chown 82:82 public/media +$ sudo chown 82:82 var +$ cp .env.example .env +$ vi .env # esc + !q + enter to exit +or +$ nano .env +``` + + +Make sure you have substituted all the passwords and configured the basic services. + +### Install with Docker + +The Dockerfile is based on [symfony-docker](https://github.com/dunglas/symfony-docker). + +[https://docs.docker.com/engine/install/debian/](https://docs.docker.com/engine/install/debian/) + +```bash +$ sudo apt-get install ca-certificates curl gnupg +$ sudo install -m 0755 -d /etc/apt/keyrings +$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg +$ sudo chmod a+r /etc/apt/keyrings/docker.gpg +$ echo \ + "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ + "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null +$ sudo apt-get update +$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin +$ sudo apt-get install docker-compose-plugin +$ sudo groupadd docker +$ sudo usermod -aG docker $USER +``` + +#### Run containers + +```bash +$ compose build --pull --no-cache # build fresh images +$ docker compose up # the logs will be displayed in the current shell +$ docker compose down --remove-orphans # stop the Docker containers. +``` + +#### Build front + +The first startup will fail, so while the container is starting, execute the following commands: + +```bash +$ yarn install +$ yarn build +$ docker compose down && docker compose up +``` + +Open [https://app.localhost](https://app.localhost) in your favorite web browser and accept the auto-generated TLS certificate + +#### Production + +```bash +$ docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d --build +``` + +[https://github.com/dunglas/symfony-docker/blob/main/docs/production.md](https://github.com/dunglas/symfony-docker/blob/main/docs/production.md) + +If you want to deploy your app on a cluster of machines, you can use [Docker Swarm](https://docs.docker.com/engine/swarm/stack-deploy/), which is compatible with the provided Compose files. + +#### Configuration + +```bash +# Create new user (without email verification) +$ docker compose exec php bin/console kbin:user:create username email@exmple.com password +# Grant administrator privileges +$ docker compose exec php bin/console kbin:user:admin username +``` + +```bash +docker compose exec php bin/console kbin:ap:keys:update +``` +Next, log in and create a repository named "random" to which unclassified content from the fediverse will flow. + +#### Admin panel + +[https://instance-domain.com/admin/settings](https://instance-domain.com/admin/settings) + +### Install without Docker + +References: + +- [https://symfony.com/doc/current/setup.html](https://symfony.com/doc/current/setup.html) +- [https://symfony.com/doc/current/deployment.html](https://symfony.com/doc/current/deployment.html) +- [https://symfony.com/doc/current/setup/web_server_configuration.html](https://symfony.com/doc/current/setup/web_server_configuration.html) +- [https://symfony.com/doc/current/messenger.html#deploying-to-production](https://symfony.com/doc/current/messenger.html#deploying-to-production) +- [https://codingstories.net/how-to/how-to-install-and-use-mercure/](https://codingstories.net/how-to/how-to-install-and-use-mercure/) \ No newline at end of file