Add Docker Compose setup for PDS
This commit is contained in:
primal
@@ -0,0 +1,5 @@
|
|||||||
|
# Secrets
|
||||||
|
pds.env
|
||||||
|
|
||||||
|
# Data directory
|
||||||
|
data/
|
||||||
@@ -0,0 +1,42 @@
|
|||||||
|
services:
|
||||||
|
pds-1440-news:
|
||||||
|
image: ghcr.io/bluesky-social/pds:0.4
|
||||||
|
container_name: pds-1440-news
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ./data:/pds
|
||||||
|
env_file:
|
||||||
|
- pds.env
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
# PDS API endpoint: pds.1440.news
|
||||||
|
- "traefik.http.routers.pds-1440-news.rule=Host(`pds.1440.news`)"
|
||||||
|
- "traefik.http.routers.pds-1440-news.entrypoints=https"
|
||||||
|
- "traefik.http.routers.pds-1440-news.tls.certresolver=letsencrypt"
|
||||||
|
# Wildcard for account handles: *.1440.news
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles.entrypoints=https"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles.tls.certresolver=letsencrypt"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles.priority=1"
|
||||||
|
# HTTP to HTTPS redirect
|
||||||
|
- "traefik.http.routers.pds-1440-news-redirect.rule=Host(`pds.1440.news`)"
|
||||||
|
- "traefik.http.routers.pds-1440-news-redirect.entrypoints=http"
|
||||||
|
- "traefik.http.routers.pds-1440-news-redirect.middlewares=https-redirect"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles-redirect.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles-redirect.entrypoints=http"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles-redirect.middlewares=https-redirect"
|
||||||
|
- "traefik.http.routers.pds-1440-news-handles-redirect.priority=1"
|
||||||
|
# Shared middleware
|
||||||
|
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
|
||||||
|
- "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
|
||||||
|
# Service port
|
||||||
|
- "traefik.http.services.pds-1440-news.loadbalancer.server.port=3000"
|
||||||
|
# Local development
|
||||||
|
- "traefik.http.routers.pds-1440-news-local.rule=Host(`pds.1440.localhost`)"
|
||||||
|
- "traefik.http.routers.pds-1440-news-local.entrypoints=http"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
proxy:
|
||||||
|
external: true
|
||||||
Executable
+6
@@ -0,0 +1,6 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Generate secrets for PDS configuration
|
||||||
|
|
||||||
|
echo "PDS_JWT_SECRET=$(openssl rand -hex 32)"
|
||||||
|
echo "PDS_ADMIN_PASSWORD=$(openssl rand -base64 24)"
|
||||||
|
echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl rand -hex 32)"
|
||||||
@@ -0,0 +1,29 @@
|
|||||||
|
# PDS Configuration for 1440.news
|
||||||
|
# Copy to pds.env and fill in values
|
||||||
|
|
||||||
|
# Core (required)
|
||||||
|
PDS_HOSTNAME=pds.1440.news
|
||||||
|
PDS_JWT_SECRET=
|
||||||
|
PDS_ADMIN_PASSWORD=
|
||||||
|
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=
|
||||||
|
|
||||||
|
# Storage
|
||||||
|
PDS_DATA_DIRECTORY=/pds
|
||||||
|
PDS_BLOBSTORE_DISK_LOCATION=/pds/blocks
|
||||||
|
PDS_BLOB_UPLOAD_LIMIT=5242880
|
||||||
|
|
||||||
|
# AT Protocol Network
|
||||||
|
PDS_DID_PLC_URL=https://plc.directory
|
||||||
|
PDS_BSKY_APP_VIEW_URL=https://api.bsky.app
|
||||||
|
PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app
|
||||||
|
PDS_REPORT_SERVICE_URL=https://mod.bsky.app
|
||||||
|
PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac
|
||||||
|
PDS_CRAWLERS=https://bsky.network
|
||||||
|
|
||||||
|
# Email (optional but recommended)
|
||||||
|
# PDS_EMAIL_SMTP_URL=smtps://user:pass@smtp.example.com:465
|
||||||
|
# PDS_EMAIL_FROM_ADDRESS=noreply@1440.news
|
||||||
|
|
||||||
|
# Optional
|
||||||
|
# PDS_PRIVACY_POLICY_URL=https://1440.news/privacy
|
||||||
|
LOG_LEVEL=info
|
||||||
Reference in New Issue
Block a user