roost.moe / recipes.blue
The recipes.blue monorepo recipes.blue
recipes appview atproto
fork atom

chore: give up on local atproto

hayden.moe 0c05fe2f e27b3baa

verified
+16 -446
unified split
-145
config/dev/atproto/compose.cue
··· 1 - package recipesblue 2 - 3 - version: "3" 4 - 5 - networks: 6 - atproto: 7 - driver: "bridge" 8 - 9 - #pg: { 10 - name: string 11 - embed: { 12 - volumes: "\(name)-pgdata": {} 13 - 14 - services: "\(name)-pg": { 15 - image: "postgres:16" 16 - ports: ["5432"] 17 - environment: { 18 - "POSTGRES_DB": name 19 - "POSTGRES_USER": name 20 - "POSTGRES_PASSWORD": name 21 - } 22 - networks: ["atproto"] 23 - volumes: [ 24 - "\(name)-pgdata:/var/lib/postgresql/data" 25 - ] 26 - healthcheck: { 27 - test: "pg_isready -U \(name)" 28 - interval: "500ms" 29 - timeout: "10s" 30 - retries: 20 31 - } 32 - } 33 - 34 - services: (name): { 35 - depends_on: { 36 - "\(name)-pg": { 37 - condition: "service_healthy" 38 - restart: true 39 - } 40 - } 41 - } 42 - } 43 - } 44 - 45 - (#pg & { name: "plc" }).embed 46 - services: plc: { 47 - image: "ghcr.io/bluesky-social/did-method-plc:plc-c54aea0373e65df0b87f5bc81710007092f539b1" 48 - ports: ["7000:3000"] 49 - restart: "always" 50 - env_file: ["./env/plc.env"] 51 - networks: ["atproto"] 52 - } 53 - 54 - (#pg & { name: "relay"}).embed 55 - services: relay: { 56 - image: "ghcr.io/bluesky-social/indigo:relay-05d91c9bccfe67c0ac981bd17abc03f8954cce4e" 57 - ports: ["7001:3000"] 58 - restart: "always" 59 - env_file: ["./env/relay.env"] 60 - networks: ["atproto"] 61 - volumes: [ 62 - "relay_data:/data", 63 - ] 64 - depends_on: { 65 - plc: condition: "service_started" 66 - } 67 - } 68 - volumes: { 69 - relay_data: {} 70 - } 71 - 72 - services: jetstream: { 73 - image: "ghcr.io/bluesky-social/jetstream:sha-7d7efa58d7f14101a80ccc4f1085953948b7d5de" 74 - ports: ["7002:7002"] 75 - restart: "always" 76 - env_file: ["./env/jetstream.env"] 77 - networks: ["atproto"] 78 - volumes: [ 79 - "jetstream_data:/data", 80 - ] 81 - depends_on: { 82 - plc: condition: "service_started" 83 - relay: condition: "service_started" 84 - } 85 - } 86 - volumes: { 87 - jetstream_data: {} 88 - } 89 - 90 - (#pg & { name: "spicedb"}).embed 91 - services: spicedb_pg_init: { 92 - image: "postgres:16" 93 - restart: "on-failure:3" 94 - command: "psql postgres://spicedb:spicedb@spicedb-pg:5432/spicedb?sslmode=disable -c \"ALTER SYSTEM SET track_commit_timestamp = on;\"" 95 - networks: ["atproto"] 96 - } 97 - services: spicedb_pg_mig: { 98 - image: "authzed/spicedb:latest" 99 - command: "migrate head" 100 - restart: "on-failure" 101 - networks: ["atproto"] 102 - environment: [ 103 - "SPICEDB_DATASTORE_ENGINE=postgres", 104 - "SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:spicedb@spicedb-pg:5432/spicedb?sslmode=disable", 105 - ] 106 - depends_on: spicedb_pg_init: condition: "service_completed_successfully" 107 - } 108 - services: spicedb: { 109 - image: "authzed/spicedb" 110 - command: "serve --http-enabled" 111 - restart: "always" 112 - networks: ["atproto"] 113 - ports: [ 114 - "8080", 115 - "9090", 116 - "50051", 117 - ] 118 - environment: [ 119 - "SPICEDB_GRPC_PRESHARED_KEY=testnet-spicedb", 120 - "SPICEDB_DATASTORE_ENGINE=postgres", 121 - "SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:spicedb@spicedb_pg:5432/spicedb?sslmode=disable", 122 - ] 123 - depends_on: spicedb_pg_mig: condition: "service_completed_successfully" 124 - } 125 - 126 - services: pds: { 127 - image: "ghcr.io/bluesky-social/pds:sha-347a567469edd0ba65ee643d3adeb1119891a9b8" 128 - ports: ["6000:3000"] 129 - restart: "always" 130 - env_file: ["./env/pds.env"] 131 - networks: ["atproto"] 132 - volumes: [ 133 - "pds_data:/app/data", 134 - "pds_blobs:/app/blobs", 135 - ] 136 - depends_on: { 137 - plc: condition: "service_started" 138 - relay: condition: "service_started" 139 - spicedb: condition: "service_started" 140 - } 141 - } 142 - volumes: { 143 - pds_data: {} 144 - pds_blobs: {} 145 - }
-167
config/dev/atproto/compose.yaml
··· 1 - version: "3" 2 - networks: 3 - atproto: 4 - driver: bridge 5 - services: 6 - relay-pg: 7 - image: postgres:16 8 - ports: 9 - - "5432" 10 - environment: 11 - POSTGRES_DB: relay 12 - POSTGRES_USER: relay 13 - POSTGRES_PASSWORD: relay 14 - networks: 15 - - atproto 16 - volumes: 17 - - relay-pgdata:/var/lib/postgresql/data 18 - healthcheck: 19 - test: pg_isready -U relay 20 - interval: 500ms 21 - timeout: 10s 22 - retries: 20 23 - plc: 24 - depends_on: 25 - plc-pg: 26 - condition: service_healthy 27 - restart: true 28 - image: ghcr.io/bluesky-social/did-method-plc:plc-c54aea0373e65df0b87f5bc81710007092f539b1 29 - ports: 30 - - "7000:3000" 31 - restart: always 32 - env_file: 33 - - ./env/plc.env 34 - networks: 35 - - atproto 36 - spicedb-pg: 37 - image: postgres:16 38 - ports: 39 - - "5432" 40 - environment: 41 - POSTGRES_DB: spicedb 42 - POSTGRES_USER: spicedb 43 - POSTGRES_PASSWORD: spicedb 44 - networks: 45 - - atproto 46 - volumes: 47 - - spicedb-pgdata:/var/lib/postgresql/data 48 - healthcheck: 49 - test: pg_isready -U spicedb 50 - interval: 500ms 51 - timeout: 10s 52 - retries: 20 53 - relay: 54 - depends_on: 55 - relay-pg: 56 - condition: service_healthy 57 - restart: true 58 - plc: 59 - condition: service_started 60 - image: ghcr.io/bluesky-social/indigo:relay-05d91c9bccfe67c0ac981bd17abc03f8954cce4e 61 - ports: 62 - - "7001:3000" 63 - restart: always 64 - env_file: 65 - - ./env/relay.env 66 - networks: 67 - - atproto 68 - volumes: 69 - - relay_data:/data 70 - plc-pg: 71 - image: postgres:16 72 - ports: 73 - - "5432" 74 - environment: 75 - POSTGRES_DB: plc 76 - POSTGRES_USER: plc 77 - POSTGRES_PASSWORD: plc 78 - networks: 79 - - atproto 80 - volumes: 81 - - plc-pgdata:/var/lib/postgresql/data 82 - healthcheck: 83 - test: pg_isready -U plc 84 - interval: 500ms 85 - timeout: 10s 86 - retries: 20 87 - spicedb: 88 - depends_on: 89 - spicedb-pg: 90 - condition: service_healthy 91 - restart: true 92 - spicedb_pg_mig: 93 - condition: service_completed_successfully 94 - image: authzed/spicedb 95 - command: serve --http-enabled 96 - restart: always 97 - networks: 98 - - atproto 99 - ports: 100 - - "8080" 101 - - "9090" 102 - - "50051" 103 - environment: 104 - - SPICEDB_GRPC_PRESHARED_KEY=testnet-spicedb 105 - - SPICEDB_DATASTORE_ENGINE=postgres 106 - - SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:spicedb@spicedb_pg:5432/spicedb?sslmode=disable 107 - jetstream: 108 - image: ghcr.io/bluesky-social/jetstream:sha-7d7efa58d7f14101a80ccc4f1085953948b7d5de 109 - ports: 110 - - "7002:7002" 111 - restart: always 112 - env_file: 113 - - ./env/jetstream.env 114 - networks: 115 - - atproto 116 - volumes: 117 - - jetstream_data:/data 118 - depends_on: 119 - plc: 120 - condition: service_started 121 - relay: 122 - condition: service_started 123 - spicedb_pg_init: 124 - image: postgres:16 125 - restart: on-failure:3 126 - command: psql postgres://spicedb:spicedb@spicedb-pg:5432/spicedb?sslmode=disable -c "ALTER SYSTEM SET track_commit_timestamp = on;" 127 - networks: 128 - - atproto 129 - spicedb_pg_mig: 130 - image: authzed/spicedb:latest 131 - command: migrate head 132 - restart: on-failure 133 - networks: 134 - - atproto 135 - environment: 136 - - SPICEDB_DATASTORE_ENGINE=postgres 137 - - SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:spicedb@spicedb-pg:5432/spicedb?sslmode=disable 138 - depends_on: 139 - spicedb_pg_init: 140 - condition: service_completed_successfully 141 - pds: 142 - image: ghcr.io/bluesky-social/pds:sha-347a567469edd0ba65ee643d3adeb1119891a9b8 143 - ports: 144 - - "6000:3000" 145 - restart: always 146 - env_file: 147 - - ./env/pds.env 148 - networks: 149 - - atproto 150 - volumes: 151 - - pds_data:/app/data 152 - - pds_blobs:/app/blobs 153 - depends_on: 154 - plc: 155 - condition: service_started 156 - relay: 157 - condition: service_started 158 - spicedb: 159 - condition: service_started 160 - volumes: 161 - relay-pgdata: {} 162 - spicedb-pgdata: {} 163 - plc-pgdata: {} 164 - relay_data: {} 165 - jetstream_data: {} 166 - pds_data: {} 167 - pds_blobs: {}
-5
config/dev/atproto/env/jetstream.env
··· 1 - # see: https://github.com/bluesky-social/jetstream/blob/main/cmd/jetstream/main.go 2 - 3 - JETSTREAM_DATA_DIR=/data 4 - JETSTREAM_LISTEN_ADDR=:7002 5 - JETSTREAM_LIVENESS_TTL=86400s
-55
config/dev/atproto/env/pds.env
··· 1 - # See more env options in src/config/env.ts 2 - # Hostname - the public domain that you intend to deploy your service at 3 - PDS_HOSTNAME="pds.dev.hayden.moe" 4 - PDS_PORT="3000" 5 - 6 - # Database config - use one or the other 7 - PDS_DATA_DIRECTORY="/app/data" 8 - 9 - # Blobstore - filesystem location to store uploaded blobs 10 - PDS_BLOBSTORE_DISK_LOCATION="/app/blobs" 11 - 12 - # Private keys - these are each expected to be 64 char hex strings (256 bit) 13 - PDS_REPO_SIGNING_KEY_K256_PRIVATE_KEY_HEX="8e187a9a35b6f523c45b7809cbfc50d5fffe139bef7d79818091c04805d35b22b823af8e8cf5ee5541c50b7585c1a8899a9824bf1a41fcfc2b56e64fb85c81b8" 14 - PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="566ad198e537bd4e7dd710ea850bd99a3f42d7489fcb7791b1bc8a4b65a1581b3208104703bc45843682a7d39422be48d68510b482c17232c9ff8b71492b8835" 15 - 16 - # Secrets - update to secure high-entropy strings 17 - PDS_DPOP_SECRET="Z2amAvrUESz1xH8GT3Y+f91zulmA6YKi7I/N/b6ooqw=" 18 - PDS_JWT_SECRET="/qYxrMq3vRWk49WVSBwvzuFX8VvS6QcmMeGOMIOEasc=" 19 - PDS_ADMIN_PASSWORD="t2CbmsPamTkSmFyf39HBeoVcrrqDieFCLL7VcPxfM3I=" 20 - 21 - # Environment - example is for live network 22 - PDS_DID_PLC_URL="https://plc.dev.hayden.moe" 23 - PDS_CRAWLERS="https://relay.dev.hayden.moe" 24 - # PDS_BSKY_APP_VIEW_URL="https://api.bsky.app" 25 - # PDS_BSKY_APP_VIEW_DID="did:web:api.bsky.app" 26 - 27 - # OAuth Provider 28 - PDS_OAUTH_PROVIDER_NAME="Recipes.blue Test PDS" 29 - PDS_OAUTH_PROVIDER_LOGO= 30 - PDS_OAUTH_PROVIDER_PRIMARY_COLOR="#7507e3" 31 - PDS_OAUTH_PROVIDER_ERROR_COLOR= 32 - PDS_OAUTH_PROVIDER_HOME_LINK= 33 - PDS_OAUTH_PROVIDER_TOS_LINK= 34 - PDS_OAUTH_PROVIDER_POLICY_LINK= 35 - PDS_OAUTH_PROVIDER_SUPPORT_LINK= 36 - 37 - # Permission Provider 38 - PDS_SPICEDB_HOST=spicedb:50051 39 - PDS_SPICEDB_TOKEN=CHANGE-ME 40 - PDS_SPICEDB_INSECURE=1 41 - SPICEDB_DATASTORE_ENGINE="postgres" 42 - SPICEDB_DATASTORE_CONN_URI="postgres://spicedb:spicedb@spicedb_pg:5432/spicedb?sslmode=disable" 43 - SPICEDB_POSTGRES_HOST="spicedb_pg" 44 - SPICEDB_POSTGRES_PORT="5432" 45 - SPICEDB_POSTGRES_DB="spicedb" 46 - SPICEDB_POSTGRES_USER="spicedb" 47 - SPICEDB_POSTGRES_PASSWORD="spicedb" 48 - 49 - # Debugging 50 - PDS_DEV_MODE=1 51 - NODE_TLS_REJECT_UNAUTHORIZED=1 52 - LOG_ENABLED=0 53 - LOG_LEVEL=info 54 - PDS_INVITE_REQUIRED=1 55 - PDS_DISABLE_SSRF_PROTECTION=0
-9
config/dev/atproto/env/plc.env
··· 1 - DB_URL=postgres://plc:plc@plc-pg/plc 2 - DB_CREDS_JSON={"url":"postgres://plc:plc@plc-pg/plc"} 3 - DB_MIGRATE_CREDS_JSON={"url":"postgres://plc:plc@plc-pg/plc"} 4 - DB_SCHEMA=public 5 - DEBUG_MODE=1 6 - LOG_ENABLED=true 7 - LOG_LEVEL=debug 8 - ENABLE_MIGRATIONS=true 9 - LOG_DESTINATION=1
-10
config/dev/atproto/env/relay.env
··· 1 - # see: https://github.com/bluesky-social/indigo/blob/main/cmd/relay/main.go 2 - 3 - RELAY_ADMIN_PASSWORD=SpEkZB3OVNKUMWiAZAWfAg== 4 - RELAY_PLC_HOST=https://plc.dev.hayden.moe 5 - DATABASE_URL=postgres://relay:relay@relay_pg:5432/relay?sslmode=disable 6 - RELAY_IP_BIND=:7001 7 - RELAY_PERSIST_DIR=/data 8 - RELAY_DISABLE_REQUEST_CRAWL=1 9 - RELAY_INITIAL_SEQ_NUMBER=1 10 - RELAY_TRUSTED_DOMAINS=
+11 -51
config/dev/caddy/Caddyfile
··· 2 2 storage file_system /data/ 3 3 debug 4 4 pki { 5 - ca hayden { 6 - name "Hayden" 7 - } 8 - } 9 - } 10 - 11 - plc.dev.hayden.moe { 12 - tls { 13 - issuer internal { 14 - ca hayden 15 - } 16 - } 17 - 18 - reverse_proxy http://plc:3000 19 - } 20 - 21 - relay.dev.hayden.moe { 22 - tls { 23 - issuer internal { 24 - ca hayden 25 - } 26 - } 27 - 28 - reverse_proxy http://relay:3000 29 - } 30 - 31 - jetstream.dev.hayden.moe { 32 - tls { 33 - issuer internal { 34 - ca hayden 35 - } 36 - } 37 - 38 - reverse_proxy http://jetstream:3000 39 - } 40 - 41 - pds.dev.hayden.moe, *.pds.dev.hayden.moe { 42 - tls { 43 - issuer internal { 44 - ca hayden 5 + ca recipesblue { 6 + name "Recipes.blue Local Development CA" 45 7 } 46 8 } 47 - 48 - reverse_proxy http://pds:3000 49 9 } 50 10 51 - api.dev.hayden.moe { 11 + api.local.recipes.blue { 52 12 tls { 53 13 issuer internal { 54 - ca hayden 14 + ca recipesblue 55 15 } 56 16 } 57 17 58 18 reverse_proxy http://host.docker.internal:8080 59 19 } 60 20 61 - cookware.dev.hayden.moe { 21 + local.recipes.blue { 62 22 tls { 63 23 issuer internal { 64 - ca hayden 24 + ca recipesblue 65 25 } 66 26 } 67 27 ··· 94 54 } 95 55 } 96 56 97 - acme.dev.hayden.moe { 57 + acme.local.recipes.blue { 98 58 tls { 99 59 issuer internal { 100 - ca hayden 60 + ca recipesblue 101 61 } 102 62 } 103 63 acme_server { 104 - ca hayden 64 + ca recipesblue 105 65 } 106 66 } 107 67 108 - turso.dev.hayden.moe { 68 + turso.local.recipes.blue { 109 69 tls { 110 70 issuer internal { 111 - ca hayden 71 + ca recipesblue 112 72 } 113 73 } 114 74
+1 -3
config/dev/caddy/compose.yaml
··· 1 1 --- 2 - version: '3' 3 - 4 2 volumes: 5 3 caddy_data: {} 6 4 caddy_config: {} ··· 26 24 - "host.docker.internal:host-gateway" 27 25 networks: 28 26 - caddy 29 - - atproto 27 + - recipesblue
+4 -1
docker-compose.yaml
··· 1 1 --- 2 2 include: 3 - - path: config/dev/atproto/compose.yaml 4 3 - path: config/dev/caddy/compose.yaml 5 4 - path: config/dev/libsql/compose.yaml 6 5 6 + networks: 7 + recipesblue: 8 + 7 9 services: 8 10 tunnel: 9 11 image: cloudflare/cloudflared 10 12 restart: unless-stopped 13 + networks: [recipesblue] 11 14 command: tunnel --url http://caddy