smokesignal.events
Code, configuration, and documentation to support network-local development environments
feature: Jetstream configuration
Signed-off-by: Nick Gerakines <nick.gerakines@gmail.com>
+5
-2
README.md
+5
-2
README.md
···
20
20
21
21
3. Configure and start the PDS service. See pds/README.md
22
22
23
-
4. Configure and start the DNS service. See dns/README.md
23
+
4. Configure and start the Jetstream service. See jetstream/README.md
24
24
25
-
5. Configure split-DNS in Tailscale.
25
+
5. Configure and start the DNS service. See dns/README.md
26
+
27
+
6. Configure split-DNS in Tailscale.
26
28
27
29
1. Visit https://tailscale.com/
28
30
2. Go to the Machines tab and get the internal IP address of `didadmin`
···
36
38
37
39
* PLC - https://plc.internal.ts.net
38
40
* PDS - https://pds.internal.ts.net
41
+
* Jetstream - https://jetstream.internal.ts.net
39
42
* DNS - didadmin.internal.ts.net:53
40
43
* didadmin - https://didadmin.internal.ts.net
41
44
* maildev - http://pds.internal.ts.net:1080
+51
jetstream/README.md
+51
jetstream/README.md
···
1
+
# PDS
2
+
3
+
## Configuration
4
+
5
+
This is a fully operational Jetstream and needs appropriate configuration.
6
+
7
+
Copy the `env.example` file to `env` and update the following entry "PLACEHOLDER" values.
8
+
9
+
* `PDS_HOSTNAME` value updated to relflect your internal tailnet
10
+
11
+
Copy `docker-compose.example.yml` to `docker-compose.yml` and make the following changes:
12
+
13
+
* Optional, set the `TS_AUTHKEY` if you are using one.
14
+
15
+
## Jetstream Container
16
+
17
+
You will need a built jetstream container.
18
+
19
+
1. Clone the jetstream project:
20
+
21
+
`git clone https://github.com/bluesky-social/jetstream.git`
22
+
23
+
2. Build and tag the container:
24
+
25
+
`docker build -t jetstream .`
26
+
27
+
## Operation
28
+
29
+
1. Create the configuration file and update it accordingly.
30
+
31
+
2. Bring networking up.
32
+
33
+
`docker compose up tailscale -d`
34
+
35
+
If you are using dynamic machine authentication, you'll need to view the logs and click on the link.
36
+
37
+
`docker compose logs tailscale`
38
+
39
+
3. Generate an SSL certificate for the node. Be sure to change `internal.ts.net` to whatever your Tailnet name is (i.e. `sneaky-fox.ts.net`)
40
+
41
+
`docker compose exec tailscale /bin/sh -c "tailscale cert --cert-file /mnt/tls/cert.pem --key-file /mnt/tls/cert.key jetstream.internal.ts.net"`
42
+
43
+
4. Bring the app and proxy up.
44
+
45
+
`docker compose up -d`
46
+
47
+
## Usage
48
+
49
+
Jetstream will be available at https://jetstream.internal.ts.net/.
50
+
51
+
Test with `websocat wss://jetstream.internal.ts.net/subscribe`
+27
jetstream/docker-compose.example.yml
+27
jetstream/docker-compose.example.yml
···
1
+
version: '3.8'
2
+
name: localdev-jetstream
3
+
volumes:
4
+
jetstream_ts:
5
+
jetstream_tls:
6
+
services:
7
+
jetstream:
8
+
image: jetstream
9
+
restart: unless-stopped
10
+
env_file: "env"
11
+
tailscale:
12
+
image: ghcr.io/tailscale/tailscale:v1.86.2
13
+
restart: unless-stopped
14
+
environment:
15
+
# OPTIONAL - TS_AUTHKEY=YOUR-TS-KEY-GOES-HERE
16
+
- TS_STATE_DIR=/var/run/tailscale
17
+
- TS_HOSTNAME=jetstream
18
+
volumes:
19
+
- jetstream_tls:/mnt/tls
20
+
- jetstream_ts:/var/run/tailscale
21
+
nginx:
22
+
image: nginx
23
+
restart: unless-stopped
24
+
network_mode: service:tailscale
25
+
volumes:
26
+
- ./nginx.conf:/etc/nginx/nginx.conf
27
+
- jetstream_tls:/mnt/tls:ro
+4
jetstream/env.example
+4
jetstream/env.example
+21
jetstream/nginx.conf
+21
jetstream/nginx.conf
···
1
+
events {}
2
+
error_log /dev/stdout info;
3
+
http {
4
+
server {
5
+
access_log /dev/stdout;
6
+
resolver 127.0.0.11 [::1]:5353 valid=15s;
7
+
listen 443 ssl;
8
+
ssl_certificate /mnt/tls/cert.pem;
9
+
ssl_certificate_key /mnt/tls/cert.key;
10
+
location / {
11
+
proxy_pass "http://jetstream:8080";
12
+
proxy_http_version 1.1;
13
+
proxy_set_header Upgrade $http_upgrade;
14
+
proxy_set_header Connection "Upgrade";
15
+
proxy_set_header Host $host;
16
+
proxy_set_header X-Real-IP $remote_addr;
17
+
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
18
+
client_max_body_size 64M;
19
+
}
20
+
}
21
+
}