hailey.at
An atproto PDS written in Go
1# Simplified docker-compose for external reverse proxy
2# Exposes cocoon on 127.0.0.1:8080 by default
3#
4# Usage:
5# docker-compose -f docker-compose.noproxy.yaml up -d
6#
7
8version: '3.8'
9
10services:
11 init-keys:
12 build:
13 context: .
14 dockerfile: Dockerfile
15 image: ghcr.io/haileyok/cocoon:latest
16 container_name: cocoon-init-keys
17 volumes:
18 - ./keys:/keys
19 - ./data:/data/cocoon
20 - ./init-keys.sh:/init-keys.sh:ro
21 environment:
22 COCOON_DID: ${COCOON_DID}
23 COCOON_HOSTNAME: ${COCOON_HOSTNAME}
24 COCOON_ROTATION_KEY_PATH: /keys/rotation.key
25 COCOON_JWK_PATH: /keys/jwk.key
26 COCOON_CONTACT_EMAIL: ${COCOON_CONTACT_EMAIL}
27 COCOON_RELAYS: ${COCOON_RELAYS:-https://bsky.network}
28 COCOON_ADMIN_PASSWORD: ${COCOON_ADMIN_PASSWORD}
29 entrypoint: ["/bin/sh", "/init-keys.sh"]
30 restart: "no"
31
32 cocoon:
33 build:
34 context: .
35 dockerfile: Dockerfile
36 image: ghcr.io/haileyok/cocoon:latest
37 container_name: cocoon-pds
38 depends_on:
39 init-keys:
40 condition: service_completed_successfully
41 ports:
42 - "127.0.0.1:8080:8080"
43 volumes:
44 - ./data:/data/cocoon
45 - ./keys/rotation.key:/keys/rotation.key:ro
46 - ./keys/jwk.key:/keys/jwk.key:ro
47 environment:
48 # Required settings
49 COCOON_DID: ${COCOON_DID}
50 COCOON_HOSTNAME: ${COCOON_HOSTNAME}
51 COCOON_ROTATION_KEY_PATH: /keys/rotation.key
52 COCOON_JWK_PATH: /keys/jwk.key
53 COCOON_CONTACT_EMAIL: ${COCOON_CONTACT_EMAIL}
54 COCOON_RELAYS: ${COCOON_RELAYS:-https://bsky.network}
55 COCOON_ADMIN_PASSWORD: ${COCOON_ADMIN_PASSWORD}
56 COCOON_SESSION_SECRET: ${COCOON_SESSION_SECRET}
57
58 # Server configuration
59 COCOON_ADDR: ":8080"
60 COCOON_DB_TYPE: ${COCOON_DB_TYPE:-sqlite}
61 COCOON_DB_NAME: ${COCOON_DB_NAME:-/data/cocoon/cocoon.db}
62 COCOON_DATABASE_URL: ${COCOON_DATABASE_URL:-}
63 COCOON_BLOCKSTORE_VARIANT: ${COCOON_BLOCKSTORE_VARIANT:-sqlite}
64
65 # Optional: SMTP settings for email
66 COCOON_SMTP_USER: ${COCOON_SMTP_USER:-}
67 COCOON_SMTP_PASS: ${COCOON_SMTP_PASS:-}
68 COCOON_SMTP_HOST: ${COCOON_SMTP_HOST:-}
69 COCOON_SMTP_PORT: ${COCOON_SMTP_PORT:-}
70 COCOON_SMTP_EMAIL: ${COCOON_SMTP_EMAIL:-}
71 COCOON_SMTP_NAME: ${COCOON_SMTP_NAME:-}
72
73 # Optional: S3 configuration
74 COCOON_S3_BACKUPS_ENABLED: ${COCOON_S3_BACKUPS_ENABLED:-false}
75 COCOON_S3_BLOBSTORE_ENABLED: ${COCOON_S3_BLOBSTORE_ENABLED:-false}
76 COCOON_S3_REGION: ${COCOON_S3_REGION:-}
77 COCOON_S3_BUCKET: ${COCOON_S3_BUCKET:-}
78 COCOON_S3_ENDPOINT: ${COCOON_S3_ENDPOINT:-}
79 COCOON_S3_ACCESS_KEY: ${COCOON_S3_ACCESS_KEY:-}
80 COCOON_S3_SECRET_KEY: ${COCOON_S3_SECRET_KEY:-}
81 COCOON_S3_CDN_URL: ${COCOON_S3_CDN_URL:-}
82
83 # Optional: Fallback proxy
84 COCOON_FALLBACK_PROXY: ${COCOON_FALLBACK_PROXY:-}
85 restart: unless-stopped
86 healthcheck:
87 test: ["CMD", "curl", "-f", "http://localhost:8080/xrpc/_health"]
88 interval: 30s
89 timeout: 10s
90 retries: 3
91 start_period: 40s
92
93 create-invite:
94 build:
95 context: .
96 dockerfile: Dockerfile
97 image: ghcr.io/haileyok/cocoon:latest
98 container_name: cocoon-create-invite
99 network_mode: "service:cocoon"
100 volumes:
101 - ./keys:/keys
102 - ./data:/data/cocoon
103 - ./create-initial-invite.sh:/create-initial-invite.sh:ro
104 environment:
105 COCOON_DID: ${COCOON_DID}
106 COCOON_HOSTNAME: ${COCOON_HOSTNAME}
107 COCOON_ROTATION_KEY_PATH: /keys/rotation.key
108 COCOON_JWK_PATH: /keys/jwk.key
109 COCOON_CONTACT_EMAIL: ${COCOON_CONTACT_EMAIL}
110 COCOON_RELAYS: ${COCOON_RELAYS:-https://bsky.network}
111 COCOON_ADMIN_PASSWORD: ${COCOON_ADMIN_PASSWORD}
112 COCOON_DB_TYPE: ${COCOON_DB_TYPE:-sqlite}
113 COCOON_DB_NAME: ${COCOON_DB_NAME:-/data/cocoon/cocoon.db}
114 COCOON_DATABASE_URL: ${COCOON_DATABASE_URL:-}
115 depends_on:
116 cocoon:
117 condition: service_healthy
118 entrypoint: ["/bin/sh", "/create-initial-invite.sh"]
119 restart: "no"
120
121volumes:
122 data:
123 driver: local