julien.rbrt.fr
forked from
hailey.at/cocoon
Vow, uncensorable PDS written in Go
1services:
2 init-keys:
3 build:
4 context: .
5 dockerfile: Dockerfile
6 container_name: vow-init-keys
7 volumes:
8 - ./keys:/keys
9 - ./data:/data/vow
10 - ./init-keys.sh:/init-keys.sh:ro
11 environment:
12 VOW_DID: ${VOW_DID}
13 VOW_HOSTNAME: ${VOW_HOSTNAME}
14 VOW_ROTATION_KEY_PATH: /keys/rotation.key
15 VOW_JWK_PATH: /keys/jwk.key
16 VOW_CONTACT_EMAIL: ${VOW_CONTACT_EMAIL}
17 VOW_RELAYS: ${VOW_RELAYS:-https://bsky.network}
18 VOW_ADMIN_PASSWORD: ${VOW_ADMIN_PASSWORD}
19 entrypoint: ["/bin/sh", "/init-keys.sh"]
20 restart: "no"
21
22 ipfs:
23 image: ipfs/kubo:latest
24 container_name: vow-ipfs
25 volumes:
26 - ipfs_data:/data/ipfs
27 environment:
28 # Disable local network discovery.
29 IPFS_PROFILE: server
30 ports:
31 # Expose the IPFS gateway to the reverse proxy only.
32 - "127.0.0.1:8081:8080"
33 # Keep the RPC API internal.
34 restart: unless-stopped
35 healthcheck:
36 test: ["CMD", "ipfs", "id"]
37 interval: 30s
38 timeout: 10s
39 retries: 5
40 start_period: 15s
41
42 vow:
43 build:
44 context: .
45 dockerfile: Dockerfile
46 container_name: vow-pds
47 depends_on:
48 init-keys:
49 condition: service_completed_successfully
50 ipfs:
51 condition: service_healthy
52 ports:
53 - "127.0.0.1:8080:8080"
54 volumes:
55 - ./data:/data/vow
56 - ./keys:/keys:ro
57 environment:
58 # Required
59 VOW_DID: ${VOW_DID}
60 VOW_HOSTNAME: ${VOW_HOSTNAME}
61 VOW_ROTATION_KEY_PATH: /keys/rotation.key
62 VOW_JWK_PATH: /keys/jwk.key
63 VOW_CONTACT_EMAIL: ${VOW_CONTACT_EMAIL}
64 VOW_RELAYS: ${VOW_RELAYS:-https://bsky.network}
65 VOW_ADMIN_PASSWORD: ${VOW_ADMIN_PASSWORD}
66 VOW_SESSION_SECRET: ${VOW_SESSION_SECRET}
67
68 # Server
69 VOW_ADDR: ":8080"
70 VOW_DB_NAME: ${VOW_DB_NAME:-/data/vow/vow.db}
71
72 # SMTP (optional)
73 VOW_SMTP_USER: ${VOW_SMTP_USER:-}
74 VOW_SMTP_PASS: ${VOW_SMTP_PASS:-}
75 VOW_SMTP_HOST: ${VOW_SMTP_HOST:-}
76 VOW_SMTP_PORT: ${VOW_SMTP_PORT:-}
77 VOW_SMTP_EMAIL: ${VOW_SMTP_EMAIL:-}
78 VOW_SMTP_NAME: ${VOW_SMTP_NAME:-}
79
80 # IPFS
81 # Use the internal ipfs service for the RPC API.
82 VOW_IPFS_NODE_URL: ${VOW_IPFS_NODE_URL:-http://ipfs:5001}
83 # Optional public gateway for sync.getBlob redirects.
84 VOW_IPFS_GATEWAY_URL: ${VOW_IPFS_GATEWAY_URL:-}
85 # Optional fallback for proxied ATProto requests.
86 # Format: did#service-id, for example did:plc:xxx#atproto_labeler
87 VOW_FALLBACK_PROXY: ${VOW_FALLBACK_PROXY:-}
88 restart: unless-stopped
89 healthcheck:
90 test: ["CMD", "curl", "-f", "http://localhost:8080/xrpc/_health"]
91 interval: 30s
92 timeout: 10s
93 retries: 3
94 start_period: 40s
95
96 create-invite:
97 build:
98 context: .
99 dockerfile: Dockerfile
100 container_name: vow-create-invite
101 network_mode: "service:vow"
102 volumes:
103 - ./keys:/keys
104 - ./data:/data/vow
105 - ./create-initial-invite.sh:/create-initial-invite.sh:ro
106 environment:
107 VOW_DID: ${VOW_DID}
108 VOW_HOSTNAME: ${VOW_HOSTNAME}
109 VOW_ROTATION_KEY_PATH: /keys/rotation.key
110 VOW_JWK_PATH: /keys/jwk.key
111 VOW_CONTACT_EMAIL: ${VOW_CONTACT_EMAIL}
112 VOW_RELAYS: ${VOW_RELAYS:-https://bsky.network}
113 VOW_ADMIN_PASSWORD: ${VOW_ADMIN_PASSWORD}
114 VOW_DB_NAME: ${VOW_DB_NAME:-/data/vow/vow.db}
115 depends_on:
116 vow:
117 condition: service_healthy
118 entrypoint: ["/bin/sh", "/create-initial-invite.sh"]
119 restart: "no"
120
121volumes:
122 ipfs_data:
123 driver: local